Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lYJPYqYKR8cuxglycvmZ2Sm1aOI.roa
File: lYJPYqYKR8cuxglycvmZ2Sm1aOI.roa (raw, json)
Hash identifier: DqfYuiosRO+hrqQ/l2XNEX6LMABm1pHT+8qSXF00gAQ=
Subject key identifier: 95:82:4F:62:A6:0A:47:C7:2E:C6:09:72:72:F9:99:D9:29:B5:68:E2
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018CC26CF4F366D7D3B9072B15D2E9E021E0
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lYJPYqYKR8cuxglycvmZ2Sm1aOI.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.223.216.0/24 maxlen: 24
185.223.218.0/24 maxlen: 24
185.223.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f4:f3:66:d7:d3:b9:07:2b:15:d2:e9:e0:21:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95824f62a60a47c72ec6097272f999d929b568e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:f8:83:2f:c1:52:da:11:a3:c4:7b:1e:ac:
56:aa:d5:2a:cd:69:2d:b1:63:fd:67:82:33:7a:2b:
37:97:03:48:ca:dc:9e:2f:a9:c9:5c:f6:9e:b2:1f:
36:f3:da:e5:5c:0b:0b:cc:b6:04:e2:6b:a3:39:fc:
51:0b:df:6f:ee:79:d3:3d:51:bc:76:b4:1f:37:1a:
7d:bb:c3:e1:a7:29:88:5d:a9:f5:a2:e6:8f:a4:e5:
5e:ea:d0:4c:9d:cf:4c:b2:45:0b:da:9f:a6:ef:b5:
32:9d:72:de:33:fa:32:51:4b:ad:37:ad:7a:0f:07:
95:af:52:56:a7:ec:26:d7:c8:3f:88:81:b0:80:63:
84:86:1f:1e:71:94:d8:d9:f0:9f:c0:7d:f2:4e:dc:
11:53:68:87:cc:ac:29:51:3c:56:dc:ac:52:a3:b3:
26:76:f7:ee:6e:12:7c:8d:50:d6:85:95:0d:db:d6:
77:73:18:e3:7e:fc:b6:65:73:52:45:23:d7:0c:a8:
6e:d5:3b:59:b2:39:3d:8a:3c:c9:d7:71:e2:bc:23:
db:14:e3:d8:1b:11:f3:b9:00:ba:d4:35:07:f3:0f:
f6:bb:37:6c:f3:a5:5f:cc:d5:0f:9c:f0:69:2a:a4:
14:d9:4a:32:07:d5:8b:53:a7:68:d0:70:e4:0e:4b:
bd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:82:4F:62:A6:0A:47:C7:2E:C6:09:72:72:F9:99:D9:29:B5:68:E2
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lYJPYqYKR8cuxglycvmZ2Sm1aOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.216.0-185.223.218.255
Signature Algorithm: sha256WithRSAEncryption
68:a9:12:d0:04:6a:7c:55:a4:9e:25:92:63:7f:07:62:02:93:
ab:f0:ba:43:29:0c:d4:f8:08:b2:9b:07:5d:8f:95:e0:d7:22:
1e:24:96:ab:95:f0:b8:ab:d4:ef:81:70:d5:e5:70:a5:63:26:
ce:14:40:d5:7a:8e:ae:92:cb:06:00:66:cf:dd:35:28:61:2a:
42:63:8c:8c:50:48:35:5c:6b:6e:85:53:6d:c4:9e:aa:51:6e:
3a:1a:76:80:a4:e6:86:38:bf:46:7b:9e:3c:a4:6e:f4:11:0c:
c8:c0:bf:77:d7:bd:fd:99:49:74:8e:ab:71:cd:1a:9b:fa:6e:
e0:78:e4:c2:99:12:07:e8:de:69:cc:27:10:a4:82:fa:0d:28:
1a:9a:e6:60:2c:5a:61:2d:53:0b:f1:56:db:cb:b3:cc:7f:8e:
23:a5:14:65:d1:42:e6:7c:1d:f9:45:17:86:55:b0:15:33:b0:
e2:4f:ca:ea:0c:eb:38:bb:c8:3e:ed:c5:0a:db:d3:d4:24:ce:
bf:e0:94:e8:79:c9:a4:79:d7:cb:fb:1f:f5:7e:e9:64:e6:b6:
3b:e9:dc:37:55:14:2a:ae:08:8a:f2:3f:7d:48:83:05:ff:6a:
c2:20:45:07:f6:87:6e:67:79:95:34:7d:42:60:69:d6:7e:df:
91:9c:90:21
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbPTzZtfTuQcrFdLp4CHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgyNGY2MmE2MGE0N2M3MmVjNjA5NzI3MmY5OTlkOTI5YjU2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVL4gy/BUtoRo8R7HqxWqtUqzWkt
sWP9Z4Izeis3lwNIytyeL6nJXPaesh8289rlXAsLzLYE4mujOfxRC99v7nnTPVG8
drQfNxp9u8PhpymIXan1ouaPpOVe6tBMnc9MskUL2p+m77UynXLeM/oyUUutN616
DweVr1JWp+wm18g/iIGwgGOEhh8ecZTY2fCfwH3yTtwRU2iHzKwpUTxW3KxSo7Mm
dvfubhJ8jVDWhZUN29Z3cxjjfvy2ZXNSRSPXDKhu1TtZsjk9ijzJ13HivCPbFOPY
GxHzuQC61DUH8w/2uzds86VfzNUPnPBpKqQU2UoyB9WLU6do0HDkDku9LwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJWCT2KmCkfHLsYJcnL5mdkptWjiMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvbFlKUFlxWUtSOGN1eGdseWN2bVoyU20xYU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO539gD
BAC539owDQYJKoZIhvcNAQELBQADggEBAGipEtAEanxVpJ4lkmN/B2ICk6vwukMp
DNT4CLKbB12PleDXIh4klquV8Lir1O+BcNXlcKVjJs4UQNV6jq6SywYAZs/dNShh
KkJjjIxQSDVca26FU23EnqpRbjoadoCk5oY4v0Z7njykbvQRDMjAv3fXvf2ZSXSO
q3HNGpv6buB45MKZEgfo3mnMJxCkgvoNKBqa5mAsWmEtUwvxVtvLs8x/jiOlFGXR
QuZ8HflFF4ZVsBUzsOJPyuoM6zi7yD7txQrb09Qkzr/glOh5yaR518v7H/V+6WTm
tjvp3DdVFCquCIryP31IgwX/asIgRQf2h25neZU0fUJgadZ+35GckCE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:40:03 2024 by rpki-client on console-fra.rpki-client.org