Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/lPHZHkSqhXPw4Ae90-kkKChIaIU.roa
File: lPHZHkSqhXPw4Ae90-kkKChIaIU.roa (raw, json)
Hash identifier: MAzRf4T9YAJkbHpxJ3HgtlPNPsRxKjb96KNNKO2D3U0=
Subject key identifier: 94:F1:D9:1E:44:AA:85:73:F0:E0:07:BD:D3:E9:24:28:28:48:68:85
Certificate issuer: /CN=9d8f112756f1458dcf3e387a4be890f30ea949b3
Certificate serial: 018CC8DEA4FFD185422CEE4859B48FA3614F
Authority key identifier: 9D:8F:11:27:56:F1:45:8D:CF:3E:38:7A:4B:E8:90:F3:0E:A9:49:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/lPHZHkSqhXPw4Ae90-kkKChIaIU.roa
Signing time: Tue 02 Jan 2024 06:31:23 +0000
ROA not before: Tue 02 Jan 2024 06:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60243
IP address blocks: 185.34.49.0/24 maxlen: 24
185.34.50.0/24 maxlen: 24
185.34.48.0/24 maxlen: 24
185.34.51.0/24 maxlen: 24
2a04:5e80::/32 maxlen: 32
2a04:5e86::/32 maxlen: 32
2a04:5e85::/32 maxlen: 32
2a04:5e82::/32 maxlen: 32
2a04:5e81::/32 maxlen: 32
2a04:5e83::/32 maxlen: 32
2a04:5e84::/32 maxlen: 32
2a04:5e87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a4:ff:d1:85:42:2c:ee:48:59:b4:8f:a3:61:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8f112756f1458dcf3e387a4be890f30ea949b3
Validity
Not Before: Jan 2 06:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94f1d91e44aa8573f0e007bdd3e9242828486885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:57:6a:7e:0b:ce:56:e3:0a:19:03:36:ea:25:
bd:17:7d:df:05:e3:82:11:49:f1:76:8d:a3:d5:9b:
50:d4:5e:5b:80:c9:c7:f9:e5:e3:76:8d:2f:bb:ed:
14:d6:05:85:19:0a:8a:4f:90:b0:0b:5a:4d:f2:e5:
be:4f:cd:4f:56:01:21:f8:27:7f:db:c7:26:fe:ed:
0d:91:a4:9e:9d:11:41:33:77:b5:95:62:39:1d:68:
82:e2:a3:72:84:1d:a4:0c:e5:02:ad:f3:01:a7:51:
07:30:8d:1b:ba:84:89:1c:c1:f5:cb:cd:8a:25:e5:
38:6a:8e:ab:23:ae:bd:6b:1d:d2:17:c3:4d:cc:d9:
cf:f8:4b:18:a3:90:e9:72:1b:fc:df:a0:fa:ec:c3:
09:90:2a:86:04:6b:58:f0:0c:73:28:e6:f8:f3:5a:
53:e3:a5:83:e3:31:9d:60:da:ee:38:8a:d0:6a:13:
bf:de:da:ff:f3:ba:d3:2c:42:a0:89:ac:1b:41:1e:
00:2e:66:cf:54:7d:6a:22:f0:38:65:24:88:3b:95:
c5:0b:03:ae:e8:02:2e:4e:a5:a9:69:05:7a:2a:f8:
b8:d2:2c:73:bc:b0:95:6f:e3:60:9a:b1:e6:74:ad:
ad:a4:19:28:89:9a:2c:7f:54:21:39:0b:8f:47:d2:
55:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F1:D9:1E:44:AA:85:73:F0:E0:07:BD:D3:E9:24:28:28:48:68:85
X509v3 Authority Key Identifier:
keyid:9D:8F:11:27:56:F1:45:8D:CF:3E:38:7A:4B:E8:90:F3:0E:A9:49:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/lPHZHkSqhXPw4Ae90-kkKChIaIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.48.0/22
IPv6:
2a04:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
80:d4:4a:f0:e1:8c:47:5b:79:d0:f5:ce:ca:2f:d6:48:fd:88:
0e:7b:69:69:69:ef:71:22:86:9f:20:95:38:ee:83:d6:27:d5:
bb:72:58:70:f8:44:e4:0f:1e:c7:94:3b:6f:fc:13:65:d7:a8:
b9:61:9e:9a:09:95:ff:f3:43:11:c2:3d:10:82:ab:62:e2:0d:
9b:ee:87:88:e8:ee:74:0f:1a:24:27:7a:3d:ff:d0:35:31:b3:
ef:14:47:1c:2b:6f:34:78:a0:29:70:c8:a2:eb:77:8e:5b:9c:
8c:f8:8f:63:d7:a7:4f:8c:15:98:11:7e:4a:0a:7c:05:b0:31:
43:b6:0c:4c:23:8e:64:ee:16:c3:f7:77:33:58:d2:dd:3a:c8:
7a:c6:2c:16:b0:d5:1d:a1:6b:a7:4b:fa:63:aa:ec:fb:81:49:
8b:48:12:19:c4:91:ed:02:11:bc:38:3f:65:8c:7d:eb:1e:4e:
a0:1e:12:8e:ec:0d:af:ac:18:e4:0a:56:d1:19:69:a8:33:30:
b2:13:6a:91:e4:e0:fc:b5:af:5b:5c:2b:be:1a:76:51:0e:0f:
c6:e1:1a:b9:bb:4f:31:53:5b:22:18:f4:31:a0:99:ea:c2:f2:
a4:f2:9a:e3:81:c0:1e:2a:88:09:2c:b7:62:fe:ae:ed:5e:30:
47:2e:73:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3qT/0YVCLO5IWbSPo2FPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYxMTI3NTZmMTQ1OGRjZjNlMzg3YTRiZTg5MGYzMGVh
OTQ5YjMwHhcNMjQwMTAyMDYzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYxZDkxZTQ0YWE4NTczZjBlMDA3YmRkM2U5MjQyODI4NDg2ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkldqfgvOVuMKGQM26iW9F33fBeOC
EUnxdo2j1ZtQ1F5bgMnH+eXjdo0vu+0U1gWFGQqKT5CwC1pN8uW+T81PVgEh+Cd/
28cm/u0NkaSenRFBM3e1lWI5HWiC4qNyhB2kDOUCrfMBp1EHMI0buoSJHMH1y82K
JeU4ao6rI669ax3SF8NNzNnP+EsYo5Dpchv836D67MMJkCqGBGtY8AxzKOb481pT
46WD4zGdYNruOIrQahO/3tr/87rTLEKgiawbQR4ALmbPVH1qIvA4ZSSIO5XFCwOu
6AIuTqWpaQV6Kvi40ixzvLCVb+NgmrHmdK2tpBkoiZosf1QhOQuPR9JV8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJTx2R5EqoVz8OAHvdPpJCgoSGiFMB8GA1UdIwQY
MBaAFJ2PESdW8UWNzz44ekvokPMOqUmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4UkoxYnhSWTNQUGpoNlMtaVE4dzZwU2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83YTZlMjEtZDQwYi00ZWViLWIzY2It
MDBlZDkwMjY5YmI0LzEvbFBIWkhrU3FoWFB3NEFlOTAta2tLQ2hJYUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83YTZlMjEtZDQwYi00ZWViLWIzY2ItMDBlZDkwMjY5YmI0
LzEvblk4UkoxYnhSWTNQUGpoNlMtaVE4dzZwU2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIwMA0E
AgACMAcDBQMqBF6AMA0GCSqGSIb3DQEBCwUAA4IBAQCA1Erw4YxHW3nQ9c7KL9ZI
/YgOe2lpae9xIoafIJU47oPWJ9W7clhw+ETkDx7HlDtv/BNl16i5YZ6aCZX/80MR
wj0Qgqti4g2b7oeI6O50DxokJ3o9/9A1MbPvFEccK280eKApcMii63eOW5yM+I9j
16dPjBWYEX5KCnwFsDFDtgxMI45k7hbD93czWNLdOsh6xiwWsNUdoWunS/pjquz7
gUmLSBIZxJHtAhG8OD9ljH3rHk6gHhKO7A2vrBjkClbRGWmoMzCyE2qR5OD8ta9b
XCu+GnZRDg/G4Rq5u08xU1siGPQxoJnqwvKk8prjgcAeKogJLLdi/q7tXjBHLnMD
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:30 2024 by rpki-client on console-ams.rpki-client.org