Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/LtXt8swanj1v8KpeYzaizld3WfI.roa
File: LtXt8swanj1v8KpeYzaizld3WfI.roa (raw, json)
Hash identifier: XmB/zcGf3IhNKfApxjSHC99nMFeLAQ2ArE/iKN9hdoQ=
Subject key identifier: 2E:D5:ED:F2:CC:1A:9E:3D:6F:F0:AA:5E:63:36:A2:CE:57:77:59:F2
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 018CC5DC11664024C295A7905F2888A6EDAB
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/LtXt8swanj1v8KpeYzaizld3WfI.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30344
IP address blocks: 138.124.187.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:11:66:40:24:c2:95:a7:90:5f:28:88:a6:ed:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ed5edf2cc1a9e3d6ff0aa5e6336a2ce577759f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:c3:1c:c2:82:9b:63:9a:8d:78:f3:2c:d6:
8b:b3:94:cf:8e:76:a8:da:28:57:95:21:91:3a:af:
e7:b2:66:75:0b:af:ff:b0:b9:04:f4:6c:b1:56:a9:
bb:e9:7e:c5:6e:e8:1d:db:09:55:d8:e9:6e:07:61:
83:ed:ff:c0:e9:2b:a7:db:f4:18:5c:49:5b:63:9e:
51:7c:0f:d8:b4:c7:0c:f5:a9:74:21:a7:7f:34:9a:
e1:62:be:ea:c6:67:1a:5e:e2:48:1c:f8:82:11:8d:
3c:48:c8:ce:3b:19:06:3a:22:5b:23:62:da:68:2d:
08:f0:dc:a3:dd:5d:29:b6:69:96:92:d3:1f:6f:3c:
27:52:d6:77:d5:7b:71:3f:13:68:b5:4d:f9:46:16:
0c:93:fa:98:1e:b9:18:7c:c7:82:1a:09:44:0f:d8:
30:2a:42:e9:b9:f4:97:47:87:6e:66:11:e9:53:9b:
81:89:a1:9e:d2:f7:68:70:3a:d7:2a:5c:46:38:7f:
72:74:2a:1c:af:41:c1:78:e8:5f:1e:24:7f:e8:de:
e2:a9:98:bd:7f:fd:de:f0:15:fb:08:cd:d9:62:04:
62:67:b4:66:b9:b1:bd:c5:02:57:cb:9b:40:b4:65:
5d:0d:be:32:af:74:12:e1:52:55:fd:c4:66:7d:60:
30:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:ED:F2:CC:1A:9E:3D:6F:F0:AA:5E:63:36:A2:CE:57:77:59:F2
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/LtXt8swanj1v8KpeYzaizld3WfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b9:70:69:d7:1f:c1:b1:a4:61:c8:1a:e7:e1:3f:a0:af:db:
fd:ec:3d:fe:ab:50:7f:c9:93:a1:c1:18:34:08:bc:12:dc:97:
67:03:05:c4:01:21:32:16:0c:54:e2:a7:35:3d:3a:c6:e5:57:
5b:26:22:a1:5b:52:f3:10:20:fb:cc:72:7f:ae:28:73:30:26:
5a:67:68:0a:ac:38:bf:0e:9c:dc:9d:f4:99:84:da:f2:02:5e:
e0:ef:99:cd:11:54:81:9b:58:e3:33:30:cc:b2:e3:53:47:7f:
82:af:7b:ba:2a:5e:83:10:b1:70:03:98:da:22:c6:25:59:9c:
f7:24:e5:d8:0d:e4:70:4c:bf:9a:24:73:bf:7e:67:f0:ec:c8:
3a:72:78:ea:f0:a5:9a:3d:1a:d3:68:74:de:a1:af:68:26:dd:
aa:40:0a:a7:08:b0:23:b0:d8:af:72:0f:5b:0a:4c:5e:b5:08:
9a:74:3c:78:02:73:8d:a3:ed:a2:75:1a:b5:83:69:0e:55:32:
ab:14:d4:47:73:fc:43:f7:4e:52:e6:a7:56:d8:2f:7c:71:ad:
f9:e9:00:ed:13:31:3e:2b:ce:3d:eb:7f:b8:fd:f5:ab:29:2e:
2e:16:d4:c7:34:74:ad:a3:d5:9b:a8:6c:2c:bb:42:71:39:23:
c6:d1:e8:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BFmQCTClaeQXyiIpu2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUx
MTMyZjMwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ1ZWRmMmNjMWE5ZTNkNmZmMGFhNWU2MzM2YTJjZTU3Nzc1OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzbDHMKCm2OajXjzLNaLs5TPjnao
2ihXlSGROq/nsmZ1C6//sLkE9GyxVqm76X7Fbugd2wlV2OluB2GD7f/A6Sun2/QY
XElbY55RfA/YtMcM9al0Iad/NJrhYr7qxmcaXuJIHPiCEY08SMjOOxkGOiJbI2La
aC0I8Nyj3V0ptmmWktMfbzwnUtZ31XtxPxNotU35RhYMk/qYHrkYfMeCGglED9gw
KkLpufSXR4duZhHpU5uBiaGe0vdocDrXKlxGOH9ydCocr0HBeOhfHiR/6N7iqZi9
f/3e8BX7CM3ZYgRiZ7RmubG9xQJXy5tAtGVdDb4yr3QS4VJV/cRmfWAwZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7V7fLMGp49b/CqXmM2os5Xd1nyMB8GA1UdIwQY
MBaAFN6SoayJEM9chl3lsCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQt
NjllMzM3ODg0Y2M5LzEvTHRYdDhzd2FuajF2OEtwZVl6YWl6bGQzV2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5
LzEvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiny7MA0G
CSqGSIb3DQEBCwUAA4IBAQCluXBp1x/BsaRhyBrn4T+gr9v97D3+q1B/yZOhwRg0
CLwS3JdnAwXEASEyFgxU4qc1PTrG5VdbJiKhW1LzECD7zHJ/rihzMCZaZ2gKrDi/
DpzcnfSZhNryAl7g75nNEVSBm1jjMzDMsuNTR3+Cr3u6Kl6DELFwA5jaIsYlWZz3
JOXYDeRwTL+aJHO/fmfw7Mg6cnjq8KWaPRrTaHTeoa9oJt2qQAqnCLAjsNivcg9b
CkxetQiadDx4AnONo+2idRq1g2kOVTKrFNRHc/xD905S5qdW2C98ca356QDtEzE+
K84963+4/fWrKS4uFtTHNHSto9WbqGwsu0JxOSPG0eil
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:14 2024 by rpki-client on console-fra.rpki-client.org