Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/lSwJb7yyeRQEyKRSK-_LjQgCv08.roa
File: lSwJb7yyeRQEyKRSK-_LjQgCv08.roa (raw, json)
Hash identifier: XrbfcUxabeRE8z896Xmn8twdov4o110qzGA3ZP7f83Q=
Subject key identifier: 95:2C:09:6F:BC:B2:79:14:04:C8:A4:52:2B:EF:CB:8D:08:02:BF:4F
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018CC3B70F3373FF1EAA818808C88B620A35
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/lSwJb7yyeRQEyKRSK-_LjQgCv08.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.87.218.0/24 maxlen: 28
185.87.219.0/24 maxlen: 24
2a13:85c0::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0f:33:73:ff:1e:aa:81:88:08:c8:8b:62:0a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=952c096fbcb2791404c8a4522befcb8d0802bf4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3f:ac:0b:0f:db:63:4f:71:d1:02:46:f5:81:
46:e3:59:b4:ae:2b:2a:5c:ab:28:cb:fa:e7:81:e1:
4e:88:7d:64:26:92:99:d9:6a:e7:9e:f7:cb:e9:fb:
9d:d9:0b:82:3e:f2:14:eb:c4:db:2c:8e:68:9f:ea:
8a:3c:0b:89:92:7c:40:e5:5a:24:e2:bc:91:30:47:
0c:5d:57:d1:76:33:39:36:cc:f3:e1:34:c8:6a:e0:
1a:27:f4:54:4a:d8:14:09:2d:f8:b1:33:85:47:70:
11:93:0d:48:4b:3a:13:37:73:4a:58:55:f0:cb:c2:
2a:e8:ae:43:98:14:76:f2:42:48:70:0f:59:17:73:
49:36:79:fe:6e:3a:8e:05:9a:ea:de:30:be:e0:2e:
15:4b:c0:b8:4a:46:31:28:3c:c7:73:91:2b:6b:84:
fc:07:f9:52:41:cb:f5:ff:ab:7b:b2:13:12:ac:58:
2d:2c:c9:9c:41:91:af:f6:b8:da:bc:1e:93:dd:ba:
5a:1d:3a:4a:9a:90:ee:97:75:2b:94:a3:19:f6:c5:
66:50:55:34:09:50:6d:df:3f:1d:3e:e5:0b:03:9b:
45:0c:66:8c:ac:f7:66:e2:5f:82:16:81:2b:3b:b5:
7d:c0:0c:1e:6c:4c:f5:fd:06:1d:08:ee:0b:43:31:
17:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2C:09:6F:BC:B2:79:14:04:C8:A4:52:2B:EF:CB:8D:08:02:BF:4F
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/lSwJb7yyeRQEyKRSK-_LjQgCv08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/23
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
50:c4:2f:aa:3a:c5:7a:33:f9:b4:26:0d:bf:6f:96:0d:06:fb:
98:28:e1:98:56:2f:f3:25:7e:d0:7e:6f:7c:48:74:46:1c:a2:
40:ec:de:3d:f4:ce:85:9a:4b:09:6b:f4:db:4f:2e:44:b6:2c:
58:2e:09:cc:41:1a:13:cb:ea:2d:81:1c:39:d0:64:c1:1d:9f:
3c:77:1f:30:25:5f:51:da:2c:a0:3a:82:52:99:e2:62:23:71:
ae:17:05:57:8f:4f:4e:26:6e:90:aa:fa:d8:30:e6:1e:c0:5a:
7c:a9:c4:bf:a0:97:20:56:9a:20:c3:cb:13:ef:1a:e7:25:4c:
c0:74:ec:fb:1b:0e:66:95:e0:77:cd:9a:63:43:80:bf:6b:32:
be:d7:3d:5e:8a:c7:20:e6:38:c9:5d:22:45:a4:c9:24:ca:df:
d3:29:f5:45:5c:fe:c0:b6:56:12:cc:c5:d4:80:a0:00:f2:6a:
0f:d6:48:5d:66:28:66:0a:2c:38:69:9d:08:c2:04:17:6e:be:
64:d4:c5:6f:3e:5b:b2:82:18:0f:9d:de:80:c4:59:02:2a:e1:
d8:93:95:8b:08:20:fc:94:fa:1d:5a:62:d1:f8:31:3e:a4:da:
59:d7:f9:f0:85:7a:34:09:5a:90:3c:96:f1:d1:81:4d:ce:ff:
bc:36:86:cc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDtw8zc/8eqoGICMiLYgo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJjMDk2ZmJjYjI3OTE0MDRjOGE0NTIyYmVmY2I4ZDA4MDJiZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT+sCw/bY09x0QJG9YFG41m0risq
XKsoy/rngeFOiH1kJpKZ2WrnnvfL6fud2QuCPvIU68TbLI5on+qKPAuJknxA5Vok
4ryRMEcMXVfRdjM5Nszz4TTIauAaJ/RUStgUCS34sTOFR3ARkw1ISzoTN3NKWFXw
y8Iq6K5DmBR28kJIcA9ZF3NJNnn+bjqOBZrq3jC+4C4VS8C4SkYxKDzHc5Era4T8
B/lSQcv1/6t7shMSrFgtLMmcQZGv9rjavB6T3bpaHTpKmpDul3UrlKMZ9sVmUFU0
CVBt3z8dPuULA5tFDGaMrPdm4l+CFoErO7V9wAwebEz1/QYdCO4LQzEXKwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJUsCW+8snkUBMikUivvy40IAr9PMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvbFN3SmI3eXllUlFFeUtSU0stX0xqUWdDdjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEAUMQvqjrFejP5tCYNv2+W
DQb7mCjhmFYv8yV+0H5vfEh0RhyiQOzePfTOhZpLCWv0208uRLYsWC4JzEEaE8vq
LYEcOdBkwR2fPHcfMCVfUdosoDqCUpniYiNxrhcFV49PTiZukKr62DDmHsBafKnE
v6CXIFaaIMPLE+8a5yVMwHTs+xsOZpXgd82aY0OAv2syvtc9XorHIOY4yV0iRaTJ
JMrf0yn1RVz+wLZWEszF1ICgAPJqD9ZIXWYoZgosOGmdCMIEF26+ZNTFbz5bsoIY
D53egMRZAirh2JOViwgg/JT6HVpi0fgxPqTaWdf58IV6NAlakDyW8dGBTc7/vDaG
zA==
-----END CERTIFICATE-----
Generated at Wed May 1 20:55:28 2024 by rpki-client on console-ams.rpki-client.org