Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/lgfzdEXa9dxvA4zW3jEUxECMx1Q.roa
File: lgfzdEXa9dxvA4zW3jEUxECMx1Q.roa (raw, json)
Hash identifier: LIe6kyLKst2oz0YJYr9ljaOh2XIPykdHvAr5rMbJ/CU=
Subject key identifier: 96:07:F3:74:45:DA:F5:DC:6F:03:8C:D6:DE:31:14:C4:40:8C:C7:54
Certificate issuer: /CN=cb5427fd5d20585e97c2f2771d4809bf6341daa1
Certificate serial: 018CC26CF88148392C2A20BE4FF781DDE304
Authority key identifier: CB:54:27:FD:5D:20:58:5E:97:C2:F2:77:1D:48:09:BF:63:41:DA:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/lgfzdEXa9dxvA4zW3jEUxECMx1Q.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201704
IP address blocks: 212.63.96.0/21 maxlen: 21
37.98.200.0/22 maxlen: 22
185.65.184.0/22 maxlen: 22
89.42.164.0/22 maxlen: 22
2a03:1d20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f8:81:48:39:2c:2a:20:be:4f:f7:81:dd:e3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5427fd5d20585e97c2f2771d4809bf6341daa1
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9607f37445daf5dc6f038cd6de3114c4408cc754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:c3:1d:ae:8a:6a:0f:4b:75:0a:1e:c0:c5:
26:8f:1f:eb:45:8b:af:91:19:a3:56:28:fa:70:d4:
99:c9:51:35:cc:b5:ea:31:bb:58:67:2a:30:fe:75:
c7:d4:f0:7b:79:c0:ec:f8:7d:98:bb:2c:b8:14:2c:
b9:e4:5e:e3:da:02:48:49:0d:b1:3f:32:50:3f:6b:
46:94:af:95:da:f3:84:f5:f0:4a:c8:da:94:1c:7e:
87:83:1b:15:c3:d2:b1:08:7e:ab:c7:09:df:b0:9d:
4d:ef:4d:95:f2:af:0f:ff:3d:e1:0d:73:89:50:a0:
25:1a:d5:83:28:c3:ff:3e:25:1b:ce:58:85:2a:8c:
da:53:b2:00:1b:d1:8d:bb:51:d7:2a:08:8d:97:04:
5c:33:06:4b:22:4b:68:c3:7d:9f:43:22:e6:55:38:
a0:2e:c0:bf:40:31:03:56:ad:12:0f:ad:68:ed:99:
5c:d7:9f:fd:7b:3e:d8:bb:a4:d7:a5:d8:fe:98:cd:
df:5c:16:1d:0f:de:b8:65:45:d9:b1:08:78:c1:8f:
59:2e:c3:d2:b0:c5:b4:c7:12:6f:5a:77:90:9c:eb:
e5:f7:2a:e4:34:c9:45:b9:56:91:44:94:f2:28:ed:
57:5d:57:e7:cb:aa:15:85:6e:bd:3d:04:8d:90:97:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:07:F3:74:45:DA:F5:DC:6F:03:8C:D6:DE:31:14:C4:40:8C:C7:54
X509v3 Authority Key Identifier:
keyid:CB:54:27:FD:5D:20:58:5E:97:C2:F2:77:1D:48:09:BF:63:41:DA:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/lgfzdEXa9dxvA4zW3jEUxECMx1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b89e86-bfb4-4af6-8448-1f0dd9fdf5f3/1/y1Qn_V0gWF6XwvJ3HUgJv2NB2qE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.200.0/22
89.42.164.0/22
185.65.184.0/22
212.63.96.0/21
IPv6:
2a03:1d20::/32
Signature Algorithm: sha256WithRSAEncryption
9e:de:5b:39:8e:85:d1:18:18:a8:ba:c3:d0:71:c0:3a:09:cc:
c2:ac:62:57:0e:5f:df:eb:9b:54:e2:87:e6:29:1b:ed:a4:f8:
5d:c6:b1:86:e9:66:20:c3:46:d7:3f:02:eb:6f:b3:0c:30:26:
66:db:4f:ae:86:49:6b:f0:bb:c8:b9:40:e7:70:38:43:dd:9c:
9f:75:63:9d:f8:96:b0:46:0e:23:a3:22:3b:04:02:ad:9d:d7:
6b:05:53:9c:34:d6:cc:bc:b6:47:83:96:ac:80:fb:7e:53:40:
13:0f:ca:b8:d0:0a:95:aa:fb:7d:dd:ac:ca:e9:72:40:1a:4b:
3d:bf:78:00:fb:3f:c8:f7:71:25:21:11:c6:92:c7:04:c2:b8:
e3:6b:9d:3e:1d:c7:a3:cb:4d:30:fa:52:23:79:73:25:ef:e5:
62:d8:72:17:6d:84:32:dc:8d:24:7c:d3:cc:7b:81:e9:91:73:
c6:46:ea:17:9e:3e:5f:7c:96:b0:5e:c7:23:c0:81:ba:06:72:
31:8c:f7:47:62:10:ed:2c:98:5f:eb:32:f7:55:e1:bd:39:fe:
37:19:28:72:ed:76:90:1f:a9:3a:39:9f:2c:ec:2d:36:ef:21:
e3:31:2a:f2:db:80:bf:8a:36:93:a9:33:06:fd:07:47:44:95:
b6:e3:27:68
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbPiBSDksKiC+T/eB3eMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTQyN2ZkNWQyMDU4NWU5N2MyZjI3NzFkNDgwOWJmNjM0
MWRhYTEwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA3ZjM3NDQ1ZGFmNWRjNmYwMzhjZDZkZTMxMTRjNDQwOGNjNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6vDHa6Kag9LdQoewMUmjx/rRYuv
kRmjVij6cNSZyVE1zLXqMbtYZyow/nXH1PB7ecDs+H2Yuyy4FCy55F7j2gJISQ2x
PzJQP2tGlK+V2vOE9fBKyNqUHH6HgxsVw9KxCH6rxwnfsJ1N702V8q8P/z3hDXOJ
UKAlGtWDKMP/PiUbzliFKozaU7IAG9GNu1HXKgiNlwRcMwZLIktow32fQyLmVTig
LsC/QDEDVq0SD61o7Zlc15/9ez7Yu6TXpdj+mM3fXBYdD964ZUXZsQh4wY9ZLsPS
sMW0xxJvWneQnOvl9yrkNMlFuVaRRJTyKO1XXVfny6oVhW69PQSNkJd2UQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJYH83RF2vXcbwOM1t4xFMRAjMdUMB8GA1UdIwQY
MBaAFMtUJ/1dIFhel8Lydx1ICb9jQdqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFRbl9WMGdXRjZYd3ZKM0hVZ0p2Mk5CMnFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iODllODYtYmZiNC00YWY2LTg0NDgt
MWYwZGQ5ZmRmNWYzLzEvbGdmemRFWGE5ZHh2QTR6VzNqRVV4RUNNeDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iODllODYtYmZiNC00YWY2LTg0NDgtMWYwZGQ5ZmRmNWYz
LzEveTFRbl9WMGdXRjZYd3ZKM0hVZ0p2Mk5CMnFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCJWLIAwQC
WSqkAwQCuUG4AwQD1D9gMA0EAgACMAcDBQAqAx0gMA0GCSqGSIb3DQEBCwUAA4IB
AQCe3ls5joXRGBiousPQccA6CczCrGJXDl/f65tU4ofmKRvtpPhdxrGG6WYgw0bX
PwLrb7MMMCZm20+uhklr8LvIuUDncDhD3ZyfdWOd+JawRg4joyI7BAKtnddrBVOc
NNbMvLZHg5asgPt+U0ATD8q40AqVqvt93azK6XJAGks9v3gA+z/I93ElIRHGkscE
wrjja50+Hcejy00w+lIjeXMl7+Vi2HIXbYQy3I0kfNPMe4HpkXPGRuoXnj5ffJaw
XscjwIG6BnIxjPdHYhDtLJhf6zL3VeG9Of43GShy7XaQH6k6OZ8s7C027yHjMSry
24C/ijaTqTMG/QdHRJW24ydo
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:51:00 2024 by rpki-client on console-ams.rpki-client.org