Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/laJYcTDH6ZRIjWUIbsQaISolpMo.roa
File: laJYcTDH6ZRIjWUIbsQaISolpMo.roa (raw, json)
Hash identifier: mhKmBmAYjrMSijZnrCr20GgnCRsNlTVlQalOL0yIhhY=
Subject key identifier: 95:A2:58:71:30:C7:E9:94:48:8D:65:08:6E:C4:1A:21:2A:25:A4:CA
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 018CC4930D6842CBF5427AA601695757632C
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/laJYcTDH6ZRIjWUIbsQaISolpMo.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57794
IP address blocks: 37.98.192.0/21 maxlen: 21
37.98.192.0/22 maxlen: 22
37.98.196.0/22 maxlen: 22
188.117.228.0/22 maxlen: 22
188.117.232.0/21 maxlen: 21
188.117.232.0/22 maxlen: 22
82.192.2.0/23 maxlen: 23
82.192.2.0/24 maxlen: 24
82.192.3.0/24 maxlen: 24
188.117.236.0/22 maxlen: 22
188.117.240.0/22 maxlen: 22
188.117.240.0/23 maxlen: 23
188.117.242.0/23 maxlen: 23
188.117.248.0/23 maxlen: 23
188.117.250.0/23 maxlen: 23
188.117.248.0/22 maxlen: 22
188.117.192.0/21 maxlen: 21
188.117.192.0/22 maxlen: 22
188.117.196.0/22 maxlen: 22
188.117.216.0/23 maxlen: 23
188.117.216.0/22 maxlen: 22
188.117.218.0/23 maxlen: 23
188.117.224.0/21 maxlen: 21
188.117.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0d:68:42:cb:f5:42:7a:a6:01:69:57:57:63:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95a2587130c7e994488d65086ec41a212a25a4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:52:9d:29:30:a9:b2:5b:d0:57:80:69:1a:32:
d2:aa:d6:f4:bd:40:78:24:57:9b:5d:84:8f:f3:10:
ce:28:35:ac:88:d7:3c:22:d7:c7:a9:1a:2c:75:94:
a8:f4:d4:38:68:6a:0e:97:2c:c3:71:51:2c:cb:ca:
fe:f1:9a:16:78:07:07:8a:39:6f:96:0b:d5:5d:dc:
42:c7:a0:c1:0a:40:75:c0:f8:25:e0:68:c0:9c:e9:
89:d3:da:09:8b:7d:81:2b:b7:32:48:53:61:58:e8:
31:cb:79:a4:02:62:bb:2e:8a:7d:9e:c0:1f:8f:45:
f4:5c:96:a7:c5:dc:d7:f4:6a:2e:ba:49:39:e3:98:
82:f5:d9:d2:0d:e1:8e:91:d6:23:fb:42:6b:6d:e8:
fb:07:57:42:65:22:fa:4e:66:1e:7d:01:56:51:cb:
3c:b2:21:dd:f7:50:c9:a0:b3:db:07:6f:e9:c5:d8:
b5:76:91:11:8a:52:ed:c3:6e:f3:9f:ee:39:a5:74:
ac:f0:44:97:6d:92:24:4b:12:00:85:f2:d1:69:f2:
78:9a:1c:cc:0c:21:11:c6:87:34:48:01:f5:d1:ac:
58:02:ae:a0:11:46:7d:a3:f0:36:d6:c9:65:da:cb:
f7:d8:fa:2a:eb:4a:ad:08:cd:8c:ff:0e:1a:68:fb:
5d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A2:58:71:30:C7:E9:94:48:8D:65:08:6E:C4:1A:21:2A:25:A4:CA
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/laJYcTDH6ZRIjWUIbsQaISolpMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.192.0/21
82.192.2.0/23
188.117.192.0/21
188.117.216.0/22
188.117.224.0-188.117.243.255
188.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
81:3a:62:8a:8e:84:bb:26:e1:64:60:de:3e:ac:66:80:48:f7:
ac:b1:83:90:55:72:c6:4c:2f:02:c3:ba:9c:8c:8e:5b:fc:de:
03:0f:de:6a:f5:c7:44:e2:6c:9f:0f:45:a9:ff:cf:75:b6:c0:
bd:b7:31:5d:e3:54:1b:6f:e2:e6:58:10:21:08:44:0b:c1:7d:
97:23:01:1b:aa:0d:2f:c6:37:f0:36:4d:94:59:30:b1:df:d1:
5b:18:3c:52:8b:2a:0a:2f:cd:ab:c1:f9:43:2a:47:db:d3:5e:
00:1c:e7:49:90:6e:77:ca:21:d7:2b:06:54:f8:a5:3b:57:44:
e3:97:4c:91:28:6e:e0:ce:59:96:1b:a1:37:33:85:04:e9:5e:
90:6c:17:0c:2a:8c:d3:e2:18:8e:0b:14:77:68:74:24:9a:bb:
a8:3e:80:b1:3c:7d:b5:06:1a:38:b2:be:81:bd:db:70:68:5e:
d4:f0:47:41:bf:3f:a8:70:2e:0e:d7:00:71:dc:ea:ca:a1:49:
95:b3:b7:20:0d:73:67:f6:5a:70:61:b5:a2:17:9b:d0:db:a7:
78:4b:3c:0b:dd:da:8c:93:09:e8:7e:3a:30:d6:f3:51:71:59:
d3:db:d7:60:38:0d:39:05:3e:5e:22:1b:bd:dc:46:72:5e:a3:
2b:e0:e3:39
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEkw1oQsv1QnqmAWlXV2MsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWEyNTg3MTMwYzdlOTk0NDg4ZDY1MDg2ZWM0MWEyMTJhMjVhNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVKdKTCpslvQV4BpGjLSqtb0vUB4
JFebXYSP8xDOKDWsiNc8ItfHqRosdZSo9NQ4aGoOlyzDcVEsy8r+8ZoWeAcHijlv
lgvVXdxCx6DBCkB1wPgl4GjAnOmJ09oJi32BK7cySFNhWOgxy3mkAmK7Lop9nsAf
j0X0XJanxdzX9Gouukk545iC9dnSDeGOkdYj+0Jrbej7B1dCZSL6TmYefQFWUcs8
siHd91DJoLPbB2/pxdi1dpERilLtw27zn+45pXSs8ESXbZIkSxIAhfLRafJ4mhzM
DCERxoc0SAH10axYAq6gEUZ9o/A21sll2sv32Poq60qtCM2M/w4aaPtdgQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJWiWHEwx+mUSI1lCG7EGiEqJaTKMB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvbGFKWWNUREg2WlJJaldVSWJzUWFJU29scE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDJWLAAwQB
UsACAwQDvHXAAwQCvHXYMAwDBAW8deADBAK8dfADBAK8dfgwDQYJKoZIhvcNAQEL
BQADggEBAIE6YoqOhLsm4WRg3j6sZoBI96yxg5BVcsZMLwLDupyMjlv83gMP3mr1
x0TibJ8PRan/z3W2wL23MV3jVBtv4uZYECEIRAvBfZcjARuqDS/GN/A2TZRZMLHf
0VsYPFKLKgovzavB+UMqR9vTXgAc50mQbnfKIdcrBlT4pTtXROOXTJEobuDOWZYb
oTczhQTpXpBsFwwqjNPiGI4LFHdodCSau6g+gLE8fbUGGjiyvoG923BoXtTwR0G/
P6hwLg7XAHHc6sqhSZWztyANc2f2WnBhtaIXm9Dbp3hLPAvd2oyTCeh+OjDW81Fx
WdPb12A4DTkFPl4iG73cRnJeoyvg4zk=
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:36:00 2024 by rpki-client on console-ams.rpki-client.org