Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/lFnX3WspQKM3dJzf5s2cPGnUduU.roa
File: lFnX3WspQKM3dJzf5s2cPGnUduU.roa (raw, json)
Hash identifier: 0yiqj1jGk/zfgI/rya91IAxeuNPxHKSBGZrInhVN86w=
Subject key identifier: 94:59:D7:DD:6B:29:40:A3:37:74:9C:DF:E6:CD:9C:3C:69:D4:76:E5
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 018CC56E01CA0B164A468AC9BA8456EDC62F
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/lFnX3WspQKM3dJzf5s2cPGnUduU.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201454
IP address blocks: 45.140.0.0/22 maxlen: 22
185.73.24.0/22 maxlen: 22
185.112.24.0/22 maxlen: 22
188.94.216.0/21 maxlen: 21
2a05:3f00::/29 maxlen: 29
2a01:6f80::/32 maxlen: 32
2a02:c340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:01:ca:0b:16:4a:46:8a:c9:ba:84:56:ed:c6:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9459d7dd6b2940a337749cdfe6cd9c3c69d476e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:80:02:95:c6:a5:a5:cf:ef:a4:27:89:a2:64:
c6:75:58:ff:8b:ce:98:4a:79:1d:2d:06:a6:75:0f:
06:f5:ba:ac:66:e5:64:78:5b:70:76:40:2b:c0:71:
b9:10:65:90:70:d1:1e:df:b3:1d:52:7a:77:6f:c1:
a7:71:31:12:5e:5d:1e:a7:84:a2:07:aa:fb:59:34:
3d:71:9c:b3:b2:ba:e6:ba:62:60:7e:b5:cc:50:3a:
2a:04:3d:49:08:d8:ae:ba:9f:8f:72:96:91:77:b3:
ba:52:e0:b1:38:9a:75:e5:84:d9:2b:7c:28:7c:2d:
ae:1a:ec:36:e3:37:55:6b:f5:ca:33:da:5b:61:d8:
e8:36:8d:ca:c6:3a:8b:d2:dd:00:a5:12:76:1c:ba:
df:51:f3:7e:c9:41:e4:fc:ff:33:f4:76:97:d8:a6:
5d:e0:f9:ae:69:0c:55:60:c5:77:7c:3e:4d:79:2d:
b5:29:1f:ea:7d:15:64:c8:16:70:e4:19:77:cc:e4:
70:96:45:5c:6c:06:a9:67:95:2e:22:b6:83:9f:1e:
eb:78:51:62:24:a0:cb:f5:c5:1c:d4:f0:77:0f:53:
d1:47:c8:fc:81:5b:bd:33:4a:44:6e:2c:d4:32:31:
a2:8a:26:bf:71:bc:93:ce:d3:e1:5e:a0:e6:e1:53:
77:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:59:D7:DD:6B:29:40:A3:37:74:9C:DF:E6:CD:9C:3C:69:D4:76:E5
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/lFnX3WspQKM3dJzf5s2cPGnUduU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.0.0/22
185.73.24.0/22
185.112.24.0/22
188.94.216.0/21
IPv6:
2a01:6f80::/32
2a02:c340::/29
2a05:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
7c:94:bc:e3:f2:a9:3f:49:96:e4:3f:c7:4d:a3:bf:ce:e5:11:
8f:1f:89:fe:bc:27:b0:8f:30:53:13:9f:79:58:ff:ca:23:4e:
46:ff:60:a1:5a:e6:02:98:14:65:dd:42:28:44:b8:0e:65:a5:
c5:7c:4b:4e:11:5c:40:41:e1:ce:d0:66:d9:93:26:89:70:08:
3c:c4:fd:81:42:75:fe:c7:78:86:50:8f:df:d1:3c:b8:0a:fc:
30:97:36:7d:88:e4:14:7f:d5:36:3f:30:02:82:f1:e8:f0:a0:
f6:be:6d:85:bd:1e:ea:73:6c:6a:c6:0e:26:6f:4c:26:f9:80:
36:1a:ee:76:bd:d6:81:51:77:eb:6d:c0:97:56:bf:53:c9:3c:
99:81:91:fa:6d:9b:00:6c:94:04:67:9f:4b:fc:43:28:76:e1:
85:8f:61:90:56:03:ea:bf:f5:65:a0:ab:44:28:39:c2:56:21:
d3:4f:51:a9:00:d2:34:21:3b:8d:7f:df:37:7b:6e:49:b4:09:
d0:3b:e5:90:d4:3d:8a:41:c9:6c:b0:14:52:1c:cc:1b:55:07:
eb:a4:aa:98:8d:bd:74:12:7e:44:88:ec:2f:17:94:a2:12:9d:
94:c9:12:d0:c2:8b:70:80:f9:fd:86:79:08:66:52:d8:eb:0b:
c6:bc:e1:c4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzFbgHKCxZKRorJuoRW7cYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU5ZDdkZDZiMjk0MGEzMzc3NDljZGZlNmNkOWMzYzY5ZDQ3NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYAClcalpc/vpCeJomTGdVj/i86Y
SnkdLQamdQ8G9bqsZuVkeFtwdkArwHG5EGWQcNEe37MdUnp3b8GncTESXl0ep4Si
B6r7WTQ9cZyzsrrmumJgfrXMUDoqBD1JCNiuup+PcpaRd7O6UuCxOJp15YTZK3wo
fC2uGuw24zdVa/XKM9pbYdjoNo3KxjqL0t0ApRJ2HLrfUfN+yUHk/P8z9HaX2KZd
4PmuaQxVYMV3fD5NeS21KR/qfRVkyBZw5Bl3zORwlkVcbAapZ5UuIraDnx7reFFi
JKDL9cUc1PB3D1PRR8j8gVu9M0pEbizUMjGiiia/cbyTztPhXqDm4VN3HQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJRZ191rKUCjN3Sc3+bNnDxp1HblMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvbEZuWDNXc3BRS00zZEp6ZjVzMmNQR25VZHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLYwAAwQC
uUkYAwQCuXAYAwQDvF7YMBsEAgACMBUDBQAqAW+AAwUDKgLDQAMFAyoFPwAwDQYJ
KoZIhvcNAQELBQADggEBAHyUvOPyqT9JluQ/x02jv87lEY8fif68J7CPMFMTn3lY
/8ojTkb/YKFa5gKYFGXdQihEuA5lpcV8S04RXEBB4c7QZtmTJolwCDzE/YFCdf7H
eIZQj9/RPLgK/DCXNn2I5BR/1TY/MAKC8ejwoPa+bYW9HupzbGrGDiZvTCb5gDYa
7na91oFRd+ttwJdWv1PJPJmBkfptmwBslARnn0v8Qyh24YWPYZBWA+q/9WWgq0Qo
OcJWIdNPUakA0jQhO41/3zd7bkm0CdA75ZDUPYpByWywFFIczBtVB+ukqpiNvXQS
fkSI7C8XlKISnZTJEtDCi3CA+f2GeQhmUtjrC8a84cQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:33:24 2024 by rpki-client on console-ams.rpki-client.org