Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lJk3Drm-VEVGzbucKat8hr7csso.roa
File: lJk3Drm-VEVGzbucKat8hr7csso.roa (raw, json)
Hash identifier: KjlxMoabRzVyTimuFByOyrgJp9Cb8+p/ltNSATjU24E=
Subject key identifier: 94:99:37:0E:B9:BE:54:45:46:CD:BB:9C:29:AB:7C:86:BE:DC:B2:CA
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF98306D3347CB1DAE29B4FC9C7ED
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lJk3Drm-VEVGzbucKat8hr7csso.roa
Signing time: Tue 02 Jan 2024 04:30:30 +0000
ROA not before: Tue 02 Jan 2024 04:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211709
IP address blocks: 91.93.184.0/24 maxlen: 24
213.14.231.0/24 maxlen: 24
213.14.233.0/24 maxlen: 24
213.14.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f9:83:06:d3:34:7c:b1:da:e2:9b:4f:c9:c7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9499370eb9be544546cdbb9c29ab7c86bedcb2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:ce:6d:5a:48:98:11:61:1e:44:7b:39:a0:
bc:96:58:d6:16:3a:2d:d7:1a:28:09:c2:85:62:c4:
4c:24:83:93:37:ef:58:60:3d:7e:17:5b:f4:6b:d0:
da:17:19:29:0d:e9:e7:29:5e:a9:e7:a3:4c:eb:1d:
15:b7:fe:d9:9d:bf:13:cf:2f:46:04:41:9e:ec:b0:
e4:37:ed:f4:62:11:89:5f:9d:1b:4c:7f:14:5d:ec:
21:9f:a6:29:24:ca:5b:29:24:bb:a1:0e:4f:54:29:
f2:18:d3:97:ea:59:69:3e:15:f0:d4:b5:ae:cf:ee:
fb:04:09:91:22:18:1f:3f:16:4a:1d:ac:13:d4:f5:
aa:fa:56:7c:6b:60:82:96:6d:69:26:df:f7:75:b2:
5f:9b:49:10:74:8d:04:75:0f:4a:bd:60:96:e0:39:
e7:20:18:8a:49:98:ba:23:d8:f2:1e:ca:85:e9:cc:
95:d6:6d:63:13:72:3f:85:1c:13:99:8e:03:e9:89:
0f:51:67:7f:21:a8:e3:87:2f:60:bd:92:fb:6c:2a:
32:11:fe:89:e2:53:0c:d4:9b:a1:5a:f7:37:95:fe:
bc:bd:3f:f1:34:a8:d8:6d:dc:c3:0c:11:bb:51:25:
ed:48:fb:85:c9:4c:fb:5c:8d:0f:10:dc:dd:bb:94:
84:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:99:37:0E:B9:BE:54:45:46:CD:BB:9C:29:AB:7C:86:BE:DC:B2:CA
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lJk3Drm-VEVGzbucKat8hr7csso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.93.184.0/24
213.14.231.0/24
213.14.233.0-213.14.234.255
Signature Algorithm: sha256WithRSAEncryption
7a:b2:6d:20:79:7c:5d:96:21:ed:10:59:85:22:ff:8b:a0:ed:
62:f0:9f:66:52:5e:89:34:ea:c4:be:83:ef:bc:d9:99:48:d5:
1f:5f:98:bc:01:84:ac:fc:a6:e5:e9:33:4b:82:59:68:48:e1:
d3:b0:68:9c:c4:15:44:95:86:7c:d2:e2:40:c0:4c:fe:0b:a1:
42:64:64:1d:44:ab:c7:a3:88:25:2a:1c:22:87:63:a1:d3:40:
0a:f8:82:80:ff:3a:a6:cb:e4:9f:d5:14:ea:da:e7:56:fb:11:
6b:cf:7a:06:05:e9:c5:16:6e:07:ec:30:b4:3c:22:22:0e:de:
40:84:59:34:20:c4:3d:ac:40:06:31:87:c8:58:be:a8:97:89:
b9:60:e0:63:4a:26:fb:a3:c5:de:20:77:4b:f0:c0:2a:f0:1d:
1f:6f:0e:1e:fe:20:f9:c9:97:fb:78:28:d1:cc:94:c4:c1:e2:
a7:b6:1c:ce:07:ec:35:94:18:5b:ee:21:0a:7f:99:8e:3a:00:
39:f5:e7:9c:0a:e1:a9:b6:37:a3:52:45:18:c6:c0:86:c1:d3:
d1:56:29:2c:35:89:b6:c5:21:42:a9:01:dc:7c:26:08:54:03:
45:d0:4c:fb:bb:a9:d2:19:fd:3d:d5:98:79:8f:44:5c:c8:c7:
99:25:f2:a0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIb/mDBtM0fLHa4ptPycftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk5MzcwZWI5YmU1NDQ1NDZjZGJiOWMyOWFiN2M4NmJlZGNiMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0DObVpImBFhHkR7OaC8lljWFjot
1xooCcKFYsRMJIOTN+9YYD1+F1v0a9DaFxkpDennKV6p56NM6x0Vt/7Znb8Tzy9G
BEGe7LDkN+30YhGJX50bTH8UXewhn6YpJMpbKSS7oQ5PVCnyGNOX6llpPhXw1LWu
z+77BAmRIhgfPxZKHawT1PWq+lZ8a2CClm1pJt/3dbJfm0kQdI0EdQ9KvWCW4Dnn
IBiKSZi6I9jyHsqF6cyV1m1jE3I/hRwTmY4D6YkPUWd/Iajjhy9gvZL7bCoyEf6J
4lMM1JuhWvc3lf68vT/xNKjYbdzDDBG7USXtSPuFyUz7XI0PENzdu5SEPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJSZNw65vlRFRs27nCmrfIa+3LLKMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvbEprM0RybS1WRVZHemJ1Y0thdDhocjdjc3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW124AwQA
1Q7nMAwDBADVDukDBADVDuowDQYJKoZIhvcNAQELBQADggEBAHqybSB5fF2WIe0Q
WYUi/4ug7WLwn2ZSXok06sS+g++82ZlI1R9fmLwBhKz8puXpM0uCWWhI4dOwaJzE
FUSVhnzS4kDATP4LoUJkZB1Eq8ejiCUqHCKHY6HTQAr4goD/OqbL5J/VFOra51b7
EWvPegYF6cUWbgfsMLQ8IiIO3kCEWTQgxD2sQAYxh8hYvqiXiblg4GNKJvujxd4g
d0vwwCrwHR9vDh7+IPnJl/t4KNHMlMTB4qe2HM4H7DWUGFvuIQp/mY46ADn155wK
4am2N6NSRRjGwIbB09FWKSw1ibbFIUKpAdx8JghUA0XQTPu7qdIZ/T3VmHmPRFzI
x5kl8qA=
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:52:55 2024 by rpki-client on console-ams.rpki-client.org