Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/lwJTIw9WWBx53K0P2kUBXqO7NSQ.roa
File: lwJTIw9WWBx53K0P2kUBXqO7NSQ.roa (raw, json)
Hash identifier: zATnSoGwyTlCsmMsv1f5FNfw30h8+dU4PnpLtjXWXT0=
Subject key identifier: 97:02:53:23:0F:56:58:1C:79:DC:AD:0F:DA:45:01:5E:A3:BB:35:24
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 018CC86F159EDC224D05AAF2FE71F501717D
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/lwJTIw9WWBx53K0P2kUBXqO7NSQ.roa
Signing time: Tue 02 Jan 2024 04:29:32 +0000
ROA not before: Tue 02 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49349
IP address blocks: 185.61.139.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.136.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
2a02:7a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.mft
rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 04:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:15:9e:dc:22:4d:05:aa:f2:fe:71:f5:01:71:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 2 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=970253230f56581c79dcad0fda45015ea3bb3524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:36:46:bd:ad:d4:2c:8e:54:7e:8b:35:6e:78:
85:a7:f2:6d:1d:ef:f9:dc:c9:09:5f:8f:37:54:5f:
a2:0e:00:ad:12:b4:05:53:11:cc:cf:cd:09:e0:60:
32:73:cd:31:a2:e9:ad:42:65:90:a8:98:3d:74:7d:
50:b9:83:65:fb:35:0a:95:80:3c:a2:25:8e:25:b3:
ef:8d:5a:1c:06:19:16:fe:57:75:dd:9d:cd:da:66:
5d:b5:5c:2f:82:b5:2c:c6:37:ad:08:a7:a8:e1:40:
7f:2b:7a:d2:c0:4a:5f:dd:09:9f:89:09:07:0d:65:
33:ce:95:8d:db:ec:3d:3d:ce:4f:0a:87:97:d7:82:
88:1b:0e:33:26:3b:c1:58:23:7b:9b:20:2f:19:42:
60:24:47:de:58:50:e5:12:06:6d:4b:42:fc:10:14:
fc:cc:e2:71:a0:30:7a:b5:43:31:30:a2:97:ea:21:
d5:48:f6:06:b9:f4:91:a2:76:02:2b:16:47:a5:47:
bf:08:1d:99:bc:2b:1b:7a:6e:69:be:99:65:c3:68:
7b:48:a0:dd:ae:ba:a1:c0:d0:9f:f6:71:48:06:3f:
e2:0a:03:d1:7e:9c:69:cb:ec:a3:39:27:53:de:60:
a1:9b:13:78:8e:2c:90:6f:19:01:ff:5f:04:09:d4:
3d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:02:53:23:0F:56:58:1C:79:DC:AD:0F:DA:45:01:5E:A3:BB:35:24
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/lwJTIw9WWBx53K0P2kUBXqO7NSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
66:65:a2:73:7b:56:0d:ec:cd:93:4b:bc:7d:ac:ae:02:5e:c9:
ed:c3:62:fc:8a:d9:90:ae:bb:ea:01:a0:5d:ed:93:cc:81:b8:
52:b7:f5:06:79:a7:b6:3c:62:30:53:2f:cc:1c:81:e2:ea:07:
38:20:24:37:83:24:73:79:89:06:5b:57:ec:d5:60:71:d8:06:
87:0a:ae:d4:89:f9:6d:60:a9:bf:7e:ab:11:ec:01:3e:5f:38:
af:0b:4c:69:18:30:e1:08:6c:06:31:e5:46:d5:af:fc:7d:46:
b0:4b:7e:46:a3:e8:f3:23:b4:26:0c:ef:4e:49:41:57:8a:36:
5b:46:04:38:ca:e1:ff:7d:e4:bf:b5:74:b7:e7:14:dd:b8:56:
f7:f5:b3:46:c5:bc:04:98:05:bf:d9:96:34:a5:8c:af:d7:e1:
25:f6:90:cc:be:6a:bc:08:aa:33:7f:52:27:81:45:c3:a9:f1:
e3:61:0b:9e:4c:f1:36:73:b6:d1:48:5c:13:04:c9:3f:67:7f:
87:ff:b9:b7:74:8d:f0:3c:0c:5c:33:aa:dc:25:dc:26:3d:51:
b6:d6:88:9a:a1:05:e4:6b:18:42:ed:c6:18:f1:fc:73:0e:8d:
ca:8c:61:8c:70:e7:23:8d:6c:55:7e:5e:9a:3a:7c:b8:47:4e:
f9:1d:ba:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbxWe3CJNBary/nH1AXF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjQwMTAyMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzAyNTMyMzBmNTY1ODFjNzlkY2FkMGZkYTQ1MDE1ZWEzYmIzNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDZGva3ULI5Ufos1bniFp/JtHe/5
3MkJX483VF+iDgCtErQFUxHMz80J4GAyc80xoumtQmWQqJg9dH1QuYNl+zUKlYA8
oiWOJbPvjVocBhkW/ld13Z3N2mZdtVwvgrUsxjetCKeo4UB/K3rSwEpf3QmfiQkH
DWUzzpWN2+w9Pc5PCoeX14KIGw4zJjvBWCN7myAvGUJgJEfeWFDlEgZtS0L8EBT8
zOJxoDB6tUMxMKKX6iHVSPYGufSRonYCKxZHpUe/CB2ZvCsbem5pvpllw2h7SKDd
rrqhwNCf9nFIBj/iCgPRfpxpy+yjOSdT3mChmxN4jiyQbxkB/18ECdQ93QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJcCUyMPVlgcedytD9pFAV6juzUkMB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvbHdKVEl3OVdXQng1M0swUDJrVUJYcU83TlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQBmZaJze1YN7M2TS7x9rK4C
Xsntw2L8itmQrrvqAaBd7ZPMgbhSt/UGeae2PGIwUy/MHIHi6gc4ICQ3gyRzeYkG
W1fs1WBx2AaHCq7UifltYKm/fqsR7AE+XzivC0xpGDDhCGwGMeVG1a/8fUawS35G
o+jzI7QmDO9OSUFXijZbRgQ4yuH/feS/tXS35xTduFb39bNGxbwEmAW/2ZY0pYyv
1+El9pDMvmq8CKozf1IngUXDqfHjYQueTPE2c7bRSFwTBMk/Z3+H/7m3dI3wPAxc
M6rcJdwmPVG21oiaoQXkaxhC7cYY8fxzDo3KjGGMcOcjjWxVfl6aOny4R075Hbq0
-----END CERTIFICATE-----
Generated at Sun Jun 30 13:03:49 2024 by rpki-client on console-ams.rpki-client.org