Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/LUoRdNd7OUNidWKpI-Q4rXmUBNQ.roa
File: LUoRdNd7OUNidWKpI-Q4rXmUBNQ.roa (raw, json)
Hash identifier: ap5EBVX8w9EJ37Ed/2jDtcdGlwVG+YSJDBGfLzLdWtw=
Subject key identifier: 2D:4A:11:74:D7:7B:39:43:62:75:62:A9:23:E4:38:AD:79:94:04:D4
Certificate issuer: /CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Certificate serial: 018CC8011F4C344C4740C9A13B4B1D6A957A
Authority key identifier: C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/LUoRdNd7OUNidWKpI-Q4rXmUBNQ.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197889
IP address blocks: 85.119.8.0/21 maxlen: 21
185.223.16.0/23 maxlen: 23
185.223.18.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1f:4c:34:4c:47:40:c9:a1:3b:4b:1d:6a:95:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d4a1174d77b3943627562a923e438ad799404d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c4:c3:fd:ac:f5:74:a5:f6:de:8a:13:55:ea:
6c:fc:32:cb:1b:c9:3e:3a:a4:e0:8e:d7:9d:ee:d6:
0d:08:df:88:ae:4f:ae:67:86:2b:3a:48:17:9b:02:
b3:d3:c9:64:bc:a6:9f:07:2c:af:ce:10:cc:4a:e7:
8b:f9:b7:29:8b:ed:cf:5d:48:09:6b:5d:15:1a:e1:
ca:be:63:bf:57:96:16:6c:29:06:de:b1:12:02:d1:
31:dd:c2:05:42:80:32:ab:4e:a8:74:81:41:15:54:
61:03:29:db:ea:7b:de:0e:02:a1:76:36:c8:84:2c:
ce:fd:e1:ab:ea:b3:73:88:27:39:41:73:6a:fb:4e:
7d:f3:ad:52:d2:9b:e7:a8:41:33:91:7e:f4:86:9d:
ce:0e:35:49:cf:b7:21:dc:e8:4e:30:b5:43:2f:ec:
15:48:cb:78:9c:cf:04:b4:87:78:f0:4d:6d:76:3d:
bf:94:94:89:75:2d:aa:57:06:ec:eb:04:bf:9d:75:
05:d2:63:1f:89:20:2e:2f:fa:4e:c5:5e:e4:1b:d2:
e5:e6:48:b9:47:b1:29:f7:8e:94:5d:4e:65:d0:f2:
e5:93:97:11:62:a9:c0:06:a9:9e:b5:55:7f:5d:4a:
d2:f8:06:01:6b:ec:ca:0d:03:08:d2:ca:af:a2:c1:
06:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4A:11:74:D7:7B:39:43:62:75:62:A9:23:E4:38:AD:79:94:04:D4
X509v3 Authority Key Identifier:
keyid:C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/LUoRdNd7OUNidWKpI-Q4rXmUBNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.8.0/21
185.223.16.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:a1:75:32:b9:18:12:41:52:e9:ec:d2:0c:7b:fd:7e:23:71:
8e:30:28:40:0c:d4:ea:f6:6f:48:d6:05:75:24:9a:93:6f:a2:
1e:49:dc:72:c3:0c:a4:c6:d7:4f:8e:98:89:2d:8c:ad:6e:07:
fc:6c:f8:9c:25:18:1a:11:d9:93:d2:f4:35:7d:1f:bb:60:bd:
45:f7:79:f7:37:13:d8:2c:8a:0a:8a:36:53:b0:73:25:14:01:
a0:67:c5:85:9d:79:86:2a:ae:44:b1:85:85:9a:98:5e:49:71:
63:74:3c:15:0d:82:6f:71:7a:47:86:80:73:54:f6:cd:9e:23:
a3:24:09:c0:82:16:49:41:52:97:70:b3:a4:39:48:ed:fa:7c:
2f:1f:e8:53:a0:07:f3:b3:a4:b3:8c:14:82:23:c5:df:6d:6b:
b3:56:b7:69:31:a9:80:d9:df:70:94:68:bd:52:89:cc:08:6a:
a0:42:0a:a1:46:e6:bb:50:92:78:65:cc:cb:39:af:8a:f0:1b:
66:6d:61:5e:c1:6d:40:9c:03:09:24:f1:53:fa:d6:2a:82:5e:
f0:ac:f6:91:be:80:c9:e0:54:0a:48:b8:21:69:88:f5:85:61:
8e:10:11:dc:c4:44:4b:c8:bb:85:72:63:b1:03:1a:3e:de:68:
9b:6f:c6:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAR9MNExHQMmhO0sdapV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVhYTcwMzQyNTBhYjFhODc4OWFjODZjYzBlZWYzYmZj
OWRiNWYwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRhMTE3NGQ3N2IzOTQzNjI3NTYyYTkyM2U0MzhhZDc5OTQwNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8TD/az1dKX23ooTVeps/DLLG8k+
OqTgjted7tYNCN+Irk+uZ4YrOkgXmwKz08lkvKafByyvzhDMSueL+bcpi+3PXUgJ
a10VGuHKvmO/V5YWbCkG3rESAtEx3cIFQoAyq06odIFBFVRhAynb6nveDgKhdjbI
hCzO/eGr6rNziCc5QXNq+059861S0pvnqEEzkX70hp3ODjVJz7ch3OhOMLVDL+wV
SMt4nM8EtId48E1tdj2/lJSJdS2qVwbs6wS/nXUF0mMfiSAuL/pOxV7kG9Ll5ki5
R7Ep946UXU5l0PLlk5cRYqnABqmetVV/XUrS+AYBa+zKDQMI0sqvosEGfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC1KEXTXezlDYnViqSPkOK15lATUMB8GA1UdIwQY
MBaAFMjVqnA0JQqxqHiayGzA7vO/ydtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDIt
MmQ3MmYyMzE5M2RiLzEvTFVvUmROZDdPVU5pZFdLcEktUTRyWG1VQk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDItMmQ3MmYyMzE5M2Ri
LzEveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVXcIAwQC
ud8QMA0GCSqGSIb3DQEBCwUAA4IBAQBsoXUyuRgSQVLp7NIMe/1+I3GOMChADNTq
9m9I1gV1JJqTb6IeSdxywwykxtdPjpiJLYytbgf8bPicJRgaEdmT0vQ1fR+7YL1F
93n3NxPYLIoKijZTsHMlFAGgZ8WFnXmGKq5EsYWFmpheSXFjdDwVDYJvcXpHhoBz
VPbNniOjJAnAghZJQVKXcLOkOUjt+nwvH+hToAfzs6SzjBSCI8XfbWuzVrdpMamA
2d9wlGi9UonMCGqgQgqhRua7UJJ4ZczLOa+K8BtmbWFewW1AnAMJJPFT+tYqgl7w
rPaRvoDJ4FQKSLghaYj1hWGOEBHcxERLyLuFcmOxAxo+3mibb8bD
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:43 2024 by rpki-client on console-fra.rpki-client.org