Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ljIelCLGJEM0Qy_tRuvwVpdKms8.roa
File: ljIelCLGJEM0Qy_tRuvwVpdKms8.roa (raw, json)
Hash identifier: 4MYW13G5DhZoMDjNiGwcVC9fjvVQkqi5EJWpn+Wg3hs=
Subject key identifier: 96:32:1E:94:22:C6:24:43:34:43:2F:ED:46:EB:F0:56:97:4A:9A:CF
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018CC8DCDD1D716F03FA3F3B1DDD6FC75EDA
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ljIelCLGJEM0Qy_tRuvwVpdKms8.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49771
IP address blocks: 94.188.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:dd:1d:71:6f:03:fa:3f:3b:1d:dd:6f:c7:5e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96321e9422c6244334432fed46ebf056974a9acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:01:97:06:8f:aa:74:8b:a0:73:7e:61:19:bd:
b9:a5:b5:2b:a5:92:09:f7:0c:c2:c9:e9:4f:28:ff:
10:c7:39:8d:46:4f:a4:f1:49:11:d4:7d:01:85:6b:
b9:e9:47:9e:9d:ae:a6:81:08:39:95:bb:b8:ab:50:
87:fd:f0:1b:01:2b:8b:6d:23:98:d1:23:4d:cf:3a:
3a:9d:ab:ac:80:2f:87:cd:09:71:1b:b6:d0:4b:95:
f7:bd:37:83:45:d8:4c:7e:1c:38:6a:2b:8a:f3:6f:
07:99:46:d5:cd:9a:4c:04:cd:05:fa:78:ae:43:fe:
92:27:2f:71:a5:10:9c:d4:54:0c:05:b1:bd:5d:f6:
4a:0c:64:66:53:cc:6d:c9:cd:58:21:46:ec:20:23:
b2:e1:40:01:46:15:7e:eb:f0:07:3a:db:30:b6:92:
f6:6e:92:a1:e9:8e:b2:59:2d:d9:e5:37:dd:76:a9:
66:04:0f:88:5b:cc:c1:11:19:c4:4a:cd:b0:3b:4d:
56:4f:ca:1a:17:89:7f:3b:95:e4:1b:b6:c5:6b:62:
d8:9b:65:99:75:d2:e5:79:8f:cd:90:a5:30:fc:54:
e3:0e:b0:c4:4c:8d:30:fa:95:e2:be:60:d4:36:90:
e3:3f:1d:52:b0:43:2c:8b:ff:58:8c:34:e1:c8:02:
87:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:32:1E:94:22:C6:24:43:34:43:2F:ED:46:EB:F0:56:97:4A:9A:CF
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ljIelCLGJEM0Qy_tRuvwVpdKms8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:9f:8b:52:42:30:3f:04:cd:e3:bb:38:55:0c:b4:24:ef:9e:
f6:c2:ce:69:9a:2a:f0:df:c1:fe:e3:2f:ee:41:4c:5c:4f:aa:
20:b2:c6:1b:fa:64:b9:28:b7:f4:bd:67:a7:69:7e:46:e8:c8:
2a:88:1b:4f:58:30:65:4b:1b:4d:18:48:6d:c5:b8:6d:4a:7c:
27:ec:a0:f5:a8:16:60:5d:4e:58:2f:e1:c3:8e:c4:51:14:9e:
78:4c:a6:7e:6e:eb:5e:00:2c:ba:4c:0e:5f:06:80:51:b8:81:
51:7c:73:75:55:24:b0:87:ba:6a:e7:1f:9b:5c:8e:e6:b6:06:
30:65:f6:ad:88:25:32:06:c6:7a:22:39:7f:d5:58:dd:cd:c2:
fa:f1:a0:f8:b1:fd:0b:81:fe:83:46:07:ac:7e:4d:5c:44:37:
86:d4:95:03:15:12:cb:77:a4:a6:93:dd:3c:19:b8:ee:09:02:
75:94:98:fe:fe:22:a4:75:6e:c5:39:86:64:2f:0e:82:0a:58:
a6:27:6e:ff:2d:aa:4d:67:92:40:9c:5a:20:1a:3b:4e:38:47:
c0:5c:a4:68:35:44:4a:86:58:47:a4:46:a2:82:eb:d8:61:a3:
59:3a:eb:ef:82:a0:78:aa:5b:62:7a:65:e6:a5:3c:0b:af:51:
23:5e:b5:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3N0dcW8D+j87Hd1vx17aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjMyMWU5NDIyYzYyNDQzMzQ0MzJmZWQ0NmViZjA1Njk3NGE5YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQGXBo+qdIugc35hGb25pbUrpZIJ
9wzCyelPKP8QxzmNRk+k8UkR1H0BhWu56Ueena6mgQg5lbu4q1CH/fAbASuLbSOY
0SNNzzo6nausgC+HzQlxG7bQS5X3vTeDRdhMfhw4aiuK828HmUbVzZpMBM0F+niu
Q/6SJy9xpRCc1FQMBbG9XfZKDGRmU8xtyc1YIUbsICOy4UABRhV+6/AHOtswtpL2
bpKh6Y6yWS3Z5TfddqlmBA+IW8zBERnESs2wO01WT8oaF4l/O5XkG7bFa2LYm2WZ
ddLleY/NkKUw/FTjDrDETI0w+pXivmDUNpDjPx1SsEMsi/9YjDThyAKH6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYyHpQixiRDNEMv7Ubr8FaXSprPMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvbGpJZWxDTEdKRU0wUXlfdFJ1dndWcGRLbXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXryQMA0G
CSqGSIb3DQEBCwUAA4IBAQBbn4tSQjA/BM3juzhVDLQk7572ws5pmirw38H+4y/u
QUxcT6ogssYb+mS5KLf0vWenaX5G6MgqiBtPWDBlSxtNGEhtxbhtSnwn7KD1qBZg
XU5YL+HDjsRRFJ54TKZ+buteACy6TA5fBoBRuIFRfHN1VSSwh7pq5x+bXI7mtgYw
ZfatiCUyBsZ6Ijl/1VjdzcL68aD4sf0Lgf6DRgesfk1cRDeG1JUDFRLLd6Smk908
GbjuCQJ1lJj+/iKkdW7FOYZkLw6CClimJ27/LapNZ5JAnFogGjtOOEfAXKRoNURK
hlhHpEaiguvYYaNZOuvvgqB4qltiemXmpTwLr1EjXrUt
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:17 2024 by rpki-client on console-fra.rpki-client.org