Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/rLBMYBzdV86sxeW7AaHzvR2MXLQ.roa
File: rLBMYBzdV86sxeW7AaHzvR2MXLQ.roa (raw, json)
Hash identifier: Svl2rYM6Avzn/ubo+92HEJrq9Hq2cz1vVjK4fg/WmpM=
Subject key identifier: AC:B0:4C:60:1C:DD:57:CE:AC:C5:E5:BB:01:A1:F3:BD:1D:8C:5C:B4
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018FA4BEDC87B8F83D8A585D01DA40F2FA42
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/rLBMYBzdV86sxeW7AaHzvR2MXLQ.roa
Signing time: Thu 23 May 2024 09:18:42 +0000
ROA not before: Thu 23 May 2024 09:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.40.0/22 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:be:dc:87:b8:f8:3d:8a:58:5d:01:da:40:f2:fa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: May 23 09:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb04c601cdd57ceacc5e5bb01a1f3bd1d8c5cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:78:af:06:d5:a2:18:b5:ba:47:f1:bb:f3:
71:86:15:c2:65:64:4e:aa:1d:d6:f4:93:00:5c:f0:
ca:14:56:88:24:d2:5a:c5:58:6c:a4:ad:21:9f:31:
6c:78:a0:e9:5c:df:c5:2a:df:d1:42:8d:e7:46:db:
87:73:0a:b2:dd:9b:9d:29:62:dd:ce:bb:85:be:0d:
09:c1:84:68:46:b9:41:bd:cb:a7:90:c9:61:92:52:
35:ae:c1:d7:27:1f:8c:d6:e7:9a:a2:ec:b1:c2:f4:
cd:5e:99:80:0a:e3:5c:e4:a4:b9:67:af:e0:db:5a:
d3:e3:31:d3:5a:13:2a:86:98:ec:05:a4:bf:ed:29:
14:1c:23:5e:4c:56:d3:dc:6c:52:2e:24:7b:6f:aa:
a5:06:3e:3d:6b:71:ab:c4:a2:58:4f:15:64:83:92:
46:7c:eb:22:4a:63:1b:58:62:fe:f6:b9:d7:40:bc:
89:7c:96:24:71:07:3a:9f:19:12:c7:22:86:6f:54:
08:58:ec:91:e6:36:58:db:e2:3a:71:12:6f:36:4a:
96:ba:0a:87:0d:ed:84:86:77:e4:8b:0c:3e:65:3e:
a3:48:b1:d2:41:fb:33:f3:3e:5c:a0:aa:61:48:0a:
ba:44:26:b3:8d:ac:c2:56:86:d6:25:42:6f:cb:8f:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B0:4C:60:1C:DD:57:CE:AC:C5:E5:BB:01:A1:F3:BD:1D:8C:5C:B4
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/rLBMYBzdV86sxeW7AaHzvR2MXLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
35:db:47:64:80:db:6b:1d:91:8e:70:80:fd:48:06:be:e4:60:
03:4a:46:0a:70:1e:8d:cc:78:59:57:87:1a:50:af:53:24:e8:
71:11:3f:9e:8b:88:73:d5:97:78:1e:99:c3:7a:94:1b:cd:71:
d9:60:43:46:81:f2:42:5b:b0:fb:1b:98:38:45:4f:c2:a8:41:
16:c8:cd:40:ad:fa:8c:79:ce:b0:11:f3:b4:57:b7:1c:f0:e8:
b4:1d:a9:80:3e:be:53:83:c5:ee:be:8f:28:06:da:fb:27:48:
69:aa:3b:54:8d:8d:d2:ea:5e:6b:32:f2:9a:a0:a8:1d:30:22:
b3:99:a9:cc:82:b5:a9:81:d9:cb:7f:d2:be:4d:62:d3:9e:21:
17:6e:89:76:08:43:8b:65:4a:5e:59:d0:d0:44:89:7c:0b:5c:
ea:d4:be:44:80:50:74:68:f4:67:dc:26:e5:68:49:e7:6a:5b:
55:71:cf:d3:14:78:73:eb:2a:ff:2a:6c:a3:c6:de:8d:d3:c2:
5e:cc:d3:89:e8:b3:4c:c0:65:b9:12:a3:dc:3d:93:9b:45:50:
09:90:10:1e:93:2f:b6:99:59:bc:26:14:9a:15:2a:ab:b9:21:
bd:0d:d7:15:86:9f:c6:08:85:ed:8d:96:5c:f7:1a:60:16:60:
2f:b3:5c:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+kvtyHuPg9ilhdAdpA8vpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNTIzMDkxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IwNGM2MDFjZGQ1N2NlYWNjNWU1YmIwMWExZjNiZDFkOGM1Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJB4rwbVohi1ukfxu/NxhhXCZWRO
qh3W9JMAXPDKFFaIJNJaxVhspK0hnzFseKDpXN/FKt/RQo3nRtuHcwqy3ZudKWLd
zruFvg0JwYRoRrlBvcunkMlhklI1rsHXJx+M1ueaouyxwvTNXpmACuNc5KS5Z6/g
21rT4zHTWhMqhpjsBaS/7SkUHCNeTFbT3GxSLiR7b6qlBj49a3GrxKJYTxVkg5JG
fOsiSmMbWGL+9rnXQLyJfJYkcQc6nxkSxyKGb1QIWOyR5jZY2+I6cRJvNkqWugqH
De2Ehnfkiww+ZT6jSLHSQfsz8z5coKphSAq6RCazjazCVobWJUJvy48cmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKywTGAc3VfOrMXluwGh870djFy0MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvckxCTVlCemRWODZzeGVXN0FhSHp2UjJNWExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BABemi4wDQYJKoZIhvcNAQELBQADggEBADXbR2SA22sdkY5wgP1IBr7kYANKRgpw
Ho3MeFlXhxpQr1Mk6HERP56LiHPVl3gemcN6lBvNcdlgQ0aB8kJbsPsbmDhFT8Ko
QRbIzUCt+ox5zrAR87RXtxzw6LQdqYA+vlODxe6+jygG2vsnSGmqO1SNjdLqXmsy
8pqgqB0wIrOZqcyCtamB2ct/0r5NYtOeIRduiXYIQ4tlSl5Z0NBEiXwLXOrUvkSA
UHRo9GfcJuVoSedqW1Vxz9MUeHPrKv8qbKPG3o3Twl7M04nos0zAZbkSo9w9k5tF
UAmQEB6TL7aZWbwmFJoVKqu5Ib0N1xWGn8YIhe2Nllz3GmAWYC+zXA4=
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:26:34 2024 by rpki-client on console-ams.rpki-client.org