Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/lVQR-VNJCQP7NFhUzxiS0W7izWc.roa
File: lVQR-VNJCQP7NFhUzxiS0W7izWc.roa (raw, json)
Hash identifier: cwP/jQATQ98emvHMd2QlcHrsRELNp+Ko5jOvPdUgshw=
Subject key identifier: 95:54:11:F9:53:49:09:03:FB:34:58:54:CF:18:92:D1:6E:E2:CD:67
Certificate issuer: /CN=54272ff3172973c869a52212bf7ce801e1f8e783
Certificate serial: 018CC802DC1640EB79A04971344F987E663A
Authority key identifier: 54:27:2F:F3:17:29:73:C8:69:A5:22:12:BF:7C:E8:01:E1:F8:E7:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/lVQR-VNJCQP7NFhUzxiS0W7izWc.roa
Signing time: Tue 02 Jan 2024 02:31:19 +0000
ROA not before: Tue 02 Jan 2024 02:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47986
IP address blocks: 94.124.48.0/24 maxlen: 24
94.124.49.0/24 maxlen: 24
94.124.50.0/24 maxlen: 24
94.124.51.0/24 maxlen: 24
94.124.48.0/21 maxlen: 21
94.124.55.0/24 maxlen: 24
94.124.52.0/24 maxlen: 24
94.124.53.0/24 maxlen: 24
94.124.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:dc:16:40:eb:79:a0:49:71:34:4f:98:7e:66:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54272ff3172973c869a52212bf7ce801e1f8e783
Validity
Not Before: Jan 2 02:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=955411f953490903fb345854cf1892d16ee2cd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:74:fc:9d:9f:6f:71:51:5a:d2:cb:53:83:
7c:45:1a:27:88:c6:d6:47:68:78:88:a1:ce:a2:c0:
c0:cd:f5:c4:a7:b5:3e:df:89:2a:a5:03:72:90:6a:
34:3f:87:95:03:17:a8:f0:b1:11:94:b8:3c:71:11:
19:2a:89:f7:61:ad:ae:a6:92:9e:bf:c4:2a:70:48:
a2:2b:fe:ac:63:5e:da:86:64:25:f7:eb:ac:c7:1e:
e6:85:79:cf:21:58:0f:66:7b:38:7d:6d:23:67:ea:
bb:47:e7:20:fd:c2:0b:89:f8:33:82:4c:85:df:54:
59:bb:f8:56:c5:a8:15:59:b6:ba:96:4f:45:13:59:
ad:00:2e:e7:ad:c0:73:6e:e2:ac:ad:14:da:ca:6c:
f7:d1:9c:c5:09:4a:99:20:dc:21:97:90:ca:c1:fc:
b6:51:74:64:ff:c2:1c:5a:5d:3c:df:29:03:18:bc:
af:51:bf:dd:70:b2:30:97:12:a7:e3:ee:fb:d5:43:
33:8a:9a:fa:d6:5d:b0:23:72:68:09:89:08:a0:87:
f1:65:af:95:3f:d4:bc:88:68:2e:e2:68:30:9c:87:
50:f7:48:b6:40:00:d3:07:63:15:5b:3a:76:85:03:
5d:6d:c6:57:09:28:5a:a2:35:2b:91:a8:37:b6:32:
80:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:54:11:F9:53:49:09:03:FB:34:58:54:CF:18:92:D1:6E:E2:CD:67
X509v3 Authority Key Identifier:
keyid:54:27:2F:F3:17:29:73:C8:69:A5:22:12:BF:7C:E8:01:E1:F8:E7:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCcv8xcpc8hppSISv3zoAeH454M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/lVQR-VNJCQP7NFhUzxiS0W7izWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e287d9-9c3b-4121-92b6-a1d9e754c12e/1/VCcv8xcpc8hppSISv3zoAeH454M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.48.0/21
Signature Algorithm: sha256WithRSAEncryption
19:f2:3b:a9:0e:00:44:68:e3:b3:d4:fe:e3:82:69:16:ea:8d:
34:62:31:34:96:9f:61:a0:8e:ac:3c:72:f8:a2:22:e1:52:e9:
0b:5c:e0:55:dc:d8:ef:46:c7:7f:d0:da:49:7f:21:1d:70:98:
26:26:5a:64:20:72:f4:6d:75:7d:1a:6a:67:bb:86:c8:ee:c9:
7d:7b:ca:62:06:5f:f4:08:9e:bf:e9:99:81:28:69:9f:e8:19:
32:85:5a:a0:2a:37:d4:91:5b:65:f1:a2:42:50:04:5e:1a:e5:
27:90:b2:99:e4:5b:76:ae:39:4c:de:6a:a9:9a:70:48:3a:d3:
42:11:02:dc:0f:3b:8f:a6:eb:a7:c6:c3:a4:5a:96:17:86:0d:
24:b3:6f:cb:75:3e:63:ca:00:c9:a9:89:cb:0f:3c:dd:ce:a8:
38:54:c2:d0:5c:17:58:c0:5e:1a:30:1b:7a:95:03:bb:92:24:
c1:72:1e:e2:64:27:b9:fa:c2:bf:f3:8a:ac:b4:9d:c8:46:c3:
ce:22:b4:af:9e:ca:06:39:96:4d:3a:50:1e:2b:02:27:9c:55:
43:51:f6:bc:ec:b7:7f:3f:82:ea:99:01:b3:17:79:52:32:ab:
84:47:ff:b8:11:1f:ff:b4:86:1a:c4:b1:51:fc:6e:10:fa:c5:
48:09:80:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAtwWQOt5oElxNE+YfmY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MjcyZmYzMTcyOTczYzg2OWE1MjIxMmJmN2NlODAxZTFm
OGU3ODMwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU0MTFmOTUzNDkwOTAzZmIzNDU4NTRjZjE4OTJkMTZlZTJjZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkot0/J2fb3FRWtLLU4N8RRoniMbW
R2h4iKHOosDAzfXEp7U+34kqpQNykGo0P4eVAxeo8LERlLg8cREZKon3Ya2uppKe
v8QqcEiiK/6sY17ahmQl9+usxx7mhXnPIVgPZns4fW0jZ+q7R+cg/cILifgzgkyF
31RZu/hWxagVWba6lk9FE1mtAC7nrcBzbuKsrRTaymz30ZzFCUqZINwhl5DKwfy2
UXRk/8IcWl083ykDGLyvUb/dcLIwlxKn4+771UMzipr61l2wI3JoCYkIoIfxZa+V
P9S8iGgu4mgwnIdQ90i2QADTB2MVWzp2hQNdbcZXCShaojUrkag3tjKAJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVUEflTSQkD+zRYVM8YktFu4s1nMB8GA1UdIwQY
MBaAFFQnL/MXKXPIaaUiEr986AHh+OeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNjdjh4Y3BjOGhwcFNJU3Yzem9BZUg0NTRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMjg3ZDktOWMzYi00MTIxLTkyYjYt
YTFkOWU3NTRjMTJlLzEvbFZRUi1WTkpDUVA3TkZoVXp4aVMwVzdpeldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMjg3ZDktOWMzYi00MTIxLTkyYjYtYTFkOWU3NTRjMTJl
LzEvVkNjdjh4Y3BjOGhwcFNJU3Yzem9BZUg0NTRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXnwwMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ8jupDgBEaOOz1P7jgmkW6o00YjE0lp9hoI6sPHL4
oiLhUukLXOBV3NjvRsd/0NpJfyEdcJgmJlpkIHL0bXV9Gmpnu4bI7sl9e8piBl/0
CJ6/6ZmBKGmf6BkyhVqgKjfUkVtl8aJCUAReGuUnkLKZ5Ft2rjlM3mqpmnBIOtNC
EQLcDzuPpuunxsOkWpYXhg0ks2/LdT5jygDJqYnLDzzdzqg4VMLQXBdYwF4aMBt6
lQO7kiTBch7iZCe5+sK/84qstJ3IRsPOIrSvnsoGOZZNOlAeKwInnFVDUfa87Ld/
P4LqmQGzF3lSMquER/+4ER//tIYaxLFR/G4Q+sVICYA5
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:21:53 2024 by rpki-client on console-ams.rpki-client.org