Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/LLtzq4Kl8IjeImB6lumfuNP43dU.roa
File: LLtzq4Kl8IjeImB6lumfuNP43dU.roa (raw, json)
Hash identifier: m/lOe4OPzZqQj8m0aDLsSooyH5ea2bDkC6kLnC46Z88=
Subject key identifier: 2C:BB:73:AB:82:A5:F0:88:DE:22:60:7A:96:E9:9F:B8:D3:F8:DD:D5
Certificate issuer: /CN=1530fbea2501495977d38815ad3c270826f063a0
Certificate serial: 018CC3B70F9806EBE1C15563453F90EE975A
Authority key identifier: 15:30:FB:EA:25:01:49:59:77:D3:88:15:AD:3C:27:08:26:F0:63:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTD76iUBSVl304gVrTwnCCbwY6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/LLtzq4Kl8IjeImB6lumfuNP43dU.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205783
IP address blocks: 185.200.49.0/24 maxlen: 24
185.200.48.128/25 maxlen: 25
185.200.48.0/25 maxlen: 25
185.200.48.0/24 maxlen: 24
185.200.51.0/24 maxlen: 24
185.200.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/FTD76iUBSVl304gVrTwnCCbwY6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/FTD76iUBSVl304gVrTwnCCbwY6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/FTD76iUBSVl304gVrTwnCCbwY6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0f:98:06:eb:e1:c1:55:63:45:3f:90:ee:97:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1530fbea2501495977d38815ad3c270826f063a0
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cbb73ab82a5f088de22607a96e99fb8d3f8ddd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:17:6a:4d:42:d8:09:ab:85:97:4e:d8:38:67:
b0:3d:33:65:76:29:c8:c2:48:62:92:d8:ee:42:22:
4b:39:c4:da:3a:97:2f:0f:c1:c4:87:00:1a:7e:82:
5f:4e:6e:fb:f4:97:6c:5a:79:6d:a6:37:b1:66:ba:
67:46:5a:0b:d1:9d:13:47:15:c5:cb:c3:e7:3a:dc:
cf:c3:24:73:66:f1:93:ee:ec:28:a9:69:99:fb:e0:
7e:ac:31:0e:85:f4:25:e6:c1:a6:6e:95:a9:ce:22:
b2:e1:04:ac:1b:f9:a8:64:6a:75:e8:50:a1:eb:1c:
6d:9d:79:81:83:30:2a:2f:59:26:73:1d:9b:4f:81:
36:d3:26:5f:f1:01:71:e0:4f:89:46:3d:83:92:86:
a6:a0:db:ec:d7:20:35:7b:ef:b0:e9:d4:a6:b5:f8:
67:e0:be:83:ee:cf:59:e8:f1:13:4a:ed:9e:c6:5a:
eb:26:14:17:21:87:d0:4e:6c:a5:4f:16:6b:24:d5:
fe:bc:67:56:84:6d:59:07:94:97:d4:ef:9a:15:59:
4e:72:13:f9:7d:d4:3a:48:3f:f8:72:f4:c1:35:7a:
59:8f:22:8c:cd:5f:fc:28:01:1f:b0:2c:23:c1:e4:
4f:40:9b:e3:56:83:d6:18:ff:0e:05:a0:17:96:16:
14:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BB:73:AB:82:A5:F0:88:DE:22:60:7A:96:E9:9F:B8:D3:F8:DD:D5
X509v3 Authority Key Identifier:
keyid:15:30:FB:EA:25:01:49:59:77:D3:88:15:AD:3C:27:08:26:F0:63:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTD76iUBSVl304gVrTwnCCbwY6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/LLtzq4Kl8IjeImB6lumfuNP43dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/FTD76iUBSVl304gVrTwnCCbwY6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:d8:15:44:1b:16:f3:bb:51:f7:1e:f3:b2:cb:68:de:f5:d4:
de:b4:0d:4a:69:36:d2:57:2e:c2:06:2a:38:c2:f2:43:8c:2c:
7c:a6:40:81:77:b1:dd:2f:4f:9b:62:0e:fe:90:23:7c:f0:79:
59:c0:cd:20:ac:41:88:0c:e2:99:8f:c2:7d:af:e8:2d:32:ce:
ae:53:e7:cc:46:e9:5b:c9:ee:b0:2a:19:7d:9d:cc:07:ed:82:
88:03:2f:b2:b4:44:36:b1:97:74:27:ad:f1:a2:86:d3:c1:45:
d5:ed:6d:a9:05:c1:01:9b:3f:5f:22:88:65:93:0a:76:fa:73:
35:a4:33:c8:86:45:62:c8:62:bd:2d:59:49:0c:30:3d:37:f2:
30:a8:54:88:79:e4:bf:69:65:1a:21:da:da:19:cf:f0:0d:d5:
b0:c0:93:28:2f:26:d7:68:d8:b3:94:f5:70:7b:5b:b9:e6:4d:
33:b5:b2:46:f6:72:8f:25:c2:eb:f3:75:6e:7f:6e:83:9f:31:
8d:79:97:cb:82:c7:cc:be:eb:fe:56:85:2b:b9:89:72:07:77:
a3:eb:b1:e6:f7:9e:8c:aa:24:4f:d0:31:b6:5f:4b:80:0f:e0:
8d:6c:25:55:be:58:44:9f:7f:db:87:12:f5:cf:1f:73:65:18:
c6:36:66:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtw+YBuvhwVVjRT+Q7pdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzBmYmVhMjUwMTQ5NTk3N2QzODgxNWFkM2MyNzA4MjZm
MDYzYTAwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2JiNzNhYjgyYTVmMDg4ZGUyMjYwN2E5NmU5OWZiOGQzZjhkZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhdqTULYCauFl07YOGewPTNldinI
wkhiktjuQiJLOcTaOpcvD8HEhwAafoJfTm779JdsWnltpjexZrpnRloL0Z0TRxXF
y8PnOtzPwyRzZvGT7uwoqWmZ++B+rDEOhfQl5sGmbpWpziKy4QSsG/moZGp16FCh
6xxtnXmBgzAqL1kmcx2bT4E20yZf8QFx4E+JRj2DkoamoNvs1yA1e++w6dSmtfhn
4L6D7s9Z6PETSu2exlrrJhQXIYfQTmylTxZrJNX+vGdWhG1ZB5SX1O+aFVlOchP5
fdQ6SD/4cvTBNXpZjyKMzV/8KAEfsCwjweRPQJvjVoPWGP8OBaAXlhYUPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCy7c6uCpfCI3iJgepbpn7jT+N3VMB8GA1UdIwQY
MBaAFBUw++olAUlZd9OIFa08Jwgm8GOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRENzZpVUJTVmwzMDRnVnJUd25DQ2J3WTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81Y2E3NTItMTRjZi00NDU0LTkwNDEt
ZTJiZDAzZmZkNThkLzEvTEx0enE0S2w4SWplSW1CNmx1bWZ1TlA0M2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81Y2E3NTItMTRjZi00NDU0LTkwNDEtZTJiZDAzZmZkNThk
LzEvRlRENzZpVUJTVmwzMDRnVnJUd25DQ2J3WTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucgwMA0G
CSqGSIb3DQEBCwUAA4IBAQCM2BVEGxbzu1H3HvOyy2je9dTetA1KaTbSVy7CBio4
wvJDjCx8pkCBd7HdL0+bYg7+kCN88HlZwM0grEGIDOKZj8J9r+gtMs6uU+fMRulb
ye6wKhl9ncwH7YKIAy+ytEQ2sZd0J63xoobTwUXV7W2pBcEBmz9fIohlkwp2+nM1
pDPIhkViyGK9LVlJDDA9N/IwqFSIeeS/aWUaIdraGc/wDdWwwJMoLybXaNizlPVw
e1u55k0ztbJG9nKPJcLr83Vuf26DnzGNeZfLgsfMvuv+VoUruYlyB3ej67Hm956M
qiRP0DG2X0uAD+CNbCVVvlhEn3/bhxL1zx9zZRjGNmaE
-----END CERTIFICATE-----
Generated at Fri May 10 19:26:06 2024 by rpki-client on console-ams.rpki-client.org