Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/LsXgEYzwFOd4vra1wnmDOc0d0pw.roa
File: LsXgEYzwFOd4vra1wnmDOc0d0pw.roa (raw, json)
Hash identifier: me/ISHTWnBbg3S3Q3iFgHmqpS89XOjPNlmsPXJAzxpw=
Subject key identifier: 2E:C5:E0:11:8C:F0:14:E7:78:BE:B6:B5:C2:79:83:39:CD:1D:D2:9C
Certificate issuer: /CN=c415e9274e9d1fe46203c1e06b1b0dc85e612453
Certificate serial: 018CC8DF2271C9E1D8AC87AF1D2ABEA241FD
Authority key identifier: C4:15:E9:27:4E:9D:1F:E4:62:03:C1:E0:6B:1B:0D:C8:5E:61:24:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBXpJ06dH-RiA8HgaxsNyF5hJFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/LsXgEYzwFOd4vra1wnmDOc0d0pw.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49821
IP address blocks: 91.202.196.0/22 maxlen: 22
176.126.48.0/24 maxlen: 24
176.126.48.0/21 maxlen: 21
176.126.49.0/24 maxlen: 24
91.235.186.0/24 maxlen: 24
91.235.184.0/22 maxlen: 22
91.235.185.0/24 maxlen: 24
176.108.144.0/21 maxlen: 21
91.235.184.0/24 maxlen: 24
91.235.187.0/24 maxlen: 24
185.244.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/xBXpJ06dH-RiA8HgaxsNyF5hJFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/xBXpJ06dH-RiA8HgaxsNyF5hJFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBXpJ06dH-RiA8HgaxsNyF5hJFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:22:71:c9:e1:d8:ac:87:af:1d:2a:be:a2:41:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c415e9274e9d1fe46203c1e06b1b0dc85e612453
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ec5e0118cf014e778beb6b5c2798339cd1dd29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:22:fd:b2:43:55:d9:4e:17:47:f0:5d:78:
34:aa:ad:b7:1d:62:cf:d1:df:4f:99:29:26:f8:9e:
fc:60:92:47:4e:4c:96:06:28:0c:ff:79:9f:27:dc:
c9:60:e8:1e:45:85:1f:9e:f2:28:2e:64:d2:e2:ea:
37:dd:0c:39:64:91:8b:d2:4a:ef:5d:f3:9c:95:7c:
30:ad:eb:c6:a3:30:d5:52:71:20:8c:4e:e8:4f:23:
77:80:44:e3:c6:4c:7c:0c:38:64:7c:f7:bd:06:d1:
85:4d:5e:c0:c3:c4:47:89:11:36:11:bf:4a:9e:d4:
8d:e8:aa:fe:75:e0:c0:26:dc:2a:90:b3:5f:7e:6e:
93:09:07:0e:9f:79:0d:d5:7d:92:58:47:0b:b3:2a:
b5:fc:d0:dd:e0:a4:c4:8e:3b:77:af:b2:36:fa:ad:
2e:df:1e:99:cb:11:51:31:81:7d:16:9a:35:e0:95:
0e:f3:26:ff:ef:d8:ae:29:51:d7:69:af:4e:ec:45:
b6:71:12:f6:d8:d3:9f:53:7c:da:52:ce:28:68:cd:
5c:af:d2:29:15:e5:42:11:cf:10:be:5a:59:42:84:
6e:f7:5e:08:c3:7c:6b:38:dd:7f:cd:f2:37:52:dc:
7c:ab:c5:72:3a:45:08:69:a6:ff:53:e7:70:91:84:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C5:E0:11:8C:F0:14:E7:78:BE:B6:B5:C2:79:83:39:CD:1D:D2:9C
X509v3 Authority Key Identifier:
keyid:C4:15:E9:27:4E:9D:1F:E4:62:03:C1:E0:6B:1B:0D:C8:5E:61:24:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBXpJ06dH-RiA8HgaxsNyF5hJFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/LsXgEYzwFOd4vra1wnmDOc0d0pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/37b34d-1212-4eca-a236-8f62d7dc1699/1/xBXpJ06dH-RiA8HgaxsNyF5hJFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.196.0/22
91.235.184.0/22
176.108.144.0/21
176.126.48.0/21
185.244.76.0/22
Signature Algorithm: sha256WithRSAEncryption
85:24:ad:48:bd:ad:dc:2c:cb:23:fc:c2:69:c6:a3:01:28:e0:
0a:68:3c:4a:bb:65:93:64:fa:ba:dd:3d:3e:cd:f5:20:08:35:
a9:f4:83:13:66:04:22:31:1b:64:1d:09:74:73:92:ef:94:c0:
f6:fb:62:e0:4c:e2:47:db:d1:d3:0a:e1:63:92:a9:b0:46:94:
22:85:bc:ac:9c:43:66:16:78:7a:5e:1e:54:df:e7:51:cb:13:
7e:9f:0a:31:54:d1:1d:89:ed:69:07:a6:b8:e1:a3:c0:10:d5:
cb:01:ea:f8:11:c1:68:2f:23:d5:f0:e0:38:06:7d:81:33:0e:
51:45:c6:0c:43:72:ed:22:e2:d4:7f:59:24:77:fc:6e:b2:05:
42:d2:cf:67:11:6d:78:ce:2c:63:15:a3:5b:67:f0:f9:01:7a:
55:1d:67:91:00:24:c6:84:a4:1b:d9:5d:5c:36:bd:81:12:83:
d5:68:12:13:2e:a9:09:05:88:a0:20:21:d3:e0:dd:ca:66:67:
26:27:aa:bd:40:66:d7:fa:01:33:ac:10:2c:d0:14:7c:f3:a7:
ee:2b:a3:e5:bc:98:a9:fe:47:fd:8d:9a:c0:61:75:04:9f:0e:
f1:d0:ab:4d:ad:37:74:69:a0:23:fe:6d:0e:db:f7:af:e2:f5:
dd:bc:11:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3yJxyeHYrIevHSq+okH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTVlOTI3NGU5ZDFmZTQ2MjAzYzFlMDZiMWIwZGM4NWU2
MTI0NTMwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM1ZTAxMThjZjAxNGU3NzhiZWI2YjVjMjc5ODMzOWNkMWRkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnQi/bJDVdlOF0fwXXg0qq23HWLP
0d9PmSkm+J78YJJHTkyWBigM/3mfJ9zJYOgeRYUfnvIoLmTS4uo33Qw5ZJGL0krv
XfOclXwwrevGozDVUnEgjE7oTyN3gETjxkx8DDhkfPe9BtGFTV7Aw8RHiRE2Eb9K
ntSN6Kr+deDAJtwqkLNffm6TCQcOn3kN1X2SWEcLsyq1/NDd4KTEjjt3r7I2+q0u
3x6ZyxFRMYF9Fpo14JUO8yb/79iuKVHXaa9O7EW2cRL22NOfU3zaUs4oaM1cr9Ip
FeVCEc8QvlpZQoRu914Iw3xrON1/zfI3Utx8q8VyOkUIaab/U+dwkYQYYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC7F4BGM8BTneL62tcJ5gznNHdKcMB8GA1UdIwQY
MBaAFMQV6SdOnR/kYgPB4GsbDcheYSRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJYcEowNmRILVJpQThIZ2F4c055RjVoSkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8zN2IzNGQtMTIxMi00ZWNhLWEyMzYt
OGY2MmQ3ZGMxNjk5LzEvTHNYZ0VZendGT2Q0dnJhMXdubURPYzBkMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8zN2IzNGQtMTIxMi00ZWNhLWEyMzYtOGY2MmQ3ZGMxNjk5
LzEveEJYcEowNmRILVJpQThIZ2F4c055RjVoSkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8rEAwQC
W+u4AwQDsGyQAwQDsH4wAwQCufRMMA0GCSqGSIb3DQEBCwUAA4IBAQCFJK1Iva3c
LMsj/MJpxqMBKOAKaDxKu2WTZPq63T0+zfUgCDWp9IMTZgQiMRtkHQl0c5LvlMD2
+2LgTOJH29HTCuFjkqmwRpQihbysnENmFnh6Xh5U3+dRyxN+nwoxVNEdie1pB6a4
4aPAENXLAer4EcFoLyPV8OA4Bn2BMw5RRcYMQ3LtIuLUf1kkd/xusgVC0s9nEW14
zixjFaNbZ/D5AXpVHWeRACTGhKQb2V1cNr2BEoPVaBITLqkJBYigICHT4N3KZmcm
J6q9QGbX+gEzrBAs0BR886fuK6PlvJip/kf9jZrAYXUEnw7x0KtNrTd0aaAj/m0O
2/ev4vXdvBGe
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:08:17 2024 by rpki-client on console-fra.rpki-client.org