Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/LHj48PuI2t7PJoC8WTv33kxOuu4.roa
File: LHj48PuI2t7PJoC8WTv33kxOuu4.roa (raw, json)
Hash identifier: arKrXa4VuhO5fFtTviEbEPPqYXWwkIuo0fU/xKoWydg=
Subject key identifier: 2C:78:F8:F0:FB:88:DA:DE:CF:26:80:BC:59:3B:F7:DE:4C:4E:BA:EE
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018CC5DCD915EE85C890277923253E9528EF
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/LHj48PuI2t7PJoC8WTv33kxOuu4.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50607
IP address blocks: 109.207.105.0/24 maxlen: 24
176.126.56.0/22 maxlen: 22
176.126.57.0/24 maxlen: 24
91.198.97.0/24 maxlen: 24
2001:67c:778::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d9:15:ee:85:c8:90:27:79:23:25:3e:95:28:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c78f8f0fb88dadecf2680bc593bf7de4c4ebaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:f2:58:03:16:20:fc:cb:d1:59:77:2d:81:
dc:44:fe:8f:ce:2b:bc:ed:c0:5d:85:b2:eb:3a:2e:
0c:5e:7f:53:db:89:ff:43:8b:27:10:8a:9c:d5:eb:
5c:0c:33:0f:1d:1f:3c:5e:25:0f:4e:8e:2d:27:9e:
6e:37:b4:d0:57:6f:20:9c:40:84:6f:e8:75:02:2c:
c8:4b:45:ea:c6:ce:ae:11:ae:69:55:d4:50:e6:f8:
21:15:91:30:cb:e7:a2:02:40:02:36:9c:5c:f5:f3:
5d:3c:80:59:b2:79:a4:cf:84:bc:d0:b3:ce:58:6e:
cd:86:39:bd:fe:a5:4c:35:f1:a2:aa:7c:f2:b0:00:
ad:6c:d0:83:56:de:66:81:99:81:90:53:f2:64:08:
41:d4:93:1d:6a:4c:32:f7:d7:d7:29:be:da:ef:aa:
0c:c3:23:9f:4b:e9:08:dd:95:97:c0:13:6f:e5:2b:
75:a1:8a:d7:71:53:70:48:19:c0:6e:25:3f:a8:a4:
75:8e:0c:fa:7b:2a:57:21:5a:4b:88:2e:4c:37:46:
11:07:d4:27:a4:9c:49:c2:e7:87:55:2e:fc:89:04:
92:1a:a0:fd:62:23:4c:13:ac:86:76:70:3a:70:ae:
76:95:18:6f:7d:99:98:9b:dd:d9:9a:f4:c6:87:82:
3d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:78:F8:F0:FB:88:DA:DE:CF:26:80:BC:59:3B:F7:DE:4C:4E:BA:EE
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/LHj48PuI2t7PJoC8WTv33kxOuu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.97.0/24
109.207.105.0/24
176.126.56.0/22
IPv6:
2001:67c:778::/48
Signature Algorithm: sha256WithRSAEncryption
1d:15:a9:51:59:8f:d9:19:83:11:0c:a1:6d:9a:5e:c4:9b:37:
8e:b1:15:7f:1c:2c:60:92:2f:10:6f:43:c7:8d:64:91:02:2b:
7b:ba:e3:76:77:3e:1f:3c:07:b3:e7:5d:85:1e:3d:4f:4d:c2:
a4:f2:1b:17:10:dd:1b:c9:b7:a9:cf:d5:6e:8a:dd:17:07:0b:
65:11:59:7e:53:0c:8c:94:db:72:d0:21:55:5f:59:39:b9:8b:
a0:93:65:93:5c:dc:f3:b7:b7:1b:0e:f3:23:d6:71:13:b4:93:
6b:cd:d8:ae:e0:4b:ae:81:a1:3c:73:53:96:35:1a:95:65:dd:
c8:71:9a:bd:96:a6:ee:15:1a:c8:58:94:f4:47:a6:04:8d:51:
1b:56:cb:0c:8d:86:25:d4:4b:4a:b6:14:15:38:91:11:95:f3:
16:9f:94:80:18:50:3b:e8:a6:d2:7b:87:11:59:d0:11:30:a9:
c8:f1:28:a5:56:af:b6:5f:62:b6:83:e7:7c:3e:70:bd:00:51:
4c:55:01:cf:60:80:e2:2f:47:3a:98:f0:4e:f5:d0:a4:73:00:
79:9d:de:95:ac:b1:cc:4f:f2:41:4e:d5:df:a7:15:b0:f2:da:
af:74:69:fc:e2:9a:de:ee:e4:49:8d:9c:3e:f4:c6:45:5c:2b:
f7:5f:f6:34
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzF3NkV7oXIkCd5IyU+lSjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzc4ZjhmMGZiODhkYWRlY2YyNjgwYmM1OTNiZjdkZTRjNGViYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOvyWAMWIPzL0Vl3LYHcRP6Pziu8
7cBdhbLrOi4MXn9T24n/Q4snEIqc1etcDDMPHR88XiUPTo4tJ55uN7TQV28gnECE
b+h1AizIS0Xqxs6uEa5pVdRQ5vghFZEwy+eiAkACNpxc9fNdPIBZsnmkz4S80LPO
WG7Nhjm9/qVMNfGiqnzysACtbNCDVt5mgZmBkFPyZAhB1JMdakwy99fXKb7a76oM
wyOfS+kI3ZWXwBNv5St1oYrXcVNwSBnAbiU/qKR1jgz6eypXIVpLiC5MN0YRB9Qn
pJxJwueHVS78iQSSGqD9YiNME6yGdnA6cK52lRhvfZmYm93ZmvTGh4I9ZQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCx4+PD7iNrezyaAvFk7995MTrruMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvTEhqNDhQdUkydDdQSm9DOFdUdjMza3hPdXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW8ZhAwQA
bc9pAwQCsH44MA8EAgACMAkDBwAgAQZ8B3gwDQYJKoZIhvcNAQELBQADggEBAB0V
qVFZj9kZgxEMoW2aXsSbN46xFX8cLGCSLxBvQ8eNZJECK3u643Z3Ph88B7PnXYUe
PU9NwqTyGxcQ3RvJt6nP1W6K3RcHC2URWX5TDIyU23LQIVVfWTm5i6CTZZNc3PO3
txsO8yPWcRO0k2vN2K7gS66BoTxzU5Y1GpVl3chxmr2Wpu4VGshYlPRHpgSNURtW
ywyNhiXUS0q2FBU4kRGV8xaflIAYUDvoptJ7hxFZ0BEwqcjxKKVWr7ZfYraD53w+
cL0AUUxVAc9ggOIvRzqY8E710KRzAHmd3pWsscxP8kFO1d+nFbDy2q90afzimt7u
5EmNnD70xkVcK/df9jQ=
-----END CERTIFICATE-----
Generated at Tue May 28 23:38:23 2024 by rpki-client on console-fra.rpki-client.org