Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/lURVvOsYlldYTL5ugp7qGpt4EBM.roa
File: lURVvOsYlldYTL5ugp7qGpt4EBM.roa (raw, json)
Hash identifier: KXuFPiZqBfbd7jfAsQHrLt4lX1W5Av2bg8C8XGZcuhk=
Subject key identifier: 95:44:55:BC:EB:18:96:57:58:4C:BE:6E:82:9E:EA:1A:9B:78:10:13
Certificate issuer: /CN=b06551937efc96e145e33a1ebca24492dc120ecb
Certificate serial: 018CC8031008230456B48725E68092CB6F35
Authority key identifier: B0:65:51:93:7E:FC:96:E1:45:E3:3A:1E:BC:A2:44:92:DC:12:0E:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sGVRk378luFF4zoevKJEktwSDss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/lURVvOsYlldYTL5ugp7qGpt4EBM.roa
Signing time: Tue 02 Jan 2024 02:31:32 +0000
ROA not before: Tue 02 Jan 2024 02:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47288
IP address blocks: 193.218.105.0/24 maxlen: 24
193.218.121.0/24 maxlen: 24
193.218.40.0/24 maxlen: 24
193.218.43.0/24 maxlen: 24
93.184.144.0/24 maxlen: 24
93.184.145.0/24 maxlen: 24
93.184.147.0/24 maxlen: 24
93.184.146.0/24 maxlen: 24
93.184.149.0/24 maxlen: 24
93.184.148.0/24 maxlen: 24
93.184.151.0/24 maxlen: 24
93.184.150.0/24 maxlen: 24
93.184.152.0/24 maxlen: 24
93.184.157.0/24 maxlen: 24
93.184.159.0/24 maxlen: 24
93.184.158.0/24 maxlen: 24
93.184.154.0/24 maxlen: 24
93.184.153.0/24 maxlen: 24
93.184.156.0/24 maxlen: 24
93.184.155.0/24 maxlen: 24
185.168.152.0/24 maxlen: 24
185.168.154.0/24 maxlen: 24
185.168.154.0/23 maxlen: 23
185.168.153.0/24 maxlen: 24
185.168.155.0/24 maxlen: 24
2a00:dc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/sGVRk378luFF4zoevKJEktwSDss.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/sGVRk378luFF4zoevKJEktwSDss.mft
rsync://rpki.ripe.net/repository/DEFAULT/sGVRk378luFF4zoevKJEktwSDss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:10:08:23:04:56:b4:87:25:e6:80:92:cb:6f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b06551937efc96e145e33a1ebca24492dc120ecb
Validity
Not Before: Jan 2 02:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954455bceb189657584cbe6e829eea1a9b781013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:7e:6b:6b:93:44:41:c1:4b:34:22:36:ba:
e0:36:30:20:7c:55:bb:22:76:81:68:93:e8:48:ae:
09:4b:a6:70:50:21:0e:4e:d7:63:d5:2d:ac:9d:12:
4a:45:69:78:1b:10:90:54:c4:0e:06:43:93:c2:7d:
2b:b9:9f:83:3e:55:97:db:97:cf:af:37:5c:72:07:
bf:4f:ed:c7:49:2d:11:26:7a:fa:fb:7c:4a:02:77:
22:5a:71:1a:62:1e:92:04:0d:70:c9:ae:cd:bd:01:
b7:b4:0c:2a:93:04:72:c1:58:b2:13:89:91:7e:f0:
62:e8:a7:5f:43:69:af:a9:60:6a:64:bd:a8:69:ae:
2f:69:2c:21:fb:c0:8c:0b:a2:a1:7e:fb:40:60:be:
78:4b:06:39:33:cf:d6:50:d3:b7:06:5e:91:7c:2d:
00:92:6a:6f:08:de:29:3c:13:c0:55:ed:39:3d:0d:
46:6b:e1:5c:7f:ae:2f:1a:87:77:a2:e8:5b:f8:4c:
f8:8c:f7:88:32:91:d2:ad:0c:f8:06:1d:e2:c8:38:
54:72:81:da:32:81:df:63:44:32:d6:c0:42:75:59:
f4:5f:dc:f3:ea:e3:4b:e1:d1:82:54:88:e8:74:0d:
f4:c6:16:88:c1:1d:86:8f:7c:71:37:d9:ad:d9:0e:
97:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:44:55:BC:EB:18:96:57:58:4C:BE:6E:82:9E:EA:1A:9B:78:10:13
X509v3 Authority Key Identifier:
keyid:B0:65:51:93:7E:FC:96:E1:45:E3:3A:1E:BC:A2:44:92:DC:12:0E:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sGVRk378luFF4zoevKJEktwSDss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/lURVvOsYlldYTL5ugp7qGpt4EBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/sGVRk378luFF4zoevKJEktwSDss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.184.144.0/20
185.168.152.0/22
193.218.40.0/24
193.218.43.0/24
193.218.105.0/24
193.218.121.0/24
IPv6:
2a00:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
df:e5:6f:cf:d8:b7:03:b2:d9:d9:b1:41:ad:b2:95:cf:81:58:
70:6e:72:35:de:75:04:71:b7:12:11:ed:f9:52:e9:58:89:c6:
3a:cf:90:1d:11:7c:c6:f0:6e:bf:05:bf:c6:74:4d:71:5f:17:
b2:62:91:e8:ae:75:9b:18:77:6b:c5:da:1e:54:56:6d:b2:c4:
15:d5:ef:28:e4:56:69:90:9d:d3:6a:f9:42:86:89:96:69:4e:
f6:08:93:a8:92:33:30:0c:35:ca:5a:2d:5d:7e:fb:0a:8b:4b:
15:29:9b:7f:3e:34:6b:49:32:71:1a:92:63:24:12:49:f7:57:
7c:50:55:a1:59:8a:0a:78:4e:2e:97:92:74:25:0f:6a:31:84:
74:45:00:95:4e:17:40:86:81:be:d6:c8:13:84:cd:0f:f4:d5:
5d:a8:12:f7:fe:73:2a:63:65:34:e2:2b:6f:d5:ee:05:34:01:
a0:db:53:32:31:66:a5:ea:ea:73:13:fd:b6:21:a3:63:31:1f:
14:95:49:91:02:a1:41:73:9c:f5:42:1b:fe:12:fb:9c:8c:d5:
17:b5:70:04:f7:3f:40:7c:b6:69:dd:c1:17:40:6a:b5:f5:f2:
87:b5:3e:3f:c3:dd:1a:97:48:b1:75:eb:8e:c6:17:61:6a:b0:
f7:90:a2:5c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIAxAIIwRWtIcl5oCSy281MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNjU1MTkzN2VmYzk2ZTE0NWUzM2ExZWJjYTI0NDkyZGMx
MjBlY2IwHhcNMjQwMTAyMDIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ0NTViY2ViMTg5NjU3NTg0Y2JlNmU4MjllZWExYTliNzgxMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAral+a2uTREHBSzQiNrrgNjAgfFW7
InaBaJPoSK4JS6ZwUCEOTtdj1S2snRJKRWl4GxCQVMQOBkOTwn0ruZ+DPlWX25fP
rzdccge/T+3HSS0RJnr6+3xKAnciWnEaYh6SBA1wya7NvQG3tAwqkwRywViyE4mR
fvBi6KdfQ2mvqWBqZL2oaa4vaSwh+8CMC6KhfvtAYL54SwY5M8/WUNO3Bl6RfC0A
kmpvCN4pPBPAVe05PQ1Ga+Fcf64vGod3ouhb+Ez4jPeIMpHSrQz4Bh3iyDhUcoHa
MoHfY0Qy1sBCdVn0X9zz6uNL4dGCVIjodA30xhaIwR2Gj3xxN9mt2Q6XzwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJVEVbzrGJZXWEy+boKe6hqbeBATMB8GA1UdIwQY
MBaAFLBlUZN+/JbhReM6HryiRJLcEg7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0dWUmszNzhsdUZGNHpvZXZLSkVrdHdTRHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8yYzQ3MzEtODlkNS00ZTliLWI0YWEt
YmYwOWFkMzJjODg4LzEvbFVSVnZPc1lsbGRZVEw1dWdwN3FHcHQ0RUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8yYzQ3MzEtODlkNS00ZTliLWI0YWEtYmYwOWFkMzJjODg4
LzEvc0dWUmszNzhsdUZGNHpvZXZLSkVrdHdTRHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEXbiQAwQC
uaiYAwQAwdooAwQAwdorAwQAwdppAwQAwdp5MA0EAgACMAcDBQAqANwAMA0GCSqG
SIb3DQEBCwUAA4IBAQDf5W/P2LcDstnZsUGtspXPgVhwbnI13nUEcbcSEe35UulY
icY6z5AdEXzG8G6/Bb/GdE1xXxeyYpHornWbGHdrxdoeVFZtssQV1e8o5FZpkJ3T
avlChomWaU72CJOokjMwDDXKWi1dfvsKi0sVKZt/PjRrSTJxGpJjJBJJ91d8UFWh
WYoKeE4ul5J0JQ9qMYR0RQCVThdAhoG+1sgThM0P9NVdqBL3/nMqY2U04itv1e4F
NAGg21MyMWal6upzE/22IaNjMR8UlUmRAqFBc5z1Qhv+EvucjNUXtXAE9z9AfLZp
3cEXQGq19fKHtT4/w90al0ixdeuOxhdharD3kKJc
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:06:43 2024 by rpki-client on console-fra.rpki-client.org