Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/LSilrmrxPp762MenUw8eQG1dpDQ.roa
File: LSilrmrxPp762MenUw8eQG1dpDQ.roa (raw, json)
Hash identifier: N3RpDlrEloSqs/Ni3QJV/BFuhIS8wjcdED+rtr1hky8=
Subject key identifier: 2D:28:A5:AE:6A:F1:3E:9E:FA:D8:C7:A7:53:0F:1E:40:6D:5D:A4:34
Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398
Certificate serial: 018CC3B6AE2AA2E176C9623C00491A38FA6C
Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/LSilrmrxPp762MenUw8eQG1dpDQ.roa
Signing time: Mon 01 Jan 2024 06:29:38 +0000
ROA not before: Mon 01 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 192.41.132.0/22 maxlen: 22
130.60.0.0/16 maxlen: 16
192.41.136.0/24 maxlen: 24
185.207.116.0/24 maxlen: 24
185.207.118.0/23 maxlen: 24
185.207.117.0/24 maxlen: 24
192.12.247.0/24 maxlen: 24
89.206.64.0/18 maxlen: 18
2001:67c:16dc::/48 maxlen: 48
2a0b:2040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ae:2a:a2:e1:76:c9:62:3c:00:49:1a:38:fa:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398
Validity
Not Before: Jan 1 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d28a5ae6af13e9efad8c7a7530f1e406d5da434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:1c:db:99:c8:8e:5b:e5:b8:9f:f6:34:32:
93:c2:37:38:73:45:d2:0e:df:90:11:bb:bb:c1:a7:
df:78:a9:e0:d6:d2:20:e5:01:e4:8c:7e:a9:ca:dd:
ed:62:26:4f:66:f6:46:16:55:ee:cc:c3:2b:01:c7:
72:19:34:20:09:84:3b:b9:2d:18:4c:85:56:8c:cb:
1f:13:d8:41:48:43:35:b6:13:4a:5d:17:2f:f2:27:
ef:14:b4:eb:f4:5c:c5:29:37:f8:9f:4b:96:c9:55:
02:13:c6:a2:45:af:55:91:77:18:59:79:d5:24:1c:
54:ef:c9:c8:42:09:b3:31:07:f4:dd:82:11:20:84:
c1:ac:29:02:89:f9:d5:fb:cc:ce:86:5d:de:29:c7:
2c:95:b6:1d:8d:0a:a2:53:9f:13:d1:15:09:42:bc:
d8:15:b2:2b:be:76:58:90:e8:ff:63:f7:ad:37:2a:
5e:aa:af:6b:07:6e:95:8c:65:84:89:3f:8a:10:28:
97:23:6e:41:ab:e2:2f:ed:ac:8b:59:e6:32:53:86:
16:5e:0a:e5:d4:ec:2b:60:72:ea:88:d8:72:41:52:
8c:0f:02:a6:00:ca:10:e5:c6:db:91:5a:f3:a9:70:
9f:ed:c2:ab:a3:08:2f:b4:b5:68:7b:c3:5a:1c:53:
84:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:28:A5:AE:6A:F1:3E:9E:FA:D8:C7:A7:53:0F:1E:40:6D:5D:A4:34
X509v3 Authority Key Identifier:
keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/LSilrmrxPp762MenUw8eQG1dpDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.206.64.0/18
130.60.0.0/16
185.207.116.0/22
192.12.247.0/24
192.41.132.0-192.41.136.255
IPv6:
2001:67c:16dc::/48
2a0b:2040::/29
Signature Algorithm: sha256WithRSAEncryption
00:78:84:0c:96:75:30:43:cb:ac:0d:08:88:ff:67:df:13:be:
4a:e5:53:13:db:18:19:8c:20:81:cd:de:3b:e7:d0:ba:f3:7d:
b9:97:b1:63:1a:2d:4a:53:4e:3a:e7:bd:83:5b:30:17:e7:82:
43:c1:0b:25:d3:99:86:ae:6c:65:9c:81:47:df:78:bf:9b:d2:
3f:8d:d0:bc:9d:4e:7b:f9:2b:10:87:b9:4e:46:1f:38:50:1d:
be:55:54:40:11:70:f2:d9:8b:f9:9b:7a:ae:a2:e8:13:9c:96:
31:db:95:ed:69:24:5c:1f:b8:6b:03:fc:c6:4d:9b:fc:83:ef:
c0:32:03:7f:eb:83:07:b8:f4:52:44:d6:2c:f2:ec:31:19:74:
a6:95:3e:97:16:af:79:35:b4:ef:80:46:7c:f8:f8:34:c6:d6:
62:e8:9e:da:ed:b8:42:9b:20:78:8e:6f:b6:b5:40:8e:75:1e:
1c:ec:70:41:ab:0d:75:f3:f1:24:78:e0:02:54:19:33:ac:ba:
97:de:16:f7:dc:b1:4b:a5:c2:a3:27:e2:c6:9b:b3:35:7b:77:
97:da:b4:a1:19:7c:ce:2a:f4:18:eb:f2:93:17:3c:16:40:a4:
0e:dd:b1:a7:ee:f6:84:9d:c8:ec:50:89:d5:b7:bb:08:57:ef:
6b:d2:88:6b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzDtq4qouF2yWI8AEkaOPpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj
YTAzOTgwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI4YTVhZTZhZjEzZTllZmFkOGM3YTc1MzBmMWU0MDZkNWRhNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT4c25nIjlvluJ/2NDKTwjc4c0XS
Dt+QEbu7waffeKng1tIg5QHkjH6pyt3tYiZPZvZGFlXuzMMrAcdyGTQgCYQ7uS0Y
TIVWjMsfE9hBSEM1thNKXRcv8ifvFLTr9FzFKTf4n0uWyVUCE8aiRa9VkXcYWXnV
JBxU78nIQgmzMQf03YIRIITBrCkCifnV+8zOhl3eKccslbYdjQqiU58T0RUJQrzY
FbIrvnZYkOj/Y/etNypeqq9rB26VjGWEiT+KECiXI25Bq+Iv7ayLWeYyU4YWXgrl
1OwrYHLqiNhyQVKMDwKmAMoQ5cbbkVrzqXCf7cKrowgvtLVoe8NaHFOE5wIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFC0opa5q8T6e+tjHp1MPHkBtXaQ0MB8GA1UdIwQY
MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt
OWJmOGIxZWYyZTk2LzEvTFNpbHJtcnhQcDc2Mk1lblV3OGVRRzFkcERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2
LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTArBAIAATAlAwQGWc5AAwMA
gjwDBAK5z3QDBADADPcwDAMEAsAphAMEAMApiDAWBAIAAjAQAwcAIAEGfBbcAwUD
KgsgQDANBgkqhkiG9w0BAQsFAAOCAQEAAHiEDJZ1MEPLrA0IiP9n3xO+SuVTE9sY
GYwggc3eO+fQuvN9uZexYxotSlNOOue9g1swF+eCQ8ELJdOZhq5sZZyBR994v5vS
P43QvJ1Oe/krEIe5TkYfOFAdvlVUQBFw8tmL+Zt6rqLoE5yWMduV7WkkXB+4awP8
xk2b/IPvwDIDf+uDB7j0UkTWLPLsMRl0ppU+lxaveTW074BGfPj4NMbWYuie2u24
QpsgeI5vtrVAjnUeHOxwQasNdfPxJHjgAlQZM6y6l94W99yxS6XCoyfixpuzNXt3
l9q0oRl8zir0GOvykxc8FkCkDt2xp+72hJ3I7FCJ1be7CFfva9KIaw==
-----END CERTIFICATE-----
Generated at Wed May 22 23:40:48 2024 by rpki-client on console-fra.rpki-client.org