Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/lN8Lc53ZWBNC6b7Urx9R32BBkX8.roa
File: lN8Lc53ZWBNC6b7Urx9R32BBkX8.roa (raw, json)
Hash identifier: FFrzyBAy0b8coQCrj+O+xzIp/rl0/tLVEYxfL55Ion4=
Subject key identifier: 94:DF:0B:73:9D:D9:58:13:42:E9:BE:D4:AF:1F:51:DF:60:41:91:7F
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 018CC5DBE7809DB0442B8BDCB63F95376922
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/lN8Lc53ZWBNC6b7Urx9R32BBkX8.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210055
IP address blocks: 185.214.170.0/24 maxlen: 24
176.119.132.0/22 maxlen: 22
176.119.132.0/24 maxlen: 24
185.214.171.0/24 maxlen: 24
176.119.135.0/24 maxlen: 24
176.119.134.0/24 maxlen: 24
176.119.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e7:80:9d:b0:44:2b:8b:dc:b6:3f:95:37:69:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94df0b739dd9581342e9bed4af1f51df6041917f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:a7:e5:a4:14:73:fc:8b:94:ec:6a:3a:6b:
af:6a:58:d4:1c:e5:ed:6f:0d:11:96:e8:46:8e:b3:
f6:ae:4b:1a:a5:d8:db:db:4c:1b:a1:13:ed:58:99:
c4:6e:8b:46:8e:6e:c6:97:3d:67:67:a9:4d:d9:09:
c4:51:0d:88:89:25:9f:ee:42:d2:f0:a9:86:c4:ce:
38:13:2d:0b:33:6b:20:e7:e7:34:03:35:63:35:ed:
af:1d:86:b6:6f:13:f6:69:b1:fa:57:dc:e9:8b:59:
fb:26:16:cc:f6:2c:2f:5f:f6:ae:c4:a9:ef:53:5a:
f5:b5:3c:28:cc:7d:1a:ee:99:37:59:b2:d6:24:a9:
5e:5e:bf:4d:7e:43:c3:2b:e3:5b:28:82:68:be:6f:
df:c2:2c:8f:2a:f3:c9:f8:ab:df:8f:17:3e:6a:a6:
c6:f3:d2:2e:2a:29:2d:b0:87:64:7e:21:e1:ed:aa:
d9:05:23:31:3f:22:f3:99:c5:ba:a6:9e:45:9f:9e:
67:7f:ae:e9:4e:4e:13:28:9d:23:6c:68:12:3b:ce:
ea:47:b9:26:c9:00:27:e9:39:df:d7:59:42:d0:dc:
38:4b:8f:77:0e:e9:59:a3:22:97:69:c3:9d:37:5c:
10:90:a6:9c:06:a6:39:00:54:13:9e:f3:27:fc:5a:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DF:0B:73:9D:D9:58:13:42:E9:BE:D4:AF:1F:51:DF:60:41:91:7F
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/lN8Lc53ZWBNC6b7Urx9R32BBkX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.132.0/22
185.214.170.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:40:45:86:00:96:46:05:b1:cb:2b:45:f5:98:37:4e:4f:ee:
57:0c:cd:10:dc:4c:ae:c1:dd:57:30:46:47:63:40:38:16:57:
15:5e:7f:e1:49:c6:dd:2a:0a:6b:ab:f4:77:50:1c:ba:6e:87:
dc:59:51:77:cb:d0:6b:e8:d4:00:94:d4:ea:94:7a:08:0d:f8:
bc:4b:7f:8c:f4:cd:88:1f:20:79:01:97:7e:30:a9:11:7a:34:
fd:04:0c:43:a8:83:15:be:63:52:2c:76:3e:d3:fb:56:2e:1f:
c5:a1:4b:fc:99:42:c0:26:c4:f2:bb:4e:05:a4:e4:21:92:6e:
07:fd:05:d4:fd:00:56:6d:8b:1e:3f:63:1d:e4:34:30:eb:86:
6e:eb:2a:af:75:1d:16:5d:89:75:72:8b:60:06:66:2c:82:04:
a6:20:50:d9:48:09:b7:63:46:fe:71:9b:b5:ae:d2:a8:6e:b3:
45:cc:ae:00:36:65:d9:4a:bb:a8:dd:a8:af:60:f4:c8:5e:d5:
49:4e:76:70:5c:a4:b4:b7:f3:47:9a:d7:0c:f5:f5:34:f5:7e:
31:5b:75:ff:5c:c0:f4:a8:54:52:a1:4c:ac:e7:c6:4d:b1:9d:
ca:b6:34:e2:3b:05:be:f1:42:9d:4d:5f:f4:72:dd:4e:46:50:
34:63:c8:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+eAnbBEK4vctj+VN2kiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRmMGI3MzlkZDk1ODEzNDJlOWJlZDRhZjFmNTFkZjYwNDE5MTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1Gn5aQUc/yLlOxqOmuvaljUHOXt
bw0RluhGjrP2rksapdjb20wboRPtWJnEbotGjm7Glz1nZ6lN2QnEUQ2IiSWf7kLS
8KmGxM44Ey0LM2sg5+c0AzVjNe2vHYa2bxP2abH6V9zpi1n7JhbM9iwvX/auxKnv
U1r1tTwozH0a7pk3WbLWJKleXr9NfkPDK+NbKIJovm/fwiyPKvPJ+Kvfjxc+aqbG
89IuKiktsIdkfiHh7arZBSMxPyLzmcW6pp5Fn55nf67pTk4TKJ0jbGgSO87qR7km
yQAn6Tnf11lC0Nw4S493DulZoyKXacOdN1wQkKacBqY5AFQTnvMn/FrbNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJTfC3Od2VgTQum+1K8fUd9gQZF/MB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvbE44TGM1M1pXQk5DNmI3VXJ4OVIzMkJCa1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHeEAwQB
udaqMA0GCSqGSIb3DQEBCwUAA4IBAQC9QEWGAJZGBbHLK0X1mDdOT+5XDM0Q3Eyu
wd1XMEZHY0A4FlcVXn/hScbdKgprq/R3UBy6bofcWVF3y9Br6NQAlNTqlHoIDfi8
S3+M9M2IHyB5AZd+MKkRejT9BAxDqIMVvmNSLHY+0/tWLh/FoUv8mULAJsTyu04F
pOQhkm4H/QXU/QBWbYseP2Md5DQw64Zu6yqvdR0WXYl1cotgBmYsggSmIFDZSAm3
Y0b+cZu1rtKobrNFzK4ANmXZSruo3aivYPTIXtVJTnZwXKS0t/NHmtcM9fU09X4x
W3X/XMD0qFRSoUys58ZNsZ3KtjTiOwW+8UKdTV/0ct1ORlA0Y8io
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:50 2024 by rpki-client on console-ams.rpki-client.org