Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/lptZY6YVZqy3A8BX9_A6YcNCaTM.roa
File: lptZY6YVZqy3A8BX9_A6YcNCaTM.roa (raw, json)
Hash identifier: 4/VpfQfi8ZA4BV1E/CGzQ9Sc90wwC26I7S0j/o9SaNw=
Subject key identifier: 96:9B:59:63:A6:15:66:AC:B7:03:C0:57:F7:F0:3A:61:C3:42:69:33
Certificate issuer: /CN=1acbdd00d27b8a8befc866caf378f19027684769
Certificate serial: 018D59A5443AF2D212E6E38DA31DF0B70CBC
Authority key identifier: 1A:CB:DD:00:D2:7B:8A:8B:EF:C8:66:CA:F3:78:F1:90:27:68:47:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsvdANJ7iovvyGbK83jxkCdoR2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/lptZY6YVZqy3A8BX9_A6YcNCaTM.roa
Signing time: Tue 30 Jan 2024 09:13:39 +0000
ROA not before: Tue 30 Jan 2024 09:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35717
IP address blocks: 185.12.48.0/22 maxlen: 24
185.114.4.0/22 maxlen: 24
185.128.236.0/22 maxlen: 24
185.129.44.0/22 maxlen: 24
185.199.40.0/22 maxlen: 24
193.36.45.0/24 maxlen: 24
195.137.184.0/24 maxlen: 24
195.200.195.0/24 maxlen: 24
2a03:7fc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/GsvdANJ7iovvyGbK83jxkCdoR2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/GsvdANJ7iovvyGbK83jxkCdoR2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/GsvdANJ7iovvyGbK83jxkCdoR2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:a5:44:3a:f2:d2:12:e6:e3:8d:a3:1d:f0:b7:0c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acbdd00d27b8a8befc866caf378f19027684769
Validity
Not Before: Jan 30 09:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=969b5963a61566acb703c057f7f03a61c3426933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:24:d2:46:6c:25:88:03:35:f4:ad:aa:50:
ff:ca:33:62:97:03:b4:c5:34:93:69:69:e9:4c:a4:
93:64:67:98:ec:84:ce:67:9a:12:7e:d0:51:61:69:
a7:a5:bd:99:d5:07:b3:87:a8:5a:92:03:ca:e1:4a:
93:05:70:82:a5:64:75:1f:bf:01:44:99:42:cd:78:
6a:b8:99:e6:3c:a9:7f:fa:5d:46:ff:89:3b:f9:1e:
db:07:c5:bd:55:18:5a:55:d2:62:cd:a9:2c:81:6f:
98:48:90:24:f4:ba:d5:81:4a:da:7e:4c:e0:e8:42:
79:a1:fa:b4:fa:60:b5:a2:78:09:68:5a:f6:61:14:
cf:76:ba:e7:2f:9b:6f:a9:4e:72:a3:1d:48:91:87:
c7:17:06:4b:4a:3c:c1:16:de:51:f1:6b:ff:63:01:
aa:45:a8:13:73:e1:70:c8:c8:d6:f9:c6:e3:67:23:
25:29:1f:b9:49:e1:c5:9e:75:03:44:57:4e:c0:2e:
a6:49:e7:f1:9a:b9:49:94:a3:6f:33:55:02:2f:5c:
5e:0c:ad:d6:14:9f:69:68:45:e0:da:a7:aa:27:0d:
8b:19:4c:70:86:c8:ea:e2:e0:21:a8:95:aa:fe:39:
12:89:0b:58:5e:66:c7:ce:9c:d0:45:6e:f6:81:33:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9B:59:63:A6:15:66:AC:B7:03:C0:57:F7:F0:3A:61:C3:42:69:33
X509v3 Authority Key Identifier:
keyid:1A:CB:DD:00:D2:7B:8A:8B:EF:C8:66:CA:F3:78:F1:90:27:68:47:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsvdANJ7iovvyGbK83jxkCdoR2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/lptZY6YVZqy3A8BX9_A6YcNCaTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/db4205-d57c-4ca2-8894-9f9536bb2c37/1/GsvdANJ7iovvyGbK83jxkCdoR2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.48.0/22
185.114.4.0/22
185.128.236.0/22
185.129.44.0/22
185.199.40.0/22
193.36.45.0/24
195.137.184.0/24
195.200.195.0/24
IPv6:
2a03:7fc0::/32
Signature Algorithm: sha256WithRSAEncryption
33:9b:3a:a5:22:8b:3e:24:be:93:ae:d9:c3:a5:d3:c4:4e:35:
ed:8c:f0:fd:f2:f3:cf:4e:02:9b:7e:46:5b:62:7f:a3:a6:39:
0a:25:2b:4a:4d:45:41:23:24:4c:44:21:96:5c:a4:e3:dd:99:
d6:04:5f:3a:ae:35:6b:f6:1a:b6:b5:12:24:0a:0a:d9:a0:73:
0b:43:66:c4:28:1f:7a:1f:ae:62:cd:f4:a0:6e:93:90:90:30:
57:d7:18:e0:f8:8f:57:a9:e6:bc:83:06:9a:a2:f2:78:3c:5f:
1f:88:c0:2b:b9:30:2d:34:b8:9c:23:c4:bf:6d:f2:42:37:98:
8b:7b:dc:d1:dc:9a:98:e4:64:70:53:36:2b:35:11:57:1c:12:
62:13:8e:18:e3:f4:53:6d:05:86:41:72:c5:43:a6:61:5a:fa:
2a:60:25:68:7e:8d:43:f1:84:2b:96:5b:20:88:b3:67:01:d1:
af:31:e6:97:42:53:d5:c0:69:63:7d:07:53:cb:99:43:d4:75:
00:24:01:20:cb:49:b2:6b:2b:ca:fb:7e:b7:76:03:97:1d:67:
54:04:2c:03:a3:50:5f:11:41:39:c3:7a:3d:45:62:be:7f:06:
21:37:0f:4a:12:b6:c9:52:90:75:6b:14:22:b4:37:3c:b3:f3:
3c:c7:20:76
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY1ZpUQ68tIS5uONox3wtwy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2JkZDAwZDI3YjhhOGJlZmM4NjZjYWYzNzhmMTkwMjc2
ODQ3NjkwHhcNMjQwMTMwMDkxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjliNTk2M2E2MTU2NmFjYjcwM2MwNTdmN2YwM2E2MWMzNDI2OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXkk0kZsJYgDNfStqlD/yjNilwO0
xTSTaWnpTKSTZGeY7ITOZ5oSftBRYWmnpb2Z1Qezh6hakgPK4UqTBXCCpWR1H78B
RJlCzXhquJnmPKl/+l1G/4k7+R7bB8W9VRhaVdJizaksgW+YSJAk9LrVgUrafkzg
6EJ5ofq0+mC1ongJaFr2YRTPdrrnL5tvqU5yox1IkYfHFwZLSjzBFt5R8Wv/YwGq
RagTc+FwyMjW+cbjZyMlKR+5SeHFnnUDRFdOwC6mSefxmrlJlKNvM1UCL1xeDK3W
FJ9paEXg2qeqJw2LGUxwhsjq4uAhqJWq/jkSiQtYXmbHzpzQRW72gTNCcQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJabWWOmFWastwPAV/fwOmHDQmkzMB8GA1UdIwQY
MBaAFBrL3QDSe4qL78hmyvN48ZAnaEdpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N2ZEFOSjdpb3Z2eUdiSzgzanhrQ2RvUjJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kYjQyMDUtZDU3Yy00Y2EyLTg4OTQt
OWY5NTM2YmIyYzM3LzEvbHB0Wlk2WVZacXkzQThCWDlfQTZZY05DYVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kYjQyMDUtZDU3Yy00Y2EyLTg4OTQtOWY5NTM2YmIyYzM3
LzEvR3N2ZEFOSjdpb3Z2eUdiSzgzanhrQ2RvUjJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCuQwwAwQC
uXIEAwQCuYDsAwQCuYEsAwQCuccoAwQAwSQtAwQAw4m4AwQAw8jDMA0EAgACMAcD
BQAqA3/AMA0GCSqGSIb3DQEBCwUAA4IBAQAzmzqlIos+JL6TrtnDpdPETjXtjPD9
8vPPTgKbfkZbYn+jpjkKJStKTUVBIyRMRCGWXKTj3ZnWBF86rjVr9hq2tRIkCgrZ
oHMLQ2bEKB96H65izfSgbpOQkDBX1xjg+I9Xqea8gwaaovJ4PF8fiMAruTAtNLic
I8S/bfJCN5iLe9zR3JqY5GRwUzYrNRFXHBJiE44Y4/RTbQWGQXLFQ6ZhWvoqYCVo
fo1D8YQrllsgiLNnAdGvMeaXQlPVwGljfQdTy5lD1HUAJAEgy0myayvK+363dgOX
HWdUBCwDo1BfEUE5w3o9RWK+fwYhNw9KErbJUpB1axQitDc8s/M8xyB2
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:49 2024 by rpki-client on console-ams.rpki-client.org