Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/llJppn6Lm4SsjaGr2g-fF2LyJts.roa
File: llJppn6Lm4SsjaGr2g-fF2LyJts.roa (raw, json)
Hash identifier: jlqx6VROK7AhKNRRFxWMzs+98q67Dm0+GPPQiMEuJ6c=
Subject key identifier: 96:52:69:A6:7E:8B:9B:84:AC:8D:A1:AB:DA:0F:9F:17:62:F2:26:DB
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 018F9F5E3DD5DD520368429C638AE6E13DF3
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/llJppn6Lm4SsjaGr2g-fF2LyJts.roa
Signing time: Wed 22 May 2024 08:15:04 +0000
ROA not before: Wed 22 May 2024 08:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39072
IP address blocks: 185.145.32.0/22 maxlen: 22
194.110.164.0/22 maxlen: 22
194.110.164.0/24 maxlen: 24
194.110.165.0/24 maxlen: 24
194.116.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:5e:3d:d5:dd:52:03:68:42:9c:63:8a:e6:e1:3d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: May 22 08:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=965269a67e8b9b84ac8da1abda0f9f1762f226db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:f3:44:c6:2c:6b:4a:42:51:f7:d2:21:94:
d0:81:6c:e5:e0:37:70:f8:23:bb:b3:f6:aa:bf:e3:
31:2a:8a:f1:a9:2f:b8:b7:25:01:1b:1a:61:ac:ea:
70:f6:a5:ad:9e:c4:64:f1:f8:13:2f:81:67:20:06:
82:ea:e2:32:0e:b2:bc:4c:fb:99:45:a8:65:63:21:
33:ae:35:4f:bc:ba:1f:73:8f:44:1c:db:5d:76:bb:
34:dd:64:6b:8e:91:52:ce:ef:0c:a4:61:65:a5:f5:
15:46:8f:6d:5c:d4:89:77:9b:65:a0:64:5a:e3:6b:
9d:c0:ed:88:fb:01:53:92:34:c8:34:15:d0:11:94:
3f:8c:4e:73:51:d4:b7:de:db:d1:15:1d:80:7f:6a:
5d:9d:2d:9e:8c:6a:75:c2:3e:15:49:3d:0d:39:af:
f7:d9:b4:2f:f9:c5:24:37:64:e4:88:aa:b5:f0:bb:
3d:97:03:78:ec:5e:bd:f5:9b:ed:3b:47:c7:98:56:
fc:c9:f3:39:d3:6d:2a:90:37:f0:2e:b8:da:c7:0b:
78:3e:8e:dd:f6:0f:25:0c:56:7f:dd:f7:01:cb:d4:
ee:67:d1:f2:1c:1f:d1:f2:93:8d:2d:4f:fc:bc:54:
f2:50:a7:16:8f:56:e5:e0:cb:eb:64:a6:44:ed:92:
09:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:52:69:A6:7E:8B:9B:84:AC:8D:A1:AB:DA:0F:9F:17:62:F2:26:DB
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/llJppn6Lm4SsjaGr2g-fF2LyJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.32.0/22
194.110.164.0/22
194.116.202.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:95:7e:42:3d:95:cb:62:f3:57:2f:c0:19:4a:98:71:99:56:
98:ac:9b:fb:9c:88:cf:c6:cc:cc:bf:da:91:d3:76:5b:8f:18:
c8:15:13:78:bb:9d:83:48:e7:62:2e:55:de:aa:16:4c:35:ef:
66:d3:34:e9:49:f5:bf:e2:e9:41:6b:fe:07:65:fd:83:b3:e5:
67:6b:33:c0:b7:15:08:4e:c8:e0:37:95:2a:c9:ea:a9:82:72:
87:d4:11:ff:9c:13:c9:1e:7f:29:b1:be:32:99:cc:11:62:b2:
4a:0c:b9:3d:cd:46:59:4f:45:35:78:a4:a6:81:66:2e:98:33:
f9:c1:d1:8f:f3:bc:35:31:10:60:7b:c5:67:a7:1f:c6:d6:e7:
86:43:bc:e0:b0:de:12:a5:09:99:fe:7d:98:24:9e:f3:2d:9d:
53:96:d0:fb:ad:93:02:4e:4e:fa:bc:44:87:44:6c:10:a8:f1:
14:c3:b2:14:40:dd:15:49:a0:c1:6b:5e:bb:8e:e4:23:cd:1a:
53:b2:64:53:cd:22:99:53:dc:77:d8:b3:49:ec:e8:51:25:3a:
15:ad:b1:c3:91:14:90:fe:38:a1:d0:24:f3:80:75:c6:48:c0:
98:66:a8:21:cf:6a:f9:99:a7:60:2d:c1:bc:4e:ba:2d:79:da:
6d:f6:da:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+fXj3V3VIDaEKcY4rm4T3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjQwNTIyMDgxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUyNjlhNjdlOGI5Yjg0YWM4ZGExYWJkYTBmOWYxNzYyZjIyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVHzRMYsa0pCUffSIZTQgWzl4Ddw
+CO7s/aqv+MxKorxqS+4tyUBGxphrOpw9qWtnsRk8fgTL4FnIAaC6uIyDrK8TPuZ
RahlYyEzrjVPvLofc49EHNtddrs03WRrjpFSzu8MpGFlpfUVRo9tXNSJd5tloGRa
42udwO2I+wFTkjTINBXQEZQ/jE5zUdS33tvRFR2Af2pdnS2ejGp1wj4VST0NOa/3
2bQv+cUkN2TkiKq18Ls9lwN47F699ZvtO0fHmFb8yfM5020qkDfwLrjaxwt4Po7d
9g8lDFZ/3fcBy9TuZ9HyHB/R8pONLU/8vFTyUKcWj1bl4MvrZKZE7ZIJuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJZSaaZ+i5uErI2hq9oPnxdi8ibbMB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEvbGxKcHBuNkxtNFNzamFHcjJnLWZGMkx5SnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZEgAwQC
wm6kAwQBwnTKMA0GCSqGSIb3DQEBCwUAA4IBAQAelX5CPZXLYvNXL8AZSphxmVaY
rJv7nIjPxszMv9qR03ZbjxjIFRN4u52DSOdiLlXeqhZMNe9m0zTpSfW/4ulBa/4H
Zf2Ds+VnazPAtxUITsjgN5UqyeqpgnKH1BH/nBPJHn8psb4ymcwRYrJKDLk9zUZZ
T0U1eKSmgWYumDP5wdGP87w1MRBge8Vnpx/G1ueGQ7zgsN4SpQmZ/n2YJJ7zLZ1T
ltD7rZMCTk76vESHRGwQqPEUw7IUQN0VSaDBa167juQjzRpTsmRTzSKZU9x32LNJ
7OhRJToVrbHDkRSQ/jih0CTzgHXGSMCYZqghz2r5madgLcG8Trotedpt9tqr
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:40 2024 by rpki-client on console-fra.rpki-client.org