Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/LmrBk9SjWqqCDsb9OpHwMjXVCss.roa
File: LmrBk9SjWqqCDsb9OpHwMjXVCss.roa (raw, json)
Hash identifier: eItw05lqy67m7Mg0MMUWltLmTadt+TBW8rC7djylfC8=
Subject key identifier: 2E:6A:C1:93:D4:A3:5A:AA:82:0E:C6:FD:3A:91:F0:32:35:D5:0A:CB
Certificate issuer: /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial: 018CC727693C25A6F11C3ECFFC9E0F75202B
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/LmrBk9SjWqqCDsb9OpHwMjXVCss.roa
Signing time: Mon 01 Jan 2024 22:31:38 +0000
ROA not before: Mon 01 Jan 2024 22:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 82.192.97.0/24 maxlen: 24
82.192.96.0/24 maxlen: 24
82.192.101.0/24 maxlen: 24
82.192.100.0/24 maxlen: 24
82.192.103.0/24 maxlen: 24
82.192.102.0/24 maxlen: 24
82.192.108.0/24 maxlen: 24
82.192.110.0/24 maxlen: 24
82.192.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.mft
rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:69:3c:25:a6:f1:1c:3e:cf:fc:9e:0f:75:20:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Validity
Not Before: Jan 1 22:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e6ac193d4a35aaa820ec6fd3a91f03235d50acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b0:f5:a4:f6:ba:04:e3:73:61:8b:83:5f:6a:
5e:a9:78:e0:6d:f4:08:bc:01:0e:80:3a:4d:70:7f:
70:0f:c8:85:6a:30:3e:76:5c:8f:18:86:bd:b8:24:
93:41:17:f0:4b:08:cc:ec:c2:b6:43:bf:58:7c:f5:
8f:0a:b4:1c:3e:17:69:67:b9:c1:e4:d6:4d:66:d4:
ae:3a:ef:d6:f2:cc:ec:69:2a:7c:ea:f4:da:92:76:
b7:f7:84:da:ca:d8:03:cc:f7:47:89:45:63:fc:e6:
ab:6a:2d:ba:03:92:7e:5e:a5:b7:08:3a:61:7b:f1:
74:e9:af:38:c6:5d:1a:23:e4:79:d9:20:09:13:2d:
b7:aa:00:bb:13:f0:61:c7:6c:ec:4b:9e:a1:1e:03:
df:20:d0:80:92:73:0d:07:db:0c:d1:03:3f:d5:2e:
05:43:92:db:06:2d:e7:58:6f:81:bd:6c:4f:05:88:
7b:ad:fb:d6:d9:e2:5c:a3:94:87:55:be:78:12:fa:
7b:d6:54:6d:fd:4d:c0:c2:56:74:ad:03:4f:4f:84:
70:12:cf:73:7a:c8:32:78:17:08:b1:53:68:f1:ed:
3f:da:ab:37:8e:71:a7:1c:9d:98:93:60:b3:ab:1c:
4f:5f:c6:a5:3c:ea:65:96:70:e4:98:84:d4:a4:2f:
1c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6A:C1:93:D4:A3:5A:AA:82:0E:C6:FD:3A:91:F0:32:35:D5:0A:CB
X509v3 Authority Key Identifier:
keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/LmrBk9SjWqqCDsb9OpHwMjXVCss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.96.0/23
82.192.100.0/22
82.192.108.0-82.192.110.255
Signature Algorithm: sha256WithRSAEncryption
af:0d:f8:b8:c9:e6:90:43:72:9b:80:da:3d:69:13:a8:9d:9a:
be:e9:0a:4a:e3:5d:90:35:16:97:22:ba:55:b5:c8:1b:ff:2c:
21:5c:94:8c:32:86:30:47:56:2e:2d:70:f3:71:e3:76:7a:a8:
98:68:34:86:4d:ef:c3:62:0f:e2:8d:a8:68:0f:5f:9b:51:11:
bc:55:6c:eb:78:80:4d:98:c0:2f:16:97:f3:38:e0:0f:8e:41:
e9:f6:80:b6:21:da:b5:95:4d:f0:ea:76:03:1f:d3:2e:ac:dc:
11:b0:5f:40:d2:fa:e4:de:fd:5b:63:d1:e8:1b:af:6f:76:7a:
d7:e1:7c:7f:16:6b:21:43:46:70:9f:68:95:60:f3:fb:6c:8c:
19:a4:20:72:fc:77:d8:66:f6:6d:97:f1:a3:e1:c1:24:f2:e0:
5d:9f:15:45:e1:d6:de:cf:2c:fb:62:cb:ad:76:f1:3e:eb:41:
b7:cc:a1:ad:ef:82:d7:3b:82:7a:49:3a:52:c7:40:22:6d:2f:
ff:f3:22:d3:12:a6:07:b9:1c:82:32:28:2b:7c:0b:be:22:ef:
77:31:ff:97:ba:f1:db:02:a7:9b:d4:f8:3e:90:04:aa:fd:cd:
ea:9b:de:2a:33:66:4c:b0:ff:13:3a:6b:a4:f2:e2:ef:ce:59:
ce:cf:af:ea
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJ2k8JabxHD7P/J4PdSArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWNhNDAxMmJmN2I1MDU2ZTJlMGExNjFlYjQ2MTg4NzZj
OTExMmEwHhcNMjQwMTAxMjIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTZhYzE5M2Q0YTM1YWFhODIwZWM2ZmQzYTkxZjAzMjM1ZDUwYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirD1pPa6BONzYYuDX2peqXjgbfQI
vAEOgDpNcH9wD8iFajA+dlyPGIa9uCSTQRfwSwjM7MK2Q79YfPWPCrQcPhdpZ7nB
5NZNZtSuOu/W8szsaSp86vTakna394TaytgDzPdHiUVj/Oarai26A5J+XqW3CDph
e/F06a84xl0aI+R52SAJEy23qgC7E/Bhx2zsS56hHgPfINCAknMNB9sM0QM/1S4F
Q5LbBi3nWG+BvWxPBYh7rfvW2eJco5SHVb54Evp71lRt/U3AwlZ0rQNPT4RwEs9z
esgyeBcIsVNo8e0/2qs3jnGnHJ2Yk2CzqxxPX8alPOpllnDkmITUpC8cuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC5qwZPUo1qqgg7G/TqR8DI11QrLMB8GA1UdIwQY
MBaAFHvspAEr97UFbi4KFh60YYh2yREqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYt
NThjYWY0NzAxYmUzLzEvTG1yQms5U2pXcXFDRHNiOU9wSHdNalhWQ3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYtNThjYWY0NzAxYmUz
LzEvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUsBgAwQC
UsBkMAwDBAJSwGwDBABSwG4wDQYJKoZIhvcNAQELBQADggEBAK8N+LjJ5pBDcpuA
2j1pE6idmr7pCkrjXZA1FpciulW1yBv/LCFclIwyhjBHVi4tcPNx43Z6qJhoNIZN
78NiD+KNqGgPX5tREbxVbOt4gE2YwC8Wl/M44A+OQen2gLYh2rWVTfDqdgMf0y6s
3BGwX0DS+uTe/Vtj0egbr292etfhfH8WayFDRnCfaJVg8/tsjBmkIHL8d9hm9m2X
8aPhwSTy4F2fFUXh1t7PLPtiy6128T7rQbfMoa3vgtc7gnpJOlLHQCJtL//zItMS
pge5HIIyKCt8C74i73cx/5e68dsCp5vU+D6QBKr9zeqb3iozZkyw/xM6a6Ty4u/O
Wc7Pr+o=
-----END CERTIFICATE-----
Generated at Thu May 2 16:36:44 2024 by rpki-client on console-fra.rpki-client.org