Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lllDrU5jdAhiuU5GIPfGFOwgjDg.roa
File: lllDrU5jdAhiuU5GIPfGFOwgjDg.roa (raw, json)
Hash identifier: NCdJoO7K+iMdLyLy5z43wxUhEghYHmQ48Phly5NSNq4=
Subject key identifier: 96:59:43:AD:4E:63:74:08:62:B9:4E:46:20:F7:C6:14:EC:20:8C:38
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018F00C914998463AB728EE341E61458338B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lllDrU5jdAhiuU5GIPfGFOwgjDg.roa
Signing time: Sun 21 Apr 2024 13:12:09 +0000
ROA not before: Sun 21 Apr 2024 13:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.38.0/24 maxlen: 24
147.45.39.0/24 maxlen: 24
147.45.61.0/24 maxlen: 24
147.45.62.0/24 maxlen: 24
147.45.63.0/24 maxlen: 24
147.45.88.0/21 maxlen: 21
147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
147.45.127.0/24 maxlen: 24
147.45.205.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.124.0/22 maxlen: 22
193.233.170.0/24 maxlen: 24
193.233.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:00:c9:14:99:84:63:ab:72:8e:e3:41:e6:14:58:33:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 21 13:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=965943ad4e63740862b94e4620f7c614ec208c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:ab:66:85:0e:22:d1:3d:cb:94:82:ea:76:
b3:c6:32:0d:f1:0f:71:48:9f:fe:84:c9:79:4a:27:
7d:ce:9e:4a:19:12:2f:69:dd:d0:c3:1c:2e:73:b5:
d4:c6:2d:43:6a:1b:a4:29:29:43:f0:e5:df:d7:ae:
a6:55:f4:5d:36:a5:9f:d1:9f:91:03:42:b5:19:6f:
c2:29:9e:03:66:77:07:2b:c6:52:dd:3a:21:72:d0:
57:9b:b4:ec:93:8f:84:11:0e:04:f8:ab:cc:85:d1:
85:2e:5c:af:ea:cd:e0:cb:84:06:eb:15:b2:aa:66:
78:10:93:7b:c2:46:23:54:e4:35:4b:5d:0c:db:b1:
b2:17:93:ca:03:91:38:d2:03:55:b1:b2:70:8c:39:
c8:d9:6a:be:f9:04:d6:4b:9c:79:38:21:56:01:0f:
cf:6f:4c:dd:31:c5:a0:1a:76:3c:42:10:29:3b:3f:
56:ad:c5:32:61:27:7a:72:df:8e:16:c1:68:db:15:
53:4e:d2:6b:3a:0a:80:37:cb:bf:a3:75:1d:4d:f1:
a4:7e:c1:20:49:ee:08:06:be:59:b9:29:4f:08:d8:
6c:68:ad:79:3d:9f:c8:5e:69:78:83:44:88:98:1f:
74:1e:93:cb:b7:80:85:97:d8:4e:16:60:9b:7e:b2:
b5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:59:43:AD:4E:63:74:08:62:B9:4E:46:20:F7:C6:14:EC:20:8C:38
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lllDrU5jdAhiuU5GIPfGFOwgjDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.38.0/23
147.45.61.0-147.45.63.255
147.45.88.0/21
147.45.117.0-147.45.123.255
147.45.127.0/24
147.45.205.0/24
193.233.60.0/24
193.233.62.0/24
193.233.124.0/22
193.233.170.0/24
193.233.236.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a9:6c:d0:94:a4:74:72:a3:1e:2b:91:0e:06:12:c4:d0:63:
cb:8e:b5:c0:bb:77:d9:07:24:1f:2b:26:2a:f5:06:1a:37:db:
a7:05:68:c4:03:e2:74:1f:a1:a6:3d:3f:dc:3a:d5:5f:e1:5f:
a4:84:47:ba:b8:1d:19:0f:cb:8b:ca:14:b0:3b:0f:11:b7:15:
d4:88:78:2e:08:47:84:d8:78:28:b4:6b:5d:5e:ea:66:b5:b2:
e8:4e:50:4c:6e:1a:3d:05:73:f5:a7:f4:bb:2d:9a:5c:1e:29:
8d:d7:27:6f:6d:6d:22:5a:27:fc:22:2b:75:a5:65:42:8f:8c:
16:e3:40:d2:6c:45:e3:a3:e9:32:a2:02:a8:c8:68:c7:19:9e:
23:02:93:32:62:46:73:31:9a:52:a7:10:b6:67:f2:7f:70:f0:
76:d2:f2:46:4d:56:20:6a:bb:e0:64:d5:86:d1:0a:b3:e4:6a:
8d:e7:9c:6b:8f:48:d2:8f:4d:28:78:20:c1:3d:fe:24:70:98:
c9:75:47:f3:8a:8f:6c:2a:00:3c:ff:2f:45:6a:5b:0b:bd:e5:
a9:be:ea:1c:1a:20:18:24:e5:23:40:03:22:3d:b1:6a:7e:18:
7c:2e:f6:ed:6a:90:3c:35:56:d4:db:a3:c7:40:38:68:de:d4:
47:f8:59:f4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY8AyRSZhGOrco7jQeYUWDOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDIxMTMxMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjU5NDNhZDRlNjM3NDA4NjJiOTRlNDYyMGY3YzYxNGVjMjA4YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxGrZoUOItE9y5SC6nazxjIN8Q9x
SJ/+hMl5Sid9zp5KGRIvad3Qwxwuc7XUxi1DahukKSlD8OXf166mVfRdNqWf0Z+R
A0K1GW/CKZ4DZncHK8ZS3TohctBXm7Tsk4+EEQ4E+KvMhdGFLlyv6s3gy4QG6xWy
qmZ4EJN7wkYjVOQ1S10M27GyF5PKA5E40gNVsbJwjDnI2Wq++QTWS5x5OCFWAQ/P
b0zdMcWgGnY8QhApOz9WrcUyYSd6ct+OFsFo2xVTTtJrOgqAN8u/o3UdTfGkfsEg
Se4IBr5ZuSlPCNhsaK15PZ/IXml4g0SImB90HpPLt4CFl9hOFmCbfrK1EQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFJZZQ61OY3QIYrlORiD3xhTsIIw4MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbGxsRHJVNWpkQWhpdVU1R0lQZkdGT3dnakRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBky0mMAwD
BACTLT0DBAaTLQADBAOTLVgwDAMEAJMtdQMEApMteAMEAJMtfwMEAJMtzQMEAMHp
PAMEAMHpPgMEAsHpfAMEAMHpqgMEAMHp7DANBgkqhkiG9w0BAQsFAAOCAQEAGKls
0JSkdHKjHiuRDgYSxNBjy461wLt32QckHysmKvUGGjfbpwVoxAPidB+hpj0/3DrV
X+FfpIRHurgdGQ/Li8oUsDsPEbcV1Ih4LghHhNh4KLRrXV7qZrWy6E5QTG4aPQVz
9af0uy2aXB4pjdcnb21tIlon/CIrdaVlQo+MFuNA0mxF46PpMqICqMhoxxmeIwKT
MmJGczGaUqcQtmfyf3DwdtLyRk1WIGq74GTVhtEKs+Rqjeeca49I0o9NKHggwT3+
JHCYyXVH84qPbCoAPP8vRWpbC73lqb7qHBogGCTlI0ADIj2xan4YfC727WqQPDVW
1Nujx0A4aN7UR/hZ9A==
-----END CERTIFICATE-----
Generated at Sun May 5 00:16:14 2024 by rpki-client on console-ams.rpki-client.org