Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/lRf1EYlBZa8kOgRnb9XUZnW1JJY.roa
File: lRf1EYlBZa8kOgRnb9XUZnW1JJY.roa (raw, json)
Hash identifier: 6BBl2zr99ZMZ/3ecSmFWvdHNi+6lErJVS10gijWFg+I=
Subject key identifier: 95:17:F5:11:89:41:65:AF:24:3A:04:67:6F:D5:D4:66:75:B5:24:96
Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Certificate serial: 018CC801704E33BEC02535ECD4E15F58E391
Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/lRf1EYlBZa8kOgRnb9XUZnW1JJY.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49832
IP address blocks: 185.88.11.0/24 maxlen: 32
167.160.20.0/24 maxlen: 32
2a06:1ec0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:70:4e:33:be:c0:25:35:ec:d4:e1:5f:58:e3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9517f511894165af243a04676fd5d46675b52496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:e1:05:fe:42:e4:39:6b:e3:79:24:e7:7e:
f0:78:66:ab:bb:a3:9b:cf:71:a6:87:02:ed:d1:50:
d6:75:aa:ef:4f:c1:fa:d9:26:40:97:55:5e:9e:d0:
d7:90:0a:e2:8e:6b:30:13:56:e7:1b:f3:08:dc:c2:
5e:cd:41:c2:4d:9b:95:b7:4e:42:db:11:33:02:00:
e5:85:97:97:f1:b4:f2:4e:12:d4:b5:bc:89:99:71:
71:87:08:33:a3:ee:ab:ef:d0:47:1d:91:13:9d:53:
f0:11:27:dc:b8:61:4c:7c:ba:ea:18:41:a3:bb:89:
95:1d:70:e5:72:91:ec:c4:9a:df:26:ac:72:98:84:
c3:b6:9c:bb:89:4d:ff:0c:66:a6:45:56:ee:0d:8b:
e6:2d:b5:0a:13:95:09:13:ec:cb:53:53:a3:ff:e3:
06:ee:cf:f8:01:98:24:e9:34:78:83:ed:20:d9:4e:
39:50:3d:35:1a:de:24:31:61:dc:a2:32:b5:48:33:
43:3b:ee:53:7b:e7:16:61:4e:cd:87:b6:ef:eb:d4:
52:39:09:11:b8:8e:cb:66:e3:48:69:55:9c:ed:e7:
40:41:10:e7:6f:42:64:a0:d5:9a:e0:d2:73:2d:f4:
34:5f:70:34:a2:15:f2:f2:1f:82:23:19:3b:9f:68:
d7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:17:F5:11:89:41:65:AF:24:3A:04:67:6F:D5:D4:66:75:B5:24:96
X509v3 Authority Key Identifier:
keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/lRf1EYlBZa8kOgRnb9XUZnW1JJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.20.0/24
185.88.11.0/24
IPv6:
2a06:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
04:d5:07:98:a7:2e:b1:2a:4a:2e:d4:08:42:4b:54:e7:3a:48:
7e:e1:f4:62:a0:ea:e6:05:f4:b5:6c:24:dc:33:c8:c5:b9:11:
03:2a:ea:f4:fe:8f:fb:e0:9b:b9:20:27:0c:62:e8:4e:c2:65:
69:ab:53:a6:49:b3:ce:32:4d:72:b1:ed:43:0a:df:ad:a3:f5:
cb:16:6b:48:d8:01:17:3c:32:0d:28:4c:40:c3:33:35:be:dd:
25:15:fb:60:99:01:fe:10:00:18:91:fb:94:6d:83:81:15:1c:
6d:32:d6:e6:31:52:a5:10:b2:53:a9:a4:4c:8f:f0:05:85:eb:
0f:ec:85:7b:8c:79:e6:a7:b6:07:ca:8d:c7:db:16:0d:6a:b4:
58:5e:89:11:e6:d6:ca:73:72:68:d5:ca:a3:39:c2:64:b4:54:
7b:82:b4:f0:9c:eb:e8:64:1a:4a:de:9c:f0:e9:28:36:56:56:
6d:d2:37:84:a2:83:90:38:80:ea:12:40:46:76:51:97:42:ad:
5a:20:d9:a9:2d:87:82:b2:88:71:7a:15:55:3a:49:f2:8e:8d:
69:4d:11:e1:08:90:47:d8:65:1f:d5:a1:50:74:0e:12:7b:ed:
89:04:9a:ba:e9:83:8e:65:f1:5a:65:4c:4e:98:a2:73:53:7f:
6a:1b:4a:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAXBOM77AJTXs1OFfWOORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDUwYzYzNzY2NTVlZWMxZGQyZGE0YmQyMWQ1ZjEwNGE5
NmQ5MDQwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE3ZjUxMTg5NDE2NWFmMjQzYTA0Njc2ZmQ1ZDQ2Njc1YjUyNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC/hBf5C5Dlr43kk537weGaru6Ob
z3GmhwLt0VDWdarvT8H62SZAl1VentDXkArijmswE1bnG/MI3MJezUHCTZuVt05C
2xEzAgDlhZeX8bTyThLUtbyJmXFxhwgzo+6r79BHHZETnVPwESfcuGFMfLrqGEGj
u4mVHXDlcpHsxJrfJqxymITDtpy7iU3/DGamRVbuDYvmLbUKE5UJE+zLU1Oj/+MG
7s/4AZgk6TR4g+0g2U45UD01Gt4kMWHcojK1SDNDO+5Te+cWYU7Nh7bv69RSOQkR
uI7LZuNIaVWc7edAQRDnb0JkoNWa4NJzLfQ0X3A0ohXy8h+CIxk7n2jXHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJUX9RGJQWWvJDoEZ2/V1GZ1tSSWMB8GA1UdIwQY
MBaAFPVFDGN2ZV7sHdLaS9IdXxBKltkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgt
NmQxZjYwNTQzZTljLzEvbFJmMUVZbEJaYThrT2dSbmI5WFVablcxSkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgtNmQxZjYwNTQzZTlj
LzEvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp6AUAwQA
uVgLMA0EAgACMAcDBQMqBh7AMA0GCSqGSIb3DQEBCwUAA4IBAQAE1QeYpy6xKkou
1AhCS1TnOkh+4fRioOrmBfS1bCTcM8jFuREDKur0/o/74Ju5ICcMYuhOwmVpq1Om
SbPOMk1yse1DCt+to/XLFmtI2AEXPDINKExAwzM1vt0lFftgmQH+EAAYkfuUbYOB
FRxtMtbmMVKlELJTqaRMj/AFhesP7IV7jHnmp7YHyo3H2xYNarRYXokR5tbKc3Jo
1cqjOcJktFR7grTwnOvoZBpK3pzw6Sg2VlZt0jeEooOQOIDqEkBGdlGXQq1aINmp
LYeCsohxehVVOknyjo1pTRHhCJBH2GUf1aFQdA4Se+2JBJq66YOOZfFaZUxOmKJz
U39qG0rm
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:48 2024 by rpki-client on console-fra.rpki-client.org