Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/LfyAcBU61rkGs5mBKPzjfAIosNc.roa
File: LfyAcBU61rkGs5mBKPzjfAIosNc.roa (raw, json)
Hash identifier: kJRzPWBVMSVfrHZjapPgi/EKnAURuioU2NmAyhqu9pg=
Subject key identifier: 2D:FC:80:70:15:3A:D6:B9:06:B3:99:81:28:FC:E3:7C:02:28:B0:D7
Certificate issuer: /CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Certificate serial: 018CC7954E413032D6D466A162B8408209E1
Authority key identifier: DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/LfyAcBU61rkGs5mBKPzjfAIosNc.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58331
IP address blocks: 193.242.195.0/24 maxlen: 24
193.242.194.0/24 maxlen: 24
185.75.205.0/24 maxlen: 24
185.75.206.0/24 maxlen: 24
185.75.207.0/24 maxlen: 24
2a05:5445::/32 maxlen: 32
2a05:5441::/32 maxlen: 32
2a05:5444::/32 maxlen: 32
2a05:5442::/32 maxlen: 32
2a05:5447::/32 maxlen: 32
2a05:5446::/32 maxlen: 32
2a05:5440::/32 maxlen: 32
2a05:5443::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4e:41:30:32:d6:d4:66:a1:62:b8:40:82:09:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df27b939934a2cc206ffba6bce9c90fdcba39c71
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dfc8070153ad6b906b3998128fce37c0228b0d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:05:a4:22:72:cb:af:4c:f0:70:ea:3c:a6:
f8:58:82:33:3a:b4:e1:c8:b3:08:e4:ff:74:33:3b:
30:99:87:c7:05:44:72:f6:35:a1:fc:37:8e:3e:ae:
fe:91:53:94:02:b7:28:58:1b:3e:c3:78:dd:8a:50:
7e:b1:fc:ff:ab:90:10:b8:2f:48:29:c1:90:85:d5:
d8:92:a2:cc:f2:a7:09:28:e5:2a:a3:bb:e0:bd:07:
f1:f0:5a:91:4a:4d:74:e7:c5:9c:da:11:15:75:09:
83:20:aa:f3:7e:5b:bc:10:c9:bf:b5:a6:05:e9:4f:
3c:7b:58:de:fc:5f:5b:a0:87:29:8f:cd:90:8e:3b:
12:d1:44:3c:f3:d9:90:14:4f:91:41:fe:b7:20:0b:
d5:85:c3:95:9c:1c:7e:74:44:b3:24:ec:1f:2f:ce:
18:62:b5:6e:12:dc:a1:36:e1:5d:92:11:9a:cd:af:
53:56:1b:55:fe:81:a6:c3:f2:8b:68:ba:e0:fe:b1:
5f:e6:98:63:6d:c1:a5:ee:07:b2:3b:92:e3:65:fb:
8e:5c:a2:5b:b3:0e:3b:71:d0:12:12:08:1a:58:56:
64:e8:8b:4e:f3:51:3b:ed:67:97:a7:59:dc:2f:9b:
c2:37:d3:e4:fd:af:1a:ef:66:20:9c:e4:67:f3:eb:
d3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FC:80:70:15:3A:D6:B9:06:B3:99:81:28:FC:E3:7C:02:28:B0:D7
X509v3 Authority Key Identifier:
keyid:DF:27:B9:39:93:4A:2C:C2:06:FF:BA:6B:CE:9C:90:FD:CB:A3:9C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ye5OZNKLMIG_7przpyQ_cujnHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/LfyAcBU61rkGs5mBKPzjfAIosNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/966261-83b5-4ead-a468-6ed54d3fe4f4/1/3ye5OZNKLMIG_7przpyQ_cujnHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.205.0-185.75.207.255
193.242.194.0/23
IPv6:
2a05:5440::/29
Signature Algorithm: sha256WithRSAEncryption
28:54:48:bf:5d:db:05:19:30:6c:50:80:01:b6:4a:40:a4:7e:
fe:86:81:46:cd:6e:dc:a4:41:72:e1:6e:88:2e:22:03:ae:ff:
42:a3:20:1f:4b:33:49:86:f6:e1:ba:42:af:6b:94:2a:6a:91:
fe:86:37:b5:7c:10:28:3a:e4:44:55:72:f2:c3:69:89:13:49:
71:3d:c7:79:a3:f6:a3:c7:e6:0b:56:4c:48:dd:11:70:3c:c3:
08:1a:c3:3d:00:16:19:75:fb:c8:b7:a2:9b:2d:02:3b:1b:38:
26:c8:94:13:fa:b1:af:67:02:d5:cb:9f:49:8b:3d:b3:1a:4e:
40:3e:5c:51:31:92:79:3c:4e:26:6b:30:80:c6:73:5d:b2:7d:
c2:6d:ff:ba:50:a7:db:b8:4c:45:c1:c6:0f:ed:7c:5d:e1:93:
e2:98:14:04:e3:b3:79:1b:aa:7c:58:23:fd:12:07:80:77:56:
95:5b:d2:c3:c1:36:b0:8d:29:6b:a7:c7:44:87:11:82:b9:a2:
6f:1f:a0:c9:3d:cb:e7:e8:35:45:02:7a:e3:93:77:0a:dc:43:
d2:15:af:e2:7b:bc:7e:9f:e3:40:87:08:b1:0e:34:ba:4a:a3:
4c:e9:f1:5a:9e:b3:20:57:f4:b4:d1:4d:41:67:2c:28:8c:58:
7e:ff:a4:b2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHlU5BMDLW1GahYrhAggnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjdiOTM5OTM0YTJjYzIwNmZmYmE2YmNlOWM5MGZkY2Jh
MzljNzEwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZjODA3MDE1M2FkNmI5MDZiMzk5ODEyOGZjZTM3YzAyMjhiMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqIFpCJyy69M8HDqPKb4WIIzOrTh
yLMI5P90MzswmYfHBURy9jWh/DeOPq7+kVOUArcoWBs+w3jdilB+sfz/q5AQuC9I
KcGQhdXYkqLM8qcJKOUqo7vgvQfx8FqRSk1058Wc2hEVdQmDIKrzflu8EMm/taYF
6U88e1je/F9boIcpj82QjjsS0UQ889mQFE+RQf63IAvVhcOVnBx+dESzJOwfL84Y
YrVuEtyhNuFdkhGaza9TVhtV/oGmw/KLaLrg/rFf5phjbcGl7geyO5LjZfuOXKJb
sw47cdASEggaWFZk6ItO81E77WeXp1ncL5vCN9Pk/a8a72YgnORn8+vTjQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC38gHAVOta5BrOZgSj843wCKLDXMB8GA1UdIwQY
MBaAFN8nuTmTSizCBv+6a86ckP3Lo5xxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0Njgt
NmVkNTRkM2ZlNGY0LzEvTGZ5QWNCVTYxcmtHczVtQktQempmQUlvc05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NjYyNjEtODNiNS00ZWFkLWE0NjgtNmVkNTRkM2ZlNGY0
LzEvM3llNU9aTktMTUlHXzdwcnpweVFfY3VqbkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5S80D
BAS5S8ADBAHB8sIwDQQCAAIwBwMFAyoFVEAwDQYJKoZIhvcNAQELBQADggEBAChU
SL9d2wUZMGxQgAG2SkCkfv6GgUbNbtykQXLhboguIgOu/0KjIB9LM0mG9uG6Qq9r
lCpqkf6GN7V8ECg65ERVcvLDaYkTSXE9x3mj9qPH5gtWTEjdEXA8wwgawz0AFhl1
+8i3opstAjsbOCbIlBP6sa9nAtXLn0mLPbMaTkA+XFExknk8TiZrMIDGc12yfcJt
/7pQp9u4TEXBxg/tfF3hk+KYFATjs3kbqnxYI/0SB4B3VpVb0sPBNrCNKWunx0SH
EYK5om8foMk9y+foNUUCeuOTdwrcQ9IVr+J7vH6f40CHCLEONLpKo0zp8VqesyBX
9LTRTUFnLCiMWH7/pLI=
-----END CERTIFICATE-----
Generated at Sun May 19 14:06:31 2024 by rpki-client on console-fra.rpki-client.org