Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/LyVLOy7rCLdK3-obCpSFHYXBMeE.roa
File: LyVLOy7rCLdK3-obCpSFHYXBMeE.roa (raw, json)
Hash identifier: RDoVykschZIo5fWspdmtEw2ehBRk72grQV7LvV+qO1Q=
Subject key identifier: 2F:25:4B:3B:2E:EB:08:B7:4A:DF:EA:1B:0A:94:85:1D:85:C1:31:E1
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 018CC9BB9F9C76D2A09E79810812E3D9F87B
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/LyVLOy7rCLdK3-obCpSFHYXBMeE.roa
Signing time: Tue 02 Jan 2024 10:32:45 +0000
ROA not before: Tue 02 Jan 2024 10:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205184
IP address blocks: 185.151.204.0/24 maxlen: 24
185.230.36.0/23 maxlen: 23
185.230.38.0/24 maxlen: 24
23.19.48.0/22 maxlen: 22
185.84.200.0/23 maxlen: 23
2a0b:14c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9f:9c:76:d2:a0:9e:79:81:08:12:e3:d9:f8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Jan 2 10:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f254b3b2eeb08b74adfea1b0a94851d85c131e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3d:d3:4f:17:6d:95:21:85:d8:06:c4:fc:2a:
10:15:6c:66:ab:9d:69:ea:4f:0a:6e:1f:6c:15:c4:
26:e9:4c:7f:ff:93:b4:5e:8c:6e:6d:f1:83:b7:5c:
c3:e1:66:c6:bf:e1:5f:a2:77:15:0a:51:c2:1d:0b:
b7:1b:8e:07:70:45:9b:a8:c6:fe:d6:c0:40:e6:93:
15:49:18:ac:bf:ca:04:b6:99:1f:14:85:3e:5d:96:
27:fe:d3:06:7a:b2:b9:eb:0a:dd:8e:82:57:85:30:
93:4b:af:b9:ae:cd:a3:b8:63:3f:4b:b0:27:23:a6:
08:43:e1:6c:a5:75:b3:7c:a6:c9:65:a8:51:1b:44:
58:7b:e0:c3:8e:6b:8a:af:91:71:f1:10:ef:82:76:
a5:be:b3:6d:89:ea:03:70:7b:d7:83:41:21:1d:bf:
a6:cc:72:0f:20:d3:8e:00:8a:d0:7c:fc:2c:7d:9c:
c0:e9:50:7d:82:30:30:d1:43:f3:1a:0b:41:82:30:
04:17:9d:ed:5e:64:49:67:91:7b:f4:73:64:07:01:
cf:57:33:e3:1f:a9:7d:ff:79:64:e5:39:a7:e5:a5:
74:92:51:23:62:4a:aa:e3:2a:a1:ac:2e:50:88:26:
f2:ba:31:f3:29:7c:50:3e:34:b7:ba:41:dd:10:6e:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:25:4B:3B:2E:EB:08:B7:4A:DF:EA:1B:0A:94:85:1D:85:C1:31:E1
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/LyVLOy7rCLdK3-obCpSFHYXBMeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.19.48.0/22
185.84.200.0/23
185.151.204.0/24
185.230.36.0-185.230.38.255
IPv6:
2a0b:14c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
cd:9b:fd:90:57:02:c5:a6:ba:7b:6c:b6:79:c5:25:83:9e:3a:
07:bc:88:1f:df:50:84:ad:8c:71:ac:de:ed:59:37:6c:89:50:
b4:22:cc:6b:76:54:63:e6:53:c8:b3:73:af:52:29:f7:32:1a:
27:31:08:73:f7:9e:6f:7e:61:c9:7b:52:80:c4:a4:ce:59:3a:
f7:61:00:f1:cf:40:7c:ab:2e:93:6b:d3:67:64:ed:21:b9:d1:
f8:42:c2:a5:13:52:39:57:b9:7b:1d:77:19:66:db:ee:09:cb:
d1:6d:93:6f:86:2c:5f:db:52:52:23:0a:f3:97:a6:78:15:ee:
d8:17:00:10:1a:d9:34:b4:bc:4d:e0:d4:c2:8c:1e:db:28:d2:
a6:07:14:b2:44:e6:0b:59:fd:31:ce:4f:44:73:af:b8:1b:bb:
67:8c:73:1a:a2:f8:71:dc:25:8f:40:fc:3f:ed:80:1a:7f:9a:
89:c4:42:68:96:18:eb:8c:35:74:06:64:14:e2:d7:04:b7:e6:
7a:1b:63:25:d4:2a:17:31:76:2b:97:a0:ab:74:f9:68:c6:46:
38:ed:a8:c3:8a:ac:90:1c:d7:ee:da:d7:35:5c:ca:a8:03:4e:
99:88:56:41:aa:d9:e1:ea:58:3a:e2:57:5b:9e:09:19:97:06:
78:47:3c:77
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzJu5+cdtKgnnmBCBLj2fh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjQwMTAyMTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI1NGIzYjJlZWIwOGI3NGFkZmVhMWIwYTk0ODUxZDg1YzEzMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT3TTxdtlSGF2AbE/CoQFWxmq51p
6k8Kbh9sFcQm6Ux//5O0XoxubfGDt1zD4WbGv+FfoncVClHCHQu3G44HcEWbqMb+
1sBA5pMVSRisv8oEtpkfFIU+XZYn/tMGerK56wrdjoJXhTCTS6+5rs2juGM/S7An
I6YIQ+FspXWzfKbJZahRG0RYe+DDjmuKr5Fx8RDvgnalvrNtieoDcHvXg0EhHb+m
zHIPINOOAIrQfPwsfZzA6VB9gjAw0UPzGgtBgjAEF53tXmRJZ5F79HNkBwHPVzPj
H6l9/3lk5Tmn5aV0klEjYkqq4yqhrC5QiCbyujHzKXxQPjS3ukHdEG4A5wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFC8lSzsu6wi3St/qGwqUhR2FwTHhMB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvTHlWTE95N3JDTGRLMy1vYkNwU0ZIWVhCTWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQCFxMwAwQB
uVTIAwQAuZfMMAwDBAK55iQDBAC55iYwDwQCAAIwCQMHACoLFMAAATANBgkqhkiG
9w0BAQsFAAOCAQEAzZv9kFcCxaa6e2y2ecUlg546B7yIH99QhK2Mcaze7Vk3bIlQ
tCLMa3ZUY+ZTyLNzr1Ip9zIaJzEIc/eeb35hyXtSgMSkzlk692EA8c9AfKsuk2vT
Z2TtIbnR+ELCpRNSOVe5ex13GWbb7gnL0W2Tb4YsX9tSUiMK85emeBXu2BcAEBrZ
NLS8TeDUwowe2yjSpgcUskTmC1n9Mc5PRHOvuBu7Z4xzGqL4cdwlj0D8P+2AGn+a
icRCaJYY64w1dAZkFOLXBLfmehtjJdQqFzF2K5egq3T5aMZGOO2ow4qskBzX7trX
NVzKqANOmYhWQarZ4epYOuJXW54JGZcGeEc8dw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:48:22 2024 by rpki-client on console-fra.rpki-client.org