Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/LKfhxjZYnzMqka5T_TfLGYYfgQ8.roa
File: LKfhxjZYnzMqka5T_TfLGYYfgQ8.roa (raw, json)
Hash identifier: ctRMvEslXeEjQmSyirfl9PSvttBnd0urVs/tA189mnk=
Subject key identifier: 2C:A7:E1:C6:36:58:9F:33:2A:91:AE:53:FD:37:CB:19:86:1F:81:0F
Certificate issuer: /CN=02c2c187d98b4603804ed1165adb4509b630a83a
Certificate serial: 01921F3FD027DDB596BEA994F22736C6800C
Authority key identifier: 02:C2:C1:87:D9:8B:46:03:80:4E:D1:16:5A:DB:45:09:B6:30:A8:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsLBh9mLRgOATtEWWttFCbYwqDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/LKfhxjZYnzMqka5T_TfLGYYfgQ8.roa
Signing time: Mon 23 Sep 2024 14:18:48 +0000
ROA not before: Mon 23 Sep 2024 14:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45047
IP address blocks: 93.188.216.0/21 maxlen: 21
93.188.217.0/24 maxlen: 24
93.188.218.0/24 maxlen: 24
2a12:9dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/AsLBh9mLRgOATtEWWttFCbYwqDo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/AsLBh9mLRgOATtEWWttFCbYwqDo.mft
rsync://rpki.ripe.net/repository/DEFAULT/AsLBh9mLRgOATtEWWttFCbYwqDo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1f:3f:d0:27:dd:b5:96:be:a9:94:f2:27:36:c6:80:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02c2c187d98b4603804ed1165adb4509b630a83a
Validity
Not Before: Sep 23 14:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ca7e1c636589f332a91ae53fd37cb19861f810f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:27:53:e9:f2:b4:c7:05:46:8b:a6:8c:bf:3a:
73:90:f2:bf:f9:dc:45:33:eb:f1:63:10:29:06:ae:
ef:07:39:b8:15:87:72:15:a1:de:99:4a:6d:a9:c4:
8e:c2:7c:d6:49:3b:a2:bb:50:44:87:76:e5:89:96:
8f:ec:e9:56:6f:47:f9:6d:c1:0e:cb:fc:9d:22:4c:
f9:51:58:b3:5b:26:42:76:58:f0:26:a6:74:cc:98:
67:f5:f5:b4:d9:4c:e2:da:02:56:c4:e1:0e:cf:19:
28:62:b4:29:6e:ea:9d:51:0b:38:94:4b:98:54:f0:
5d:1c:1b:80:76:ad:d3:45:bf:90:4d:10:7b:ee:d9:
c6:5c:40:94:43:32:52:d8:f5:c7:58:cb:38:23:9e:
ac:9f:d7:c8:bb:a5:48:c9:f2:89:84:d7:69:b2:87:
66:59:bd:95:8f:7b:a4:14:02:0f:24:11:79:3a:00:
0a:e8:ad:98:74:01:c6:f0:d5:87:a9:33:e5:98:8a:
0b:4e:30:41:64:10:c4:14:d3:2b:36:f7:07:4f:60:
03:5e:e5:ad:ce:8a:42:f0:65:bd:3b:21:bb:50:ab:
79:8f:ec:d3:2a:d8:5d:cd:f1:af:2b:5a:2f:d7:d5:
a4:50:29:cf:50:c3:f3:12:b1:fe:c9:c1:ef:43:a1:
dd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A7:E1:C6:36:58:9F:33:2A:91:AE:53:FD:37:CB:19:86:1F:81:0F
X509v3 Authority Key Identifier:
keyid:02:C2:C1:87:D9:8B:46:03:80:4E:D1:16:5A:DB:45:09:B6:30:A8:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsLBh9mLRgOATtEWWttFCbYwqDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/LKfhxjZYnzMqka5T_TfLGYYfgQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/AsLBh9mLRgOATtEWWttFCbYwqDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.216.0/21
IPv6:
2a12:9dc0::/29
Signature Algorithm: sha256WithRSAEncryption
33:f0:c0:4e:f8:7d:88:99:bf:2f:88:81:f9:93:8b:70:e0:d1:
93:ab:7a:0d:8b:f8:c5:56:90:dc:4d:7c:06:33:35:c6:99:b4:
29:37:b2:e0:d8:9e:ee:78:08:69:7e:b7:4e:17:8f:f7:05:81:
86:67:11:90:d1:1e:0a:49:a0:bc:84:6c:43:47:ec:d5:8a:5e:
86:c4:97:e3:e1:2b:13:81:31:7b:16:53:ef:f6:47:a6:7c:bd:
4d:2c:31:49:30:72:eb:07:83:fc:15:ec:00:02:3a:fa:64:9b:
ac:de:40:63:c2:01:3b:f2:f0:56:71:00:9c:59:8f:a8:24:36:
49:8a:58:6a:35:aa:97:ae:63:45:0a:31:a9:1b:97:c1:b7:d4:
6f:53:22:af:e6:28:da:9b:8c:03:02:19:d8:05:69:d2:8e:af:
bc:63:b6:7e:39:66:be:f9:0f:7a:d8:d5:b1:5f:e6:68:53:2e:
d4:9e:7c:f3:06:96:ef:13:0d:07:c3:65:60:5c:f5:31:29:2c:
bf:6e:d0:8a:e5:c3:28:bf:b7:c1:3d:a0:bf:6f:e2:66:ea:5a:
dd:aa:34:99:eb:39:72:b3:e6:fd:cb:48:14:38:c7:ff:77:00:
fd:22:7c:06:22:5c:d4:12:89:7e:37:4f:d9:66:bd:a7:17:13:
89:79:c6:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIfP9An3bWWvqmU8ic2xoAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzJjMTg3ZDk4YjQ2MDM4MDRlZDExNjVhZGI0NTA5YjYz
MGE4M2EwHhcNMjQwOTIzMTQxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2E3ZTFjNjM2NTg5ZjMzMmE5MWFlNTNmZDM3Y2IxOTg2MWY4MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ydT6fK0xwVGi6aMvzpzkPK/+dxF
M+vxYxApBq7vBzm4FYdyFaHemUptqcSOwnzWSTuiu1BEh3bliZaP7OlWb0f5bcEO
y/ydIkz5UVizWyZCdljwJqZ0zJhn9fW02Uzi2gJWxOEOzxkoYrQpbuqdUQs4lEuY
VPBdHBuAdq3TRb+QTRB77tnGXECUQzJS2PXHWMs4I56sn9fIu6VIyfKJhNdpsodm
Wb2Vj3ukFAIPJBF5OgAK6K2YdAHG8NWHqTPlmIoLTjBBZBDEFNMrNvcHT2ADXuWt
zopC8GW9OyG7UKt5j+zTKthdzfGvK1ov19WkUCnPUMPzErH+ycHvQ6HdsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCyn4cY2WJ8zKpGuU/03yxmGH4EPMB8GA1UdIwQY
MBaAFALCwYfZi0YDgE7RFlrbRQm2MKg6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNMQmg5bUxSZ09BVHRFV1d0dEZDYll3cURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83MjllYTQtNmE2OC00ODM4LThmZWMt
N2ZlYjE4YjlmNTUyLzEvTEtmaHhqWlluek1xa2E1VF9UZkxHWVlmZ1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83MjllYTQtNmE2OC00ODM4LThmZWMtN2ZlYjE4YjlmNTUy
LzEvQXNMQmg5bUxSZ09BVHRFV1d0dEZDYll3cURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXbzYMA0E
AgACMAcDBQMqEp3AMA0GCSqGSIb3DQEBCwUAA4IBAQAz8MBO+H2Imb8viIH5k4tw
4NGTq3oNi/jFVpDcTXwGMzXGmbQpN7Lg2J7ueAhpfrdOF4/3BYGGZxGQ0R4KSaC8
hGxDR+zVil6GxJfj4SsTgTF7FlPv9kemfL1NLDFJMHLrB4P8FewAAjr6ZJus3kBj
wgE78vBWcQCcWY+oJDZJilhqNaqXrmNFCjGpG5fBt9RvUyKv5ijam4wDAhnYBWnS
jq+8Y7Z+OWa++Q962NWxX+ZoUy7UnnzzBpbvEw0Hw2VgXPUxKSy/btCK5cMov7fB
PaC/b+Jm6lrdqjSZ6zlys+b9y0gUOMf/dwD9InwGIlzUEol+N0/ZZr2nFxOJecY6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:44 2024 by rpki-client on console-ams.rpki-client.org