Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/lDvswE8G_hc7OrOrFNiX-g23p70.roa
File: lDvswE8G_hc7OrOrFNiX-g23p70.roa (raw, json)
Hash identifier: jQCfRHKVQzgBIK4l3y8cqKHfwI4oEGtNfIxI0smkQLc=
Subject key identifier: 94:3B:EC:C0:4F:06:FE:17:3B:3A:B3:AB:14:D8:97:FA:0D:B7:A7:BD
Certificate issuer: /CN=03590f562050d9769ed57b07b1bc931ecddf1397
Certificate serial: 018CC2DB2B518D27951FF068B764BEF1D19B
Authority key identifier: 03:59:0F:56:20:50:D9:76:9E:D5:7B:07:B1:BC:93:1E:CD:DF:13:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/lDvswE8G_hc7OrOrFNiX-g23p70.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47322
IP address blocks: 171.25.227.0/24 maxlen: 24
195.182.52.0/24 maxlen: 24
185.151.74.0/24 maxlen: 24
185.151.75.0/24 maxlen: 24
185.151.72.0/24 maxlen: 24
185.151.73.0/24 maxlen: 24
171.25.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2b:51:8d:27:95:1f:f0:68:b7:64:be:f1:d1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03590f562050d9769ed57b07b1bc931ecddf1397
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=943becc04f06fe173b3ab3ab14d897fa0db7a7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:af:ee:1c:d9:01:13:a9:be:45:7c:60:e6:0a:
cc:9a:fd:31:c1:0a:ad:52:92:db:09:2a:f7:1b:4d:
a3:ab:2d:a0:52:30:da:ea:ce:06:c1:3e:ab:55:a9:
58:a2:7b:5e:3e:d8:96:72:81:bd:e6:65:0e:c8:cd:
5e:04:82:0b:c4:8f:1d:ae:ac:31:74:67:e6:2e:23:
0c:b5:f5:66:6d:52:12:22:7f:df:de:45:c4:17:3c:
77:99:fa:61:1c:19:23:bb:ac:53:4b:7f:a1:ae:9d:
99:27:66:ae:c3:08:6f:f6:41:11:eb:3f:e6:8d:43:
d3:f5:26:c8:07:94:82:84:8b:fb:51:4c:81:b4:48:
ee:31:14:9b:96:ca:4d:57:78:27:72:fc:3c:78:19:
82:a4:28:86:cc:77:f8:d9:6f:6e:bf:be:22:62:ba:
3e:e0:56:a8:bb:64:e8:a9:2e:ad:cf:3c:bc:c5:48:
07:85:3b:fd:c0:fb:eb:f2:af:13:a7:48:09:fb:4a:
d1:90:9e:8d:cc:08:15:ba:78:c9:e8:3c:f6:83:23:
9f:a6:b1:9b:e1:50:c9:b4:44:4f:04:7a:24:7b:6c:
be:5a:cd:51:b3:09:e5:d6:2f:c2:64:00:77:05:78:
e1:e5:3b:ce:ff:db:d9:74:ee:ae:f0:6e:16:fe:6a:
07:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3B:EC:C0:4F:06:FE:17:3B:3A:B3:AB:14:D8:97:FA:0D:B7:A7:BD
X509v3 Authority Key Identifier:
keyid:03:59:0F:56:20:50:D9:76:9E:D5:7B:07:B1:BC:93:1E:CD:DF:13:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/lDvswE8G_hc7OrOrFNiX-g23p70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.226.0/23
185.151.72.0/22
195.182.52.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ea:9c:fe:9e:95:56:ca:12:fa:9a:a4:57:79:5c:5d:d5:ad:
34:7b:da:5c:da:fe:b7:99:d8:fd:d7:0c:f5:52:12:5e:57:86:
9b:ab:87:a2:d5:d1:fc:d4:f0:48:21:e1:92:97:e3:e2:d7:d5:
b9:b6:5d:ec:6d:61:f7:50:5f:1f:3e:09:cb:83:26:d1:db:1d:
42:79:6f:54:87:09:47:87:3c:0e:86:ef:02:e0:bf:56:c4:da:
9e:71:8d:db:63:7a:c4:a7:ce:16:ab:1e:6f:3c:12:d1:c8:32:
0e:05:41:19:7b:c5:90:a6:92:8c:61:7f:95:69:6c:5e:fd:e4:
4f:42:88:50:0e:cf:b9:76:8b:f4:8d:c8:64:eb:62:94:5d:e1:
67:e2:e5:4e:40:48:e5:0f:ae:88:5f:51:0c:24:c4:b1:b7:43:
97:54:ab:bb:3d:f1:14:fe:23:69:60:d4:fd:2e:55:7d:d9:14:
e2:04:00:b6:d9:6e:4a:67:d1:6c:fd:e1:bc:08:99:e3:d7:4a:
ba:6e:14:0c:26:f5:3e:83:a2:37:d0:91:38:e4:74:3a:05:d0:
07:3b:bd:e1:6f:45:7d:c7:79:ee:00:7d:5f:db:0a:13:20:ef:
92:19:e6:7f:80:12:b9:80:d0:85:cf:9a:e7:08:00:65:68:30:
0e:6c:22:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2ytRjSeVH/Bot2S+8dGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTkwZjU2MjA1MGQ5NzY5ZWQ1N2IwN2IxYmM5MzFlY2Rk
ZjEzOTcwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNiZWNjMDRmMDZmZTE3M2IzYWIzYWIxNGQ4OTdmYTBkYjdhN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq/uHNkBE6m+RXxg5grMmv0xwQqt
UpLbCSr3G02jqy2gUjDa6s4GwT6rValYontePtiWcoG95mUOyM1eBIILxI8drqwx
dGfmLiMMtfVmbVISIn/f3kXEFzx3mfphHBkju6xTS3+hrp2ZJ2auwwhv9kER6z/m
jUPT9SbIB5SChIv7UUyBtEjuMRSblspNV3gncvw8eBmCpCiGzHf42W9uv74iYro+
4Faou2ToqS6tzzy8xUgHhTv9wPvr8q8Tp0gJ+0rRkJ6NzAgVunjJ6Dz2gyOfprGb
4VDJtERPBHoke2y+Ws1Rswnl1i/CZAB3BXjh5TvO/9vZdO6u8G4W/moHYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJQ77MBPBv4XOzqzqxTYl/oNt6e9MB8GA1UdIwQY
MBaAFANZD1YgUNl2ntV7B7G8kx7N3xOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFrUFZpQlEyWGFlMVhzSHNieVRIczNmRTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iMTAxNmMtMTIxYS00OTg4LWI4OTAt
ZWNjNGMxYzM2YjBkLzEvbER2c3dFOEdfaGM3T3JPckZOaVgtZzIzcDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iMTAxNmMtMTIxYS00OTg4LWI4OTAtZWNjNGMxYzM2YjBk
LzEvQTFrUFZpQlEyWGFlMVhzSHNieVRIczNmRTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBqxniAwQC
uZdIAwQAw7Y0MA0GCSqGSIb3DQEBCwUAA4IBAQB36pz+npVWyhL6mqRXeVxd1a00
e9pc2v63mdj91wz1UhJeV4abq4ei1dH81PBIIeGSl+Pi19W5tl3sbWH3UF8fPgnL
gybR2x1CeW9UhwlHhzwOhu8C4L9WxNqecY3bY3rEp84Wqx5vPBLRyDIOBUEZe8WQ
ppKMYX+VaWxe/eRPQohQDs+5dov0jchk62KUXeFn4uVOQEjlD66IX1EMJMSxt0OX
VKu7PfEU/iNpYNT9LlV92RTiBAC22W5KZ9Fs/eG8CJnj10q6bhQMJvU+g6I30JE4
5HQ6BdAHO73hb0V9x3nuAH1f2woTIO+SGeZ/gBK5gNCFz5rnCABlaDAObCLc
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:08 2024 by rpki-client on console-ams.rpki-client.org