Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/LGI_BMqz48rF1CAQFBrnzf381U0.roa
File: LGI_BMqz48rF1CAQFBrnzf381U0.roa (raw, json)
Hash identifier: eJvU6iSIuiB2ZVQ2ar/OXbcHw5p8L+QuWzmrOM6M7qg=
Subject key identifier: 2C:62:3F:04:CA:B3:E3:CA:C5:D4:20:10:14:1A:E7:CD:FD:FC:D5:4D
Certificate issuer: /CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c
Certificate serial: 01942143D5BD36FC7C1EE5E338F780D00C02
Authority key identifier: 82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/LGI_BMqz48rF1CAQFBrnzf381U0.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212686
IP address blocks: 185.206.8.0/24 maxlen: 24
185.206.9.0/24 maxlen: 24
185.206.10.0/24 maxlen: 24
185.206.11.0/24 maxlen: 24
2a12:ff80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d5:bd:36:fc:7c:1e:e5:e3:38:f7:80:d0:0c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c623f04cab3e3cac5d42010141ae7cdfdfcd54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:65:8a:d9:22:8b:1e:d3:f2:5b:ac:5b:ee:4f:
c7:a8:8b:53:6a:f0:04:fb:cf:db:dd:ac:dd:5a:09:
c7:0f:d4:c7:89:5b:8f:71:a3:7f:b7:19:eb:82:55:
c2:cc:b6:64:d2:c1:30:1e:88:f1:62:db:25:9e:92:
9e:80:9d:61:07:de:d2:56:31:9d:c3:58:02:52:a1:
4a:43:61:f2:16:be:64:1b:5b:89:fe:a2:17:0a:59:
00:f0:10:f7:28:51:50:ea:a7:b7:4b:c5:5a:3d:0e:
70:58:9c:46:8d:56:e4:f5:84:36:ab:30:21:9c:2d:
52:60:c0:56:0a:3e:07:9a:fe:d6:31:36:2c:7a:8c:
78:de:cf:25:1e:19:a0:17:f5:fe:43:2a:e5:ff:c3:
67:d0:ef:e5:7f:a9:c7:92:23:e1:fe:17:9b:bc:94:
30:0a:33:7c:2b:5c:ba:b6:1a:2d:31:c7:89:66:60:
8e:09:90:ec:61:15:9b:dc:2f:ed:67:65:04:0f:e1:
69:56:50:8b:71:e8:4c:70:68:90:44:5a:f4:af:bc:
6c:7a:ad:68:af:9d:78:61:af:da:4c:2b:3c:9d:4b:
42:48:40:38:9e:83:cf:92:c3:af:e5:8d:29:dc:ba:
4d:00:c7:cf:16:77:35:ff:c8:e3:36:9c:98:2b:be:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:62:3F:04:CA:B3:E3:CA:C5:D4:20:10:14:1A:E7:CD:FD:FC:D5:4D
X509v3 Authority Key Identifier:
keyid:82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/LGI_BMqz48rF1CAQFBrnzf381U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.8.0/22
IPv6:
2a12:ff80::/48
Signature Algorithm: sha256WithRSAEncryption
66:75:1a:cf:5f:ca:aa:ef:ec:bb:f8:d3:82:93:da:56:e3:f3:
a5:a7:9e:cd:a9:e3:fb:a2:ed:6b:f7:2b:7a:68:94:d4:3f:46:
ad:72:db:58:4b:3e:af:fd:ee:20:a5:8a:24:8b:64:25:8e:8b:
a2:7b:71:eb:62:03:fa:81:98:fa:0c:94:73:a7:12:2e:a6:aa:
01:e4:2f:9c:b8:6d:60:0c:32:26:a3:82:4e:64:7a:1a:76:ec:
99:4e:29:e7:7c:4c:83:cd:7d:54:53:7c:6d:9c:b8:4e:ca:b5:
cd:7a:96:8d:7d:be:af:e5:d3:65:62:52:f6:75:81:b7:79:6c:
94:13:cb:2c:4a:e2:ea:2c:c1:aa:7e:49:d7:8d:df:1a:2f:6b:
4c:ae:9c:55:84:32:e4:91:ef:4f:1b:48:e7:b0:88:4f:d2:17:
80:ce:93:54:29:1f:93:23:9e:96:66:e8:c1:d1:a0:ab:bd:ba:
0a:89:e5:dd:2f:c7:58:23:09:ef:42:89:4b:e2:33:e9:f6:28:
7b:18:29:d5:85:2a:91:b7:57:3f:f9:0f:a5:d4:68:fe:19:0c:
2b:f2:f8:cc:12:ee:50:ba:1d:80:6f:8d:e8:38:76:4a:88:58:
e0:95:6a:b1:c5:fe:e1:8a:16:5f:d4:28:a2:2c:59:e5:b2:99:
f5:6c:ef:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhQ9W9Nvx8HuXjOPeA0AwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWY2ZTlmZjFmYmJmMjFmNjQxM2ExMzdlNzM2N2RkOGE4
YzAzNWMwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzYyM2YwNGNhYjNlM2NhYzVkNDIwMTAxNDFhZTdjZGZkZmNkNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGWK2SKLHtPyW6xb7k/HqItTavAE
+8/b3azdWgnHD9THiVuPcaN/txnrglXCzLZk0sEwHojxYtslnpKegJ1hB97SVjGd
w1gCUqFKQ2HyFr5kG1uJ/qIXClkA8BD3KFFQ6qe3S8VaPQ5wWJxGjVbk9YQ2qzAh
nC1SYMBWCj4Hmv7WMTYseox43s8lHhmgF/X+Qyrl/8Nn0O/lf6nHkiPh/hebvJQw
CjN8K1y6thotMceJZmCOCZDsYRWb3C/tZ2UED+FpVlCLcehMcGiQRFr0r7xseq1o
r514Ya/aTCs8nUtCSEA4noPPksOv5Y0p3LpNAMfPFnc1/8jjNpyYK747dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCxiPwTKs+PKxdQgEBQa5839/NVNMB8GA1UdIwQY
MBaAFIIfbp/x+78h9kE6E35zZ92KjANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUt
NWE5NGFkMTMzMTE4LzEvTEdJX0JNcXo0OHJGMUNBUUZCcm56ZjM4MVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUtNWE5NGFkMTMzMTE4
LzEvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuc4IMA8E
AgACMAkDBwAqEv+AAAAwDQYJKoZIhvcNAQELBQADggEBAGZ1Gs9fyqrv7Lv404KT
2lbj86Wnns2p4/ui7Wv3K3polNQ/Rq1y21hLPq/97iCliiSLZCWOi6J7cetiA/qB
mPoMlHOnEi6mqgHkL5y4bWAMMiajgk5kehp27JlOKed8TIPNfVRTfG2cuE7Ktc16
lo19vq/l02ViUvZ1gbd5bJQTyyxK4uoswap+SdeN3xova0yunFWEMuSR708bSOew
iE/SF4DOk1QpH5MjnpZm6MHRoKu9ugqJ5d0vx1gjCe9CiUviM+n2KHsYKdWFKpG3
Vz/5D6XUaP4ZDCvy+MwS7lC6HYBvjeg4dkqIWOCVarHF/uGKFl/UKKIsWeWymfVs
7xs=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:03 2025 by rpki-client