Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/LDnCYFKA9WagM_3zoPFw7uNawmM.roa
File: LDnCYFKA9WagM_3zoPFw7uNawmM.roa (raw, json)
Hash identifier: vfVSm4x3iLurQWJGny/B6CWrglNuuyLEbQWkYfQYaK0=
Subject key identifier: 2C:39:C2:60:52:80:F5:66:A0:33:FD:F3:A0:F1:70:EE:E3:5A:C2:63
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018CC4255034547FDA8230E230469BFC6FD7
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/LDnCYFKA9WagM_3zoPFw7uNawmM.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201612
IP address blocks: 193.46.135.0/24 maxlen: 24
193.46.134.0/24 maxlen: 24
193.46.133.0/24 maxlen: 24
194.0.24.0/24 maxlen: 24
194.0.25.0/24 maxlen: 24
194.0.26.0/24 maxlen: 24
193.46.130.0/24 maxlen: 24
193.46.131.0/24 maxlen: 24
193.46.128.0/24 maxlen: 24
193.46.129.0/24 maxlen: 24
193.46.132.0/24 maxlen: 24
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:50:34:54:7f:da:82:30:e2:30:46:9b:fc:6f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c39c2605280f566a033fdf3a0f170eee35ac263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1d:78:8c:40:c6:12:f9:3d:8e:14:a0:b5:e2:
ce:5f:39:6e:79:da:24:00:3e:3b:18:cd:82:6f:c0:
26:60:38:2f:40:45:f4:c6:53:8c:86:4e:5c:bf:43:
a6:8c:c0:62:50:05:10:0d:cb:5c:2c:cc:02:0e:a8:
e9:b3:73:78:76:aa:60:0f:a8:0e:e3:e3:4a:2f:eb:
31:27:80:74:14:8a:19:d2:3f:de:21:0b:0b:72:e7:
92:67:24:47:3d:86:45:9f:e5:ce:70:b6:2a:f3:e0:
fa:f3:7d:de:78:bd:b6:d6:1e:63:b2:2a:d8:d3:ed:
35:1b:44:d9:34:df:95:5c:de:b6:15:6f:18:36:c4:
70:d2:f2:72:5d:fc:1e:35:5a:a9:83:7e:27:31:26:
ef:b0:cd:da:4f:7e:72:bc:47:b2:ed:91:cd:1f:ff:
39:df:b8:1d:dd:f2:2e:92:f3:af:8d:f1:4f:76:76:
3e:f0:20:ca:67:51:48:0f:0f:96:a1:2c:ef:e9:4a:
03:a5:91:90:d5:36:eb:1f:b1:10:21:aa:33:d7:3d:
20:b4:9f:2c:e3:90:06:e3:b7:6f:87:83:c5:ab:a1:
e0:40:aa:33:3c:18:4c:01:d7:c9:f0:34:56:ff:5a:
c9:f4:f4:7e:1c:0e:56:b4:9e:e9:11:6d:c0:7c:9d:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:39:C2:60:52:80:F5:66:A0:33:FD:F3:A0:F1:70:EE:E3:5A:C2:63
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/LDnCYFKA9WagM_3zoPFw7uNawmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.128.0/21
194.0.24.0-194.0.26.255
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
6d:28:22:eb:57:89:6f:41:e8:00:f4:29:75:cd:3e:05:e5:84:
83:53:d5:e5:26:bc:b8:68:9a:32:c4:b9:78:32:03:f9:ba:a9:
38:74:d7:cd:b2:da:58:b1:56:f8:2d:2d:17:92:69:e0:37:93:
48:b9:51:a2:78:cb:dc:b2:7c:04:54:25:a9:2d:30:03:e5:39:
6e:21:95:b6:ee:04:2f:73:e7:83:e0:e7:53:e9:09:cf:f7:93:
4d:a7:af:94:34:ba:3b:99:bc:7c:65:21:12:dc:81:da:cc:b6:
b0:9c:aa:10:6d:07:47:a4:bc:43:64:6e:f0:74:e4:7f:7a:32:
77:5e:cb:5b:7f:29:a5:a2:d6:cf:d0:49:f2:d8:94:be:3b:cc:
a7:43:e3:93:d2:e3:5b:84:4d:f6:6a:a0:12:64:ed:78:56:c5:
d2:9d:54:3c:3b:9d:37:fb:8a:6c:58:9e:c8:6a:e8:8f:d1:72:
88:d9:a9:63:1f:05:a7:3d:2f:9a:48:5c:f5:e9:69:b6:d9:5b:
49:51:68:52:a1:e5:c5:59:61:c1:5e:3d:0b:5c:c2:90:e5:85:
c7:2f:c9:ac:f4:ea:b9:79:0b:9a:a8:e2:94:20:9d:50:8d:dc:
c5:1f:21:33:98:d0:8d:7e:73:65:ec:34:73:d0:d3:93:cd:a6:
34:3b:40:c3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzEJVA0VH/agjDiMEab/G/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM5YzI2MDUyODBmNTY2YTAzM2ZkZjNhMGYxNzBlZWUzNWFjMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h14jEDGEvk9jhSgteLOXzluedok
AD47GM2Cb8AmYDgvQEX0xlOMhk5cv0OmjMBiUAUQDctcLMwCDqjps3N4dqpgD6gO
4+NKL+sxJ4B0FIoZ0j/eIQsLcueSZyRHPYZFn+XOcLYq8+D6833eeL221h5jsirY
0+01G0TZNN+VXN62FW8YNsRw0vJyXfweNVqpg34nMSbvsM3aT35yvEey7ZHNH/85
37gd3fIukvOvjfFPdnY+8CDKZ1FIDw+WoSzv6UoDpZGQ1TbrH7EQIaoz1z0gtJ8s
45AG47dvh4PFq6HgQKozPBhMAdfJ8DRW/1rJ9PR+HA5WtJ7pEW3AfJ2JrQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCw5wmBSgPVmoDP986DxcO7jWsJjMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvTERuQ1lGS0E5V2FnTV8zem9QRnc3dU5hd21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAaBAIAATAUAwQDwS6AMAwD
BAPCABgDBADCABowKgQCAAIwJAMHACABBngAIAMHACABBngAJAMHACABBnwBvAMH
AyoCCFD/4DANBgkqhkiG9w0BAQsFAAOCAQEAbSgi61eJb0HoAPQpdc0+BeWEg1PV
5Sa8uGiaMsS5eDID+bqpOHTXzbLaWLFW+C0tF5Jp4DeTSLlRonjL3LJ8BFQlqS0w
A+U5biGVtu4EL3Png+DnU+kJz/eTTaevlDS6O5m8fGUhEtyB2sy2sJyqEG0HR6S8
Q2Ru8HTkf3oyd17LW38ppaLWz9BJ8tiUvjvMp0Pjk9LjW4RN9mqgEmTteFbF0p1U
PDudN/uKbFieyGroj9FyiNmpYx8Fpz0vmkhc9elpttlbSVFoUqHlxVlhwV49C1zC
kOWFxy/JrPTquXkLmqjilCCdUI3cxR8hM5jQjX5zZew0c9DTk82mNDtAww==
-----END CERTIFICATE-----
Generated at Fri May 17 18:23:58 2024 by rpki-client on console-fra.rpki-client.org