Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/lUEf2ZF60RovqgZ-6WHCRzej5HQ.roa
File: lUEf2ZF60RovqgZ-6WHCRzej5HQ.roa (raw, json)
Hash identifier: Nns0maqLi93vX9AiuGHCp/6qd4QtSd6igAVgWcHJYMg=
Subject key identifier: 95:41:1F:D9:91:7A:D1:1A:2F:AA:06:7E:E9:61:C2:47:37:A3:E4:74
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 018CC500744C906AB31AEB5CA32EEBEE70F3
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/lUEf2ZF60RovqgZ-6WHCRzej5HQ.roa
Signing time: Mon 01 Jan 2024 12:29:50 +0000
ROA not before: Mon 01 Jan 2024 12:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 185.145.60.0/22 maxlen: 22
195.93.238.0/23 maxlen: 23
91.199.58.0/24 maxlen: 24
87.236.96.0/21 maxlen: 21
2a02:cc8::/32 maxlen: 32
2a02:cc9::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:74:4c:90:6a:b3:1a:eb:5c:a3:2e:eb:ee:70:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Jan 1 12:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95411fd9917ad11a2faa067ee961c24737a3e474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:53:36:cb:a5:9e:e7:13:a0:5f:4b:88:b2:
fd:df:7a:8b:fc:e6:a7:ea:9b:bf:11:81:ae:ef:21:
ac:39:9d:b5:92:d3:3e:62:e8:d9:bd:9b:54:29:22:
6a:51:d3:1b:c2:e5:24:81:bd:ef:80:c6:a8:e7:79:
4a:01:41:ab:fb:a6:9f:84:d1:43:19:9b:af:f4:53:
fa:5b:54:64:b6:c3:2a:0a:ff:bc:8b:ed:45:3b:a4:
c7:1b:21:41:05:8d:41:69:68:f6:ae:6b:bb:29:00:
92:7c:27:75:b5:e4:f4:bf:09:c3:96:69:ca:cd:37:
13:7c:00:02:56:c1:3b:19:a3:9b:7f:af:fd:8b:7c:
5b:09:19:db:8f:28:6a:55:0e:5d:26:a0:6a:c3:03:
f8:74:cd:86:90:5f:51:c9:71:53:cf:af:44:85:db:
7b:75:50:10:28:16:6c:4c:75:2e:1e:98:19:74:2b:
28:13:2c:97:dc:30:c3:35:98:61:4b:6d:d9:a3:e5:
3e:26:ca:6b:28:40:1b:2b:25:fd:39:c7:fc:40:93:
44:ff:77:85:12:ac:7f:14:61:f6:3a:d8:a8:10:d1:
6c:74:41:11:a9:64:7d:87:51:46:cf:a3:34:95:07:
93:e0:43:c2:e2:15:cb:8c:64:f7:b7:30:66:1d:2c:
61:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:41:1F:D9:91:7A:D1:1A:2F:AA:06:7E:E9:61:C2:47:37:A3:E4:74
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/lUEf2ZF60RovqgZ-6WHCRzej5HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.96.0/21
91.199.58.0/24
185.145.60.0/22
195.93.238.0/23
IPv6:
2a02:cc8::/31
Signature Algorithm: sha256WithRSAEncryption
31:c2:d8:55:8f:3f:bb:02:4a:c6:01:16:87:79:a8:eb:a6:a0:
78:c3:c0:e4:06:70:71:da:e3:c5:39:40:ae:24:cb:35:2d:40:
07:90:aa:e2:90:e6:54:f5:16:0f:7b:4b:94:b0:4b:15:01:93:
fd:24:27:8c:3a:1a:cf:21:f5:bd:4a:53:91:ef:c3:12:9f:87:
4b:ff:0d:21:0d:bb:0b:ba:fc:1e:08:f9:a1:f7:e8:82:52:7b:
dd:d0:28:24:6d:d9:0a:83:d2:15:33:eb:52:9e:29:29:4b:9f:
a8:11:e2:bc:3f:34:d3:96:1d:0b:bf:e9:8e:42:c1:0d:29:2d:
aa:bc:b7:5d:5b:28:53:03:1f:36:88:4a:80:84:dd:6c:cf:2f:
27:28:77:b9:2d:d5:dd:ee:ca:8a:a1:ad:30:65:ea:cc:85:ba:
d1:1d:1f:be:43:7f:b5:8f:6e:64:d1:7b:99:f9:b9:f0:e1:e0:
fd:e2:bf:ca:0a:81:81:6d:82:21:f2:fc:81:b6:89:e4:8d:d6:
99:97:5d:38:d0:c0:6b:0d:cc:2a:ad:9d:45:b7:14:f1:71:b1:
f8:9e:9b:62:fe:96:ff:6f:12:68:50:32:ad:d7:89:37:93:3e:
5c:96:30:7d:42:8d:76:40:bf:14:dd:70:79:6e:8f:32:ab:11:
eb:ef:0b:09
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFAHRMkGqzGutcoy7r7nDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3
Y2EyOGUwHhcNMjQwMTAxMTIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQxMWZkOTkxN2FkMTFhMmZhYTA2N2VlOTYxYzI0NzM3YTNlNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZBTNsulnucToF9LiLL933qL/Oan
6pu/EYGu7yGsOZ21ktM+YujZvZtUKSJqUdMbwuUkgb3vgMao53lKAUGr+6afhNFD
GZuv9FP6W1RktsMqCv+8i+1FO6THGyFBBY1BaWj2rmu7KQCSfCd1teT0vwnDlmnK
zTcTfAACVsE7GaObf6/9i3xbCRnbjyhqVQ5dJqBqwwP4dM2GkF9RyXFTz69Ehdt7
dVAQKBZsTHUuHpgZdCsoEyyX3DDDNZhhS23Zo+U+JsprKEAbKyX9Ocf8QJNE/3eF
Eqx/FGH2OtioENFsdEERqWR9h1FGz6M0lQeT4EPC4hXLjGT3tzBmHSxhbQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJVBH9mRetEaL6oGfulhwkc3o+R0MB8GA1UdIwQY
MBaAFPjdeuEtKjfyGqxvgbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNm
LTJiNGEzNTM4YzVlMy8xL2xVRWYyWkY2MFJvdnFnWi02V0hDUnplajVIUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVl
My8xLzEtTjE2NFMwcU5fSWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBANX7GAD
BABbxzoDBAK5kTwDBAHDXe4wDQQCAAIwBwMFASoCDMgwDQYJKoZIhvcNAQELBQAD
ggEBADHC2FWPP7sCSsYBFod5qOumoHjDwOQGcHHa48U5QK4kyzUtQAeQquKQ5lT1
Fg97S5SwSxUBk/0kJ4w6Gs8h9b1KU5HvwxKfh0v/DSENuwu6/B4I+aH36IJSe93Q
KCRt2QqD0hUz61KeKSlLn6gR4rw/NNOWHQu/6Y5CwQ0pLaq8t11bKFMDHzaISoCE
3WzPLycod7kt1d3uyoqhrTBl6syFutEdH75Df7WPbmTRe5n5ufDh4P3iv8oKgYFt
giHy/IG2ieSN1pmXXTjQwGsNzCqtnUW3FPFxsfiem2L+lv9vEmhQMq3XiTeTPlyW
MH1CjXZAvxTdcHlujzKrEevvCwk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:38:30 2024 by rpki-client on console-fra.rpki-client.org