Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Lk-GJgTiq_ZtIXRmSOlGPz71jLg.roa
File: Lk-GJgTiq_ZtIXRmSOlGPz71jLg.roa (raw, json)
Hash identifier: h5gHMdR96ob72wks2VTTe4UDvdDbnYuao7e8Qlp7IDE=
Subject key identifier: 2E:4F:86:26:04:E2:AB:F6:6D:21:74:66:48:E9:46:3F:3E:F5:8C:B8
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018CC348F3A5E9592BA534DEC460F9664F58
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Lk-GJgTiq_ZtIXRmSOlGPz71jLg.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 86.62.32.0/22 maxlen: 24
94.16.18.0/23 maxlen: 24
94.16.28.0/23 maxlen: 24
185.81.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f3:a5:e9:59:2b:a5:34:de:c4:60:f9:66:4f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e4f862604e2abf66d21746648e9463f3ef58cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:cb:2e:04:2b:96:37:82:b7:44:5e:88:3f:
57:4e:f6:51:70:30:fd:64:3c:cc:7b:e6:e4:b1:0b:
60:68:a3:ff:b1:da:0c:8b:fb:6d:66:5b:0e:11:4f:
47:82:2f:c0:1f:18:5f:9e:dc:65:d0:2d:cb:04:19:
4a:f9:96:72:ea:ea:b0:46:22:e2:f8:bc:4e:d9:b5:
2b:8f:24:01:17:f8:cf:f2:7f:36:6b:ce:03:35:68:
ca:e9:37:88:e8:0a:a9:4f:b5:22:5e:d8:64:72:c4:
21:1b:3a:fe:3b:9e:8f:1b:3a:68:54:63:48:f5:cb:
0d:a9:00:24:fe:1d:a2:c9:91:6b:10:e0:2d:95:90:
5c:4a:ea:e9:65:d1:cb:f6:a8:d1:79:d8:04:66:0c:
f1:be:b5:97:a7:85:cf:6b:62:47:bd:d5:74:f3:88:
c3:a3:08:45:ad:d4:cd:df:20:d1:a3:ba:a0:31:1b:
72:ae:73:c5:55:00:af:38:a4:8f:f7:ea:23:eb:87:
8d:a8:9d:13:aa:73:33:dc:94:f4:26:9d:ec:cb:c4:
b2:7c:e2:7e:f5:2c:10:ca:83:d4:8a:5e:52:83:a6:
ac:31:37:c8:b7:fc:8b:ba:77:9e:e6:d8:0a:13:5a:
81:c4:ae:e0:23:aa:ab:10:c2:42:6b:aa:cb:08:93:
60:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4F:86:26:04:E2:AB:F6:6D:21:74:66:48:E9:46:3F:3E:F5:8C:B8
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Lk-GJgTiq_ZtIXRmSOlGPz71jLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.32.0/22
94.16.18.0/23
94.16.28.0/23
185.81.210.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:92:28:3e:ed:57:ea:47:5d:c8:2a:27:d6:8d:5e:aa:d0:2a:
ba:ca:49:1c:09:a2:90:61:79:ec:38:e9:36:5c:b0:46:6d:ab:
d3:92:e6:e1:d5:8d:8e:19:8c:71:ca:11:e1:e9:10:8d:d9:c8:
56:5a:76:e1:44:6e:ea:52:a6:de:49:75:21:bc:ec:7f:62:1c:
98:30:6a:8a:8f:8b:c1:62:01:67:ef:3b:57:79:a1:5f:24:de:
f1:20:b5:31:cc:17:57:30:aa:40:23:ca:b6:4d:44:51:95:b1:
ff:66:9f:a8:fa:e3:21:4f:23:d4:21:d8:db:d1:00:df:b8:12:
7f:23:b0:c4:ee:55:63:18:97:15:b8:1f:bb:be:42:27:66:99:
f0:07:6d:d5:1a:32:dd:d0:04:cb:0b:80:ea:98:ce:70:41:f2:
ef:9e:f2:75:08:ef:d1:fb:83:32:68:16:d8:35:cf:1c:84:8d:
5e:e4:3b:7a:0d:a1:7c:47:fa:63:7e:73:ac:59:e8:4b:76:ff:
da:01:9d:6c:39:b4:13:91:98:a8:3b:c7:f1:33:82:c4:d8:35:
8e:bc:d0:f0:1f:1b:6b:5e:be:c3:ef:b3:2f:cf:55:34:64:a6:
68:8a:d5:98:ce:a3:f3:b5:5d:47:c7:44:9f:7d:3a:eb:20:05:
b8:ff:4e:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSPOl6VkrpTTexGD5Zk9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTRmODYyNjA0ZTJhYmY2NmQyMTc0NjY0OGU5NDYzZjNlZjU4Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho3LLgQrljeCt0ReiD9XTvZRcDD9
ZDzMe+bksQtgaKP/sdoMi/ttZlsOEU9Hgi/AHxhfntxl0C3LBBlK+ZZy6uqwRiLi
+LxO2bUrjyQBF/jP8n82a84DNWjK6TeI6AqpT7UiXthkcsQhGzr+O56PGzpoVGNI
9csNqQAk/h2iyZFrEOAtlZBcSurpZdHL9qjRedgEZgzxvrWXp4XPa2JHvdV084jD
owhFrdTN3yDRo7qgMRtyrnPFVQCvOKSP9+oj64eNqJ0TqnMz3JT0Jp3sy8SyfOJ+
9SwQyoPUil5Sg6asMTfIt/yLunee5tgKE1qBxK7gI6qrEMJCa6rLCJNg/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC5PhiYE4qv2bSF0ZkjpRj8+9Yy4MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvTGstR0pnVGlxX1p0SVhSbVNPbEdQejcxakxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVj4gAwQB
XhASAwQBXhAcAwQBuVHSMA0GCSqGSIb3DQEBCwUAA4IBAQAPkig+7VfqR13IKifW
jV6q0Cq6ykkcCaKQYXnsOOk2XLBGbavTkubh1Y2OGYxxyhHh6RCN2chWWnbhRG7q
UqbeSXUhvOx/YhyYMGqKj4vBYgFn7ztXeaFfJN7xILUxzBdXMKpAI8q2TURRlbH/
Zp+o+uMhTyPUIdjb0QDfuBJ/I7DE7lVjGJcVuB+7vkInZpnwB23VGjLd0ATLC4Dq
mM5wQfLvnvJ1CO/R+4MyaBbYNc8chI1e5Dt6DaF8R/pjfnOsWehLdv/aAZ1sObQT
kZioO8fxM4LE2DWOvNDwHxtrXr7D77Mvz1U0ZKZoitWYzqPztV1Hx0SffTrrIAW4
/07w
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:27:56 2024 by rpki-client on console-ams.rpki-client.org