Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Lg-UqvJ7mB9s1Ec_INtlLyWe9p4.roa
File: Lg-UqvJ7mB9s1Ec_INtlLyWe9p4.roa (raw, json)
Hash identifier: JsyrggCYQvVNcgceeDKV5EgJ925GRY4Kudy6Ygryxgk=
Subject key identifier: 2E:0F:94:AA:F2:7B:98:1F:6C:D4:47:3F:20:DB:65:2F:25:9E:F6:9E
Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial: 018CC56EC88C602E4180C469515606070966
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Lg-UqvJ7mB9s1Ec_INtlLyWe9p4.roa
Signing time: Mon 01 Jan 2024 14:30:21 +0000
ROA not before: Mon 01 Jan 2024 14:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209437
IP address blocks: 2a0a:56c4:5::/48 maxlen: 48
2a0a:56c4:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c8:8c:60:2e:41:80:c4:69:51:56:06:07:09:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Validity
Not Before: Jan 1 14:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e0f94aaf27b981f6cd4473f20db652f259ef69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b3:2c:a8:9d:d3:7b:79:c6:18:2d:40:15:11:
d0:36:84:95:e4:78:b5:33:5f:9d:5c:0c:6f:e8:7a:
bf:e6:1b:81:54:d5:92:e3:6f:90:f6:80:f0:ab:95:
fb:d4:e9:15:c1:28:ea:32:47:a8:9d:19:53:55:b1:
9b:b1:67:6a:33:58:25:52:2b:5f:4c:54:6a:f8:0b:
39:2a:32:2a:dc:8f:b4:ee:e7:14:01:14:9d:5e:36:
c3:a1:ca:b6:8d:41:88:88:c2:55:91:c3:c2:0c:fc:
7c:88:45:34:e8:84:20:55:c2:f9:ad:e8:c4:62:1c:
6a:b4:46:a0:50:58:d4:45:b1:ae:ee:87:1d:24:93:
d0:fa:90:9f:0d:2f:97:25:78:91:ae:8b:77:17:0e:
40:e8:2f:6c:99:dc:10:82:3d:30:d3:5c:51:0a:2b:
f8:da:3e:3d:a2:3d:4b:b1:30:61:2c:8a:e1:b4:d6:
99:06:fb:f4:5e:8f:05:2a:37:f1:8c:21:bc:fe:5d:
96:49:07:70:13:97:2e:16:4a:a9:6e:9d:7b:0f:fb:
5f:9d:c9:9e:c9:c2:9e:cf:26:3f:97:eb:84:91:fa:
6f:58:dd:42:e1:fa:58:b3:5b:c0:b8:ad:3b:45:81:
1e:13:aa:ca:b5:9d:08:c7:32:f8:30:7b:16:69:7f:
45:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0F:94:AA:F2:7B:98:1F:6C:D4:47:3F:20:DB:65:2F:25:9E:F6:9E
X509v3 Authority Key Identifier:
keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Lg-UqvJ7mB9s1Ec_INtlLyWe9p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:56c4:3::/48
2a0a:56c4:5::/48
Signature Algorithm: sha256WithRSAEncryption
4e:5c:44:48:7d:98:ba:fe:8a:e5:ec:a1:79:ad:49:ff:9f:33:
9f:c1:58:2e:8f:9f:45:c1:05:d4:6a:56:f9:3f:7e:3d:cb:73:
8d:b3:a9:4b:2b:c0:0d:7e:00:2d:59:aa:27:af:45:0a:32:06:
60:a2:37:6d:fd:21:68:c8:e6:13:02:10:2b:c4:66:43:cd:0b:
7d:22:fd:e3:ba:3b:60:1e:b7:75:51:4a:43:73:c6:0d:5f:c1:
1e:f3:be:42:d9:5d:29:5b:13:91:b2:a4:6f:d9:f6:3b:4a:c0:
8e:28:18:d6:16:bf:e4:29:1b:09:e3:4e:22:5a:2b:a4:e0:e3:
c3:18:e3:33:3e:a6:35:3d:78:9d:19:fa:a7:bc:74:48:31:87:
82:b1:f7:71:fa:28:1e:f0:7a:b7:2e:15:43:59:cd:b6:34:11:
fc:1d:d3:47:b0:6d:ad:af:76:5b:2a:50:40:5b:eb:ba:ec:2f:
a4:70:a1:a0:07:6c:e1:e3:2e:cf:2a:2a:30:3d:68:b8:5d:7d:
b1:57:59:c5:85:b4:8b:95:4a:31:84:2c:ec:99:35:15:0f:bc:
47:b6:2a:31:1e:df:e9:18:ad:2a:06:be:82:54:c9:cd:c1:8c:
2b:c2:46:8d:45:3f:a8:c2:ae:5e:fa:14:78:3c:71:8a:e9:7b:
55:b8:10:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbsiMYC5BgMRpUVYGBwlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjQwMTAxMTQzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBmOTRhYWYyN2I5ODFmNmNkNDQ3M2YyMGRiNjUyZjI1OWVmNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirMsqJ3Te3nGGC1AFRHQNoSV5Hi1
M1+dXAxv6Hq/5huBVNWS42+Q9oDwq5X71OkVwSjqMkeonRlTVbGbsWdqM1glUitf
TFRq+As5KjIq3I+07ucUARSdXjbDocq2jUGIiMJVkcPCDPx8iEU06IQgVcL5rejE
YhxqtEagUFjURbGu7ocdJJPQ+pCfDS+XJXiRrot3Fw5A6C9smdwQgj0w01xRCiv4
2j49oj1LsTBhLIrhtNaZBvv0Xo8FKjfxjCG8/l2WSQdwE5cuFkqpbp17D/tfncme
ycKezyY/l+uEkfpvWN1C4fpYs1vAuK07RYEeE6rKtZ0IxzL4MHsWaX9FKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC4PlKrye5gfbNRHPyDbZS8lnvaeMB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvTGctVXF2SjdtQjlzMUVjX0lOdGxMeVdlOXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgpWxAAD
AwcAKgpWxAAFMA0GCSqGSIb3DQEBCwUAA4IBAQBOXERIfZi6/orl7KF5rUn/nzOf
wVguj59FwQXUalb5P349y3ONs6lLK8ANfgAtWaonr0UKMgZgojdt/SFoyOYTAhAr
xGZDzQt9Iv3jujtgHrd1UUpDc8YNX8Ee875C2V0pWxORsqRv2fY7SsCOKBjWFr/k
KRsJ404iWiuk4OPDGOMzPqY1PXidGfqnvHRIMYeCsfdx+ige8Hq3LhVDWc22NBH8
HdNHsG2tr3ZbKlBAW+u67C+kcKGgB2zh4y7PKiowPWi4XX2xV1nFhbSLlUoxhCzs
mTUVD7xHtioxHt/pGK0qBr6CVMnNwYwrwkaNRT+owq5e+hR4PHGK6XtVuBDu
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:47 2024 by rpki-client on console-fra.rpki-client.org