Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Pk4oocXYWWHRAE2M9RrAeFtVlL8.roa
File: Pk4oocXYWWHRAE2M9RrAeFtVlL8.roa (raw, json)
Hash identifier: EJH2N9qLryHCy+ZLzje0Q6eLKkrIFnioY1T/N/BEDeY=
Subject key identifier: 3E:4E:28:A1:C5:D8:59:61:D1:00:4D:8C:F5:1A:C0:78:5B:55:94:BF
Certificate issuer: /CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Certificate serial: 018CF37F134E166804C98D33525FF2523AEF
Authority key identifier: 2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Pk4oocXYWWHRAE2M9RrAeFtVlL8.roa
Signing time: Wed 10 Jan 2024 13:10:40 +0000
ROA not before: Wed 10 Jan 2024 13:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.135.166.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.65.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.84.0/23 maxlen: 23
31.28.80.0/22 maxlen: 22
31.28.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:7f:13:4e:16:68:04:c9:8d:33:52:5f:f2:52:3a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Validity
Not Before: Jan 10 13:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e4e28a1c5d85961d1004d8cf51ac0785b5594bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:94:1a:f3:c5:92:b6:5e:00:97:de:23:c7:cd:
09:19:bd:27:82:98:de:e6:3e:77:aa:b7:2b:d3:59:
02:74:75:50:82:da:52:82:e3:64:dd:d4:c2:9a:8e:
dc:43:9a:1a:01:87:2d:83:d2:95:47:3f:0f:9f:92:
91:96:d4:48:d0:67:6b:48:2c:4f:97:a2:94:ed:f1:
39:b2:55:22:cd:e6:ae:40:1b:0e:98:c7:14:f4:aa:
61:11:d7:ae:be:6a:d6:ef:a0:32:f9:b7:aa:31:d2:
26:70:e0:50:01:49:64:7a:03:5b:09:83:47:98:a5:
05:82:f7:44:14:0e:4c:c1:bd:b7:c9:f7:bf:61:3c:
d1:59:5e:e4:b0:f9:f4:8f:1f:68:cb:88:4b:ef:4e:
7f:a7:51:0c:f1:44:d5:3e:34:d5:ca:51:04:b1:88:
e8:e4:73:48:29:97:ce:cf:46:57:8e:09:82:01:27:
dd:92:14:c3:62:78:0c:db:72:ac:8c:27:18:17:18:
60:9c:0b:2a:f7:62:30:5a:c7:13:06:c5:83:14:77:
ed:b2:7a:08:93:b2:2f:1e:00:c2:62:65:ae:78:48:
46:80:df:24:8f:b1:8e:d7:16:eb:cb:c9:56:47:bb:
bd:dc:af:cc:8b:4e:c9:d3:7c:29:a7:72:64:ac:2c:
08:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4E:28:A1:C5:D8:59:61:D1:00:4D:8C:F5:1A:C0:78:5B:55:94:BF
X509v3 Authority Key Identifier:
keyid:2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Pk4oocXYWWHRAE2M9RrAeFtVlL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
94.126.43.0/24
94.126.47.0/24
178.18.116.0/23
178.18.119.0/24
185.121.76.0/22
185.135.164.0/22
Signature Algorithm: sha256WithRSAEncryption
44:21:7d:33:93:19:bc:d4:a4:54:d4:8e:7b:79:d4:5a:df:df:
e3:a9:a0:79:66:48:2f:18:ee:cf:3c:65:48:77:fe:a1:46:f3:
5c:d0:5a:3e:1a:27:85:28:36:2e:e4:e0:8b:ec:97:6a:0a:3e:
93:99:6f:7e:b5:7c:55:2e:15:9f:0a:6d:29:66:8c:f6:2d:27:
b4:29:80:1a:43:b4:33:84:dc:d2:4c:cc:2c:61:b2:20:0a:c0:
b5:b3:f5:1f:64:e1:1c:dd:04:c9:7c:82:b3:a1:8e:e6:cd:fb:
d5:a7:bc:f2:e6:4e:28:3a:b8:0d:36:c0:6b:d9:b7:84:fd:55:
d8:87:71:86:3b:67:8c:93:2b:80:31:72:21:2d:bf:ea:7d:b4:
1b:64:77:e5:35:43:ac:5e:7a:ec:f9:08:44:bf:21:13:47:71:
84:ee:43:40:87:29:23:78:ac:57:07:e0:19:db:b6:f0:15:cf:
95:e1:a2:e7:9b:1c:10:7c:2b:90:b6:4b:05:ec:9e:3b:c7:2e:
63:90:7e:42:0c:7b:1e:39:43:ce:7c:c7:86:01:1f:35:dd:a4:
8d:dd:ea:ae:aa:cb:58:a9:68:80:7b:98:c7:cd:2c:3b:5e:25:
d6:d1:a6:0e:ff:22:1c:d6:5e:6a:75:77:55:58:90:02:53:62:
a0:41:30:83
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzzfxNOFmgEyY0zUl/yUjrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMTE5NzU0ZmMxNGZmZTc5NjhhNjUxNmJkNDliZGIyNTYz
M2I4ODcwHhcNMjQwMTEwMTMxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRlMjhhMWM1ZDg1OTYxZDEwMDRkOGNmNTFhYzA3ODViNTU5NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Qa88WStl4Al94jx80JGb0ngpje
5j53qrcr01kCdHVQgtpSguNk3dTCmo7cQ5oaAYctg9KVRz8Pn5KRltRI0GdrSCxP
l6KU7fE5slUizeauQBsOmMcU9KphEdeuvmrW76Ay+beqMdImcOBQAUlkegNbCYNH
mKUFgvdEFA5Mwb23yfe/YTzRWV7ksPn0jx9oy4hL705/p1EM8UTVPjTVylEEsYjo
5HNIKZfOz0ZXjgmCASfdkhTDYngM23KsjCcYFxhgnAsq92IwWscTBsWDFHftsnoI
k7IvHgDCYmWueEhGgN8kj7GO1xbry8lWR7u93K/Mi07J03wpp3JkrCwIvwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFD5OKKHF2Flh0QBNjPUawHhbVZS/MB8GA1UdIwQY
MBaAFC0Rl1T8FP/nloplFr1JvbJWM7iHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2Yt
MDFmYWNjNzQ3YzI0LzEvUGs0b29jWFlXV0hSQUUyTTlSckFlRnRWbEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2YtMDFmYWNjNzQ3YzI0
LzEvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHxxBMAwD
BAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8cUAMEAB8cVgMEAF5+
KwMEAF5+LwMEAbISdAMEALISdwMEArl5TAMEArmHpDANBgkqhkiG9w0BAQsFAAOC
AQEARCF9M5MZvNSkVNSOe3nUWt/f46mgeWZILxjuzzxlSHf+oUbzXNBaPhonhSg2
LuTgi+yXago+k5lvfrV8VS4VnwptKWaM9i0ntCmAGkO0M4Tc0kzMLGGyIArAtbP1
H2ThHN0EyXyCs6GO5s371ae88uZOKDq4DTbAa9m3hP1V2IdxhjtnjJMrgDFyIS2/
6n20G2R35TVDrF567PkIRL8hE0dxhO5DQIcpI3isVwfgGdu28BXPleGi55scEHwr
kLZLBeyeO8cuY5B+Qgx7HjlDznzHhgEfNd2kjd3qrqrLWKlogHuYx80sO14l1tGm
Dv8iHNZeanV3VViQAlNioEEwgw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 16:35:15 2024 by rpki-client on console-ams.rpki-client.org