Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/LSHHauA-xQpceDJ30zXjMJrgKp4.roa
File: LSHHauA-xQpceDJ30zXjMJrgKp4.roa (raw, json)
Hash identifier: vtpkS61FNhLHDZ6uz55yxYgc+L8m06CqyLgIh9YRnJ8=
Subject key identifier: 2D:21:C7:6A:E0:3E:C5:0A:5C:78:32:77:D3:35:E3:30:9A:E0:2A:9E
Certificate issuer: /CN=79646b38c3d87d33145b634b4e1dcc2145f6416c
Certificate serial: 018CC6B788C87861056EE175061F49F5CB43
Authority key identifier: 79:64:6B:38:C3:D8:7D:33:14:5B:63:4B:4E:1D:CC:21:45:F6:41:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eWRrOMPYfTMUW2NLTh3MIUX2QWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/LSHHauA-xQpceDJ30zXjMJrgKp4.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48424
IP address blocks: 77.32.240.0/24 maxlen: 24
77.32.244.0/24 maxlen: 24
77.32.246.0/24 maxlen: 24
77.32.245.0/24 maxlen: 24
77.32.242.0/24 maxlen: 24
185.48.178.0/24 maxlen: 24
185.48.177.0/24 maxlen: 24
185.48.179.0/24 maxlen: 24
185.48.176.0/24 maxlen: 24
188.164.240.0/24 maxlen: 24
188.164.246.0/24 maxlen: 24
188.164.245.0/24 maxlen: 24
188.164.243.0/24 maxlen: 24
188.164.242.0/24 maxlen: 24
188.164.244.0/24 maxlen: 24
188.164.241.0/24 maxlen: 24
188.164.247.0/24 maxlen: 24
95.182.29.0/24 maxlen: 24
95.182.31.0/24 maxlen: 24
95.182.25.0/24 maxlen: 24
95.182.28.0/24 maxlen: 24
95.182.27.0/24 maxlen: 24
91.210.240.0/24 maxlen: 24
188.95.24.0/24 maxlen: 24
188.95.27.0/24 maxlen: 24
188.95.29.0/24 maxlen: 24
188.95.28.0/24 maxlen: 24
188.95.26.0/24 maxlen: 24
188.95.25.0/24 maxlen: 24
188.95.31.0/24 maxlen: 24
188.95.30.0/24 maxlen: 24
91.210.242.0/24 maxlen: 24
91.210.241.0/24 maxlen: 24
91.210.243.0/24 maxlen: 24
2a02:5ac0::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/eWRrOMPYfTMUW2NLTh3MIUX2QWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/eWRrOMPYfTMUW2NLTh3MIUX2QWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/eWRrOMPYfTMUW2NLTh3MIUX2QWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:88:c8:78:61:05:6e:e1:75:06:1f:49:f5:cb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79646b38c3d87d33145b634b4e1dcc2145f6416c
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d21c76ae03ec50a5c783277d335e3309ae02a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:23:ca:b1:92:c2:32:55:ba:c9:42:19:b4:c1:
68:c4:45:b6:c0:38:6d:29:77:79:e6:05:49:68:4d:
4d:bc:09:b2:d7:13:46:33:77:0b:1a:d6:aa:5c:bc:
cc:e5:2e:ed:42:fa:a5:13:36:28:a6:67:73:80:db:
a3:9b:42:3d:c6:35:02:ab:aa:2b:5c:63:fe:7e:20:
a4:7e:55:b9:5f:e1:9b:5f:02:2a:30:17:64:53:82:
96:fd:28:16:d7:0e:00:ba:75:7f:c5:4c:e7:48:3d:
16:50:89:b1:dc:a0:0a:db:3d:d8:41:04:99:b4:17:
5e:00:b7:23:f9:af:cd:3a:0c:a2:41:ed:96:6d:42:
4e:2b:70:7f:df:0c:f5:9a:9a:1d:65:a6:13:55:70:
53:f2:e8:a7:9e:1f:5a:ad:83:08:05:14:1c:09:c2:
f5:be:f8:b7:44:00:f8:bf:d7:74:b5:63:fe:a4:01:
8e:9b:30:21:bb:f2:f3:41:a5:3f:99:28:45:88:f2:
1a:29:28:02:55:aa:47:b2:90:8c:eb:2f:49:d5:fb:
66:ed:1e:ed:8d:d7:bf:2f:b7:3e:8d:4a:83:4a:f4:
08:60:ed:38:68:9d:f5:46:5f:f3:68:72:85:d5:8e:
55:a7:99:3e:ed:c4:74:1d:56:ae:79:56:e9:da:97:
5d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:21:C7:6A:E0:3E:C5:0A:5C:78:32:77:D3:35:E3:30:9A:E0:2A:9E
X509v3 Authority Key Identifier:
keyid:79:64:6B:38:C3:D8:7D:33:14:5B:63:4B:4E:1D:CC:21:45:F6:41:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eWRrOMPYfTMUW2NLTh3MIUX2QWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/LSHHauA-xQpceDJ30zXjMJrgKp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/eWRrOMPYfTMUW2NLTh3MIUX2QWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.240.0/24
77.32.242.0/24
77.32.244.0-77.32.246.255
91.210.240.0/22
95.182.25.0/24
95.182.27.0-95.182.29.255
95.182.31.0/24
185.48.176.0/22
188.95.24.0/21
188.164.240.0/21
IPv6:
2a02:5ac0::/33
Signature Algorithm: sha256WithRSAEncryption
1f:02:13:56:0a:e0:1b:8d:5e:65:2b:74:eb:09:de:a8:52:c1:
43:91:91:54:67:d8:c8:d7:1f:8a:72:dc:82:ab:0b:ba:72:5a:
33:18:c4:4b:5d:6c:dd:54:a8:7d:39:5c:16:14:97:c9:9d:9f:
39:98:c8:4f:ca:0a:e4:4b:bb:3a:54:4c:83:c2:45:29:bd:d4:
02:0e:f8:53:16:43:b2:36:10:c4:2d:df:58:60:bc:97:95:f3:
df:ea:8d:b7:a1:78:4c:40:26:c4:71:52:a2:07:65:9d:4d:83:
85:ee:e8:79:b0:3e:0e:ab:29:94:a3:91:01:30:57:e5:e0:d5:
1e:55:cb:67:81:01:ad:0c:e3:ef:30:8a:52:3f:a0:35:16:7f:
4d:84:8c:97:03:90:72:dd:5a:af:aa:52:99:2e:3b:b5:f1:38:
58:2c:5a:3e:6f:32:65:5f:4b:cb:c7:17:a8:19:4e:24:12:6c:
b5:0c:15:15:53:a7:d5:28:2e:ea:26:bb:7f:8b:43:8c:79:26:
34:71:22:57:ac:85:29:0b:af:6c:f5:1c:40:75:70:e8:0f:bf:
02:82:99:1e:e4:3e:de:1c:63:23:3b:fa:7a:1c:12:fa:86:ab:
66:87:6d:60:fa:3a:5d:fc:2c:a2:d3:f3:14:fa:a2:75:db:a4:
73:46:cb:0a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzGt4jIeGEFbuF1Bh9J9ctDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NjQ2YjM4YzNkODdkMzMxNDViNjM0YjRlMWRjYzIxNDVm
NjQxNmMwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIxYzc2YWUwM2VjNTBhNWM3ODMyNzdkMzM1ZTMzMDlhZTAyYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SPKsZLCMlW6yUIZtMFoxEW2wDht
KXd55gVJaE1NvAmy1xNGM3cLGtaqXLzM5S7tQvqlEzYopmdzgNujm0I9xjUCq6or
XGP+fiCkflW5X+GbXwIqMBdkU4KW/SgW1w4AunV/xUznSD0WUImx3KAK2z3YQQSZ
tBdeALcj+a/NOgyiQe2WbUJOK3B/3wz1mpodZaYTVXBT8uinnh9arYMIBRQcCcL1
vvi3RAD4v9d0tWP+pAGOmzAhu/LzQaU/mShFiPIaKSgCVapHspCM6y9J1ftm7R7t
jde/L7c+jUqDSvQIYO04aJ31Rl/zaHKF1Y5Vp5k+7cR0HVaueVbp2pddjQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFC0hx2rgPsUKXHgyd9M14zCa4CqeMB8GA1UdIwQY
MBaAFHlkazjD2H0zFFtjS04dzCFF9kFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVdSck9NUFlmVE1VVzJOTFRoM01JVVgyUVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iMzc4ZTAtY2Y5OS00MWIxLWEzOGEt
ZTEzNmM5ODliZTMzLzEvTFNISGF1QS14UXBjZURKMzB6WGpNSnJnS3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iMzc4ZTAtY2Y5OS00MWIxLWEzOGEtZTEzNmM5ODliZTMz
LzEvZVdSck9NUFlmVE1VVzJOTFRoM01JVVgyUVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBSBAIAATBMAwQATSDwAwQA
TSDyMAwDBAJNIPQDBABNIPYDBAJb0vADBABfthkwDAMEAF+2GwMEAV+2HAMEAF+2
HwMEArkwsAMEA7xfGAMEA7yk8DAOBAIAAjAIAwYHKgJawAAwDQYJKoZIhvcNAQEL
BQADggEBAB8CE1YK4BuNXmUrdOsJ3qhSwUORkVRn2MjXH4py3IKrC7pyWjMYxEtd
bN1UqH05XBYUl8mdnzmYyE/KCuRLuzpUTIPCRSm91AIO+FMWQ7I2EMQt31hgvJeV
89/qjbeheExAJsRxUqIHZZ1Ng4Xu6HmwPg6rKZSjkQEwV+Xg1R5Vy2eBAa0M4+8w
ilI/oDUWf02EjJcDkHLdWq+qUpkuO7XxOFgsWj5vMmVfS8vHF6gZTiQSbLUMFRVT
p9UoLuomu3+LQ4x5JjRxIleshSkLr2z1HEB1cOgPvwKCmR7kPt4cYyM7+nocEvqG
q2aHbWD6Ol38LKLT8xT6onXbpHNGywo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:29 2024 by rpki-client on console-ams.rpki-client.org