Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/53LkXT_lerus2aC8etQSPzLJ2QM.roa
File: 53LkXT_lerus2aC8etQSPzLJ2QM.roa (raw, json)
Hash identifier: bXL0RXAM66OLEe7YM1glMFhyT+w6TGqmMoBwRe+H92Q=
Subject key identifier: E7:72:E4:5D:3F:E5:7A:BB:AC:D9:A0:BC:7A:D4:12:3F:32:C9:D9:03
Certificate issuer: /CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Certificate serial: 018CC86F37A4868B957DAC39499C818227CC
Authority key identifier: 1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/53LkXT_lerus2aC8etQSPzLJ2QM.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52106
IP address blocks: 194.180.44.0/22 maxlen: 22
45.148.40.0/22 maxlen: 22
194.61.159.0/24 maxlen: 24
194.61.56.0/24 maxlen: 24
194.60.205.0/24 maxlen: 24
194.60.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:37:a4:86:8b:95:7d:ac:39:49:9c:81:82:27:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e772e45d3fe57abbacd9a0bc7ad4123f32c9d903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:b3:2d:d3:ef:68:10:ca:ad:41:c3:49:96:
cd:b1:38:18:62:e5:54:a1:9d:de:77:26:14:c8:b7:
fb:b3:b2:89:8d:0a:2b:fc:60:18:1f:d0:78:e4:45:
91:05:c1:a7:dd:2c:98:da:bf:97:b1:54:0d:f0:a9:
d9:4b:ff:97:2d:cb:41:5e:f3:09:08:dd:f4:94:64:
d4:b4:fb:64:b6:ae:f9:3b:c1:91:d6:36:4a:b1:75:
b0:97:49:83:24:fd:95:09:ca:5a:cf:73:0a:16:0c:
b2:a1:41:2b:c2:aa:2e:61:a7:9d:54:b1:d0:3c:98:
64:38:f6:62:43:e9:4c:d9:c3:0f:00:b4:93:8b:ee:
e0:34:5e:98:4c:3d:b3:d2:4d:45:06:ed:c4:61:54:
f0:22:2b:83:23:4b:c5:e6:77:39:16:72:28:68:6f:
58:4e:12:5b:1f:7c:62:a6:7b:30:b9:71:8b:4c:1f:
02:07:b8:8d:0d:01:99:73:df:aa:33:5b:ee:fa:69:
1b:19:0c:2a:11:9c:63:11:75:63:d5:80:5d:1d:d8:
14:2f:6a:b4:9b:e8:5b:63:a3:c3:71:ce:42:a0:49:
08:a0:00:0a:be:ad:f9:6a:f0:8f:f7:c7:3d:48:b3:
41:4b:40:75:ad:53:bd:3f:d0:f8:26:27:ce:8b:f0:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:72:E4:5D:3F:E5:7A:BB:AC:D9:A0:BC:7A:D4:12:3F:32:C9:D9:03
X509v3 Authority Key Identifier:
keyid:1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/53LkXT_lerus2aC8etQSPzLJ2QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.40.0/22
194.60.202.0/24
194.60.205.0/24
194.61.56.0/24
194.61.159.0/24
194.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:6b:b8:13:41:af:76:c7:de:50:12:62:4a:d0:84:56:bf:32:
43:6a:74:e9:70:9e:c1:8e:ba:b7:7d:f1:5c:23:a8:19:37:72:
11:e1:38:bd:d7:d2:6d:59:85:5f:43:cc:7b:cb:cb:ec:a6:d4:
de:00:48:1a:5a:7a:d4:41:c2:f0:61:aa:48:21:3a:cb:68:f6:
9e:ce:5c:af:59:34:ff:29:93:e8:14:6c:a7:49:20:89:56:07:
7f:2c:ab:9e:59:a9:57:2d:56:36:c0:b4:8e:15:99:26:f6:c7:
79:8a:df:bd:e7:76:2a:fc:60:21:83:0c:4d:92:d9:36:81:27:
ab:fb:68:70:ce:0f:aa:25:6f:8c:58:83:0b:04:5f:ec:2c:fd:
25:fb:bb:ca:95:5f:c1:d3:0b:a5:81:8e:2e:0c:69:62:74:e4:
58:eb:85:e2:32:92:6d:b7:20:80:ce:dc:53:2a:00:20:be:59:
a3:af:b0:d1:55:60:5e:a1:15:9b:af:c9:5c:ab:e2:26:2c:c4:
ac:0d:75:7e:2f:13:f1:70:c7:56:b5:7e:60:e5:54:d5:09:79:
89:e9:4b:0b:09:74:28:9d:85:60:05:e8:6a:a3:98:d8:2d:1f:
59:f5:e6:c4:22:32:25:e8:f1:6d:aa:68:20:c5:dc:1b:94:b4:
f8:77:a4:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIbzekhouVfaw5SZyBgifMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODg1YzM3ZTc0N2JjZTIzZWU5MDk3ZTVmZjdlOTgzYmNi
YTBkYjQwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcyZTQ1ZDNmZTU3YWJiYWNkOWEwYmM3YWQ0MTIzZjMyYzlkOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7azLdPvaBDKrUHDSZbNsTgYYuVU
oZ3edyYUyLf7s7KJjQor/GAYH9B45EWRBcGn3SyY2r+XsVQN8KnZS/+XLctBXvMJ
CN30lGTUtPtktq75O8GR1jZKsXWwl0mDJP2VCcpaz3MKFgyyoUErwqouYaedVLHQ
PJhkOPZiQ+lM2cMPALSTi+7gNF6YTD2z0k1FBu3EYVTwIiuDI0vF5nc5FnIoaG9Y
ThJbH3xipnswuXGLTB8CB7iNDQGZc9+qM1vu+mkbGQwqEZxjEXVj1YBdHdgUL2q0
m+hbY6PDcc5CoEkIoAAKvq35avCP98c9SLNBS0B1rVO9P9D4JifOi/BB6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOdy5F0/5Xq7rNmgvHrUEj8yydkDMB8GA1UdIwQY
MBaAFBqIXDfnR7ziPukJfl/36YO8ug20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5Mzkt
YzE0MDJkMjYxNDMyLzEvNTNMa1hUX2xlcnVzMmFDOGV0UVNQekxKMlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5MzktYzE0MDJkMjYxNDMy
LzEvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZQoAwQA
wjzKAwQAwjzNAwQAwj04AwQAwj2fAwQCwrQsMA0GCSqGSIb3DQEBCwUAA4IBAQCo
a7gTQa92x95QEmJK0IRWvzJDanTpcJ7Bjrq3ffFcI6gZN3IR4Ti919JtWYVfQ8x7
y8vsptTeAEgaWnrUQcLwYapIITrLaPaezlyvWTT/KZPoFGynSSCJVgd/LKueWalX
LVY2wLSOFZkm9sd5it+953Yq/GAhgwxNktk2gSer+2hwzg+qJW+MWIMLBF/sLP0l
+7vKlV/B0wulgY4uDGlidORY64XiMpJttyCAztxTKgAgvlmjr7DRVWBeoRWbr8lc
q+ImLMSsDXV+LxPxcMdWtX5g5VTVCXmJ6UsLCXQonYVgBehqo5jYLR9Z9ebEIjIl
6PFtqmggxdwblLT4d6TC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:31 2024 by rpki-client on console-ams.rpki-client.org