Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/LD1tgRFASbrxthHeRqLdZbiEst0.roa
File: LD1tgRFASbrxthHeRqLdZbiEst0.roa (raw, json)
Hash identifier: bf9M8F+X1I5G4PJ4YNijqPrbeIhRGPS1kVlQoMaR7VA=
Subject key identifier: 2C:3D:6D:81:11:40:49:BA:F1:B6:11:DE:46:A2:DD:65:B8:84:B2:DD
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 018CC2DB5713D28E8F691AF60C63DF85BCD2
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/LD1tgRFASbrxthHeRqLdZbiEst0.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205005
IP address blocks: 185.2.144.0/23 maxlen: 23
185.121.208.0/22 maxlen: 22
2a00:1be7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.mft
rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:57:13:d2:8e:8f:69:1a:f6:0c:63:df:85:bc:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c3d6d81114049baf1b611de46a2dd65b884b2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:63:94:a8:fe:ea:13:37:73:1a:8b:8c:a4:ac:
7a:2b:89:ab:af:4d:03:91:38:d7:13:a8:37:7c:b0:
35:1b:26:d6:ce:40:e3:69:03:c4:35:17:a2:26:62:
f2:fa:ac:3c:30:90:b1:98:76:9e:93:46:b8:09:46:
f2:00:73:02:a7:32:a7:3a:db:fd:93:1e:82:2f:ce:
93:00:5f:97:98:cd:41:1e:0c:18:8f:42:22:93:8c:
f7:4a:e0:1c:5b:95:5a:2f:6f:be:57:75:b9:e7:a6:
d7:79:e8:31:1c:b1:03:d0:25:72:c7:57:52:fa:2a:
28:29:ee:af:74:ac:a9:11:83:29:dc:fe:1a:d7:17:
ce:03:89:9a:8c:4e:c6:6e:e5:1e:3e:e8:cf:c7:ee:
2f:5f:d1:9b:9a:36:b4:d4:e4:68:58:cd:7c:54:f4:
cb:c4:80:e5:ec:8c:82:6c:1a:66:b7:58:89:4b:7c:
77:bf:1f:21:49:5c:84:4d:8e:e7:44:db:7b:0f:b6:
8a:98:ea:3e:95:8c:e7:2a:6c:8f:29:d9:2a:f2:a4:
01:8f:01:af:58:ee:9c:14:3f:2a:ba:ac:3d:85:1e:
04:54:f3:d0:ce:c2:e0:6a:82:a3:19:c9:d8:17:6b:
e5:ba:ff:4e:0b:0a:f4:6e:7d:3f:2d:22:c4:c9:b6:
31:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3D:6D:81:11:40:49:BA:F1:B6:11:DE:46:A2:DD:65:B8:84:B2:DD
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/LD1tgRFASbrxthHeRqLdZbiEst0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.144.0/23
185.121.208.0/22
IPv6:
2a00:1be7::/32
Signature Algorithm: sha256WithRSAEncryption
50:8f:a5:a7:66:0a:27:cc:11:ad:cf:8a:b0:7b:f0:94:9a:00:
f0:22:36:97:74:c1:18:ec:46:f2:c9:64:86:a6:60:40:4f:0c:
f0:df:e5:e5:ed:ff:1f:1a:18:09:e6:1a:70:c8:7f:7e:32:2d:
c7:65:28:55:c2:10:4d:3c:d0:6f:c5:7f:a9:53:3d:3d:ad:22:
d9:fe:c7:a3:b6:90:4b:e0:6a:b8:3b:e1:dc:8f:85:2a:85:6e:
9e:fd:c4:fc:f5:64:87:7b:10:c5:6a:96:1d:48:0e:9d:34:83:
25:a9:5a:12:ee:35:54:13:33:3f:ad:14:2b:34:14:c0:8f:25:
86:b5:4d:cd:ab:07:0c:92:e5:37:20:ed:02:6b:a8:87:c6:80:
77:0c:ce:fa:11:01:bf:0b:da:19:f7:98:8a:5f:9f:b7:50:6c:
22:46:92:eb:f7:5b:87:ba:ed:98:76:23:eb:8d:12:a1:7e:ed:
86:ae:93:42:d0:ff:c7:27:e9:8c:c8:f9:7e:1a:94:7f:6b:bb:
27:a3:22:2d:29:34:13:50:5e:e9:e7:ce:da:d5:d1:c2:85:2d:
30:42:56:a2:38:21:99:91:0c:cd:d6:c7:44:e1:71:0b:94:f5:
04:b6:91:18:de:27:ef:51:a0:d3:22:53:85:ad:46:f8:4d:63:
88:ae:28:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC21cT0o6PaRr2DGPfhbzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNkNmQ4MTExNDA0OWJhZjFiNjExZGU0NmEyZGQ2NWI4ODRiMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WOUqP7qEzdzGouMpKx6K4mrr00D
kTjXE6g3fLA1GybWzkDjaQPENReiJmLy+qw8MJCxmHaek0a4CUbyAHMCpzKnOtv9
kx6CL86TAF+XmM1BHgwYj0Iik4z3SuAcW5VaL2++V3W556bXeegxHLED0CVyx1dS
+iooKe6vdKypEYMp3P4a1xfOA4majE7GbuUePujPx+4vX9Gbmja01ORoWM18VPTL
xIDl7IyCbBpmt1iJS3x3vx8hSVyETY7nRNt7D7aKmOo+lYznKmyPKdkq8qQBjwGv
WO6cFD8quqw9hR4EVPPQzsLgaoKjGcnYF2vluv9OCwr0bn0/LSLEybYxoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCw9bYERQEm68bYR3kai3WW4hLLdMB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvTEQxdGdSRkFTYnJ4dGhIZVJxTGRaYmlFc3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQKQAwQC
uXnQMA0EAgACMAcDBQAqABvnMA0GCSqGSIb3DQEBCwUAA4IBAQBQj6WnZgonzBGt
z4qwe/CUmgDwIjaXdMEY7EbyyWSGpmBATwzw3+Xl7f8fGhgJ5hpwyH9+Mi3HZShV
whBNPNBvxX+pUz09rSLZ/sejtpBL4Gq4O+Hcj4UqhW6e/cT89WSHexDFapYdSA6d
NIMlqVoS7jVUEzM/rRQrNBTAjyWGtU3NqwcMkuU3IO0Ca6iHxoB3DM76EQG/C9oZ
95iKX5+3UGwiRpLr91uHuu2YdiPrjRKhfu2GrpNC0P/HJ+mMyPl+GpR/a7snoyIt
KTQTUF7p587a1dHChS0wQlaiOCGZkQzN1sdE4XELlPUEtpEY3ifvUaDTIlOFrUb4
TWOIrige
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:59:22 2024 by rpki-client on console-fra.rpki-client.org