Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Ll5nN5M9cgbJtKCM-xQj7rppbEk.roa
File: Ll5nN5M9cgbJtKCM-xQj7rppbEk.roa (raw, json)
Hash identifier: tqG36ralGEn5mFdz6cdyYrgZofZbzlDSzVkUKKP8gK8=
Subject key identifier: 2E:5E:67:37:93:3D:72:06:C9:B4:A0:8C:FB:14:23:EE:BA:69:6C:49
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018CC348F86771CAF9856B7D85478B14F0C6
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Ll5nN5M9cgbJtKCM-xQj7rppbEk.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47147
IP address blocks: 213.227.190.0/24 maxlen: 32
144.208.208.0/22 maxlen: 32
2a00:11c0:48::/48 maxlen: 128
2a00:11c0:47::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f8:67:71:ca:f9:85:6b:7d:85:47:8b:14:f0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e5e6737933d7206c9b4a08cfb1423eeba696c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:1e:b5:bd:0f:18:17:a7:cb:22:16:9f:38:
04:a9:24:15:fc:3e:3b:12:0a:54:8c:83:9d:c7:a5:
8c:12:21:a2:5e:96:92:e9:8d:14:0b:ec:bd:e9:17:
dc:8b:7a:24:d3:76:a5:d7:92:06:b1:36:d1:97:33:
23:64:8d:b0:da:7e:a6:e3:5e:91:6b:fd:54:6d:7b:
8b:41:b7:f3:b4:94:6c:1e:ed:ee:2c:b7:e0:7a:99:
6f:2e:22:30:5f:11:40:b1:b8:60:95:67:22:00:32:
ed:02:16:68:8e:44:74:75:d0:0e:6d:2c:cd:63:6d:
11:0c:86:bb:c5:15:cc:47:11:07:9a:90:d1:1d:bf:
b0:de:da:cc:e7:9e:63:f7:10:5d:64:f6:f4:56:26:
1a:54:9a:f9:ca:32:8c:6f:e3:e1:72:16:a4:27:42:
88:44:d3:aa:5f:ba:5d:bc:45:3f:a4:c9:88:d6:81:
9e:df:9c:b8:c4:02:fe:a6:21:b0:15:2d:17:2b:61:
79:d5:0d:44:5a:76:1d:e2:53:e3:67:5b:8c:81:9a:
03:cc:cf:9e:fa:9a:14:0e:e2:d4:5a:70:24:f7:ca:
7b:af:2c:48:af:d8:3e:42:b9:73:2a:5f:02:39:bd:
72:0f:7b:64:5f:54:70:df:46:5a:39:62:cd:30:26:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5E:67:37:93:3D:72:06:C9:B4:A0:8C:FB:14:23:EE:BA:69:6C:49
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Ll5nN5M9cgbJtKCM-xQj7rppbEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.208.0/22
213.227.190.0/24
IPv6:
2a00:11c0:47::-2a00:11c0:48:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:c8:3b:c1:38:f2:f2:6d:93:6a:a6:c2:0d:1d:e6:62:c8:62:
9d:9b:42:2a:79:19:1d:73:70:ee:f7:be:fd:8e:95:0a:c7:0f:
e9:50:f0:3b:5d:ed:a3:c2:6c:53:1c:15:93:f0:85:cb:3b:ea:
5f:83:1f:71:69:9a:c2:2b:9d:d7:25:db:b9:f3:87:4c:34:a1:
fc:b2:32:3e:f7:d9:68:d4:13:43:65:88:98:59:5f:e1:83:18:
be:1a:d5:5b:68:ce:63:07:d4:a1:2f:a4:ae:d1:0d:75:88:01:
c3:aa:91:53:ed:a3:d4:c2:59:11:ef:e4:25:f3:87:52:dc:72:
6e:2d:89:99:ae:0c:4d:48:93:09:12:d5:e3:42:12:2b:01:12:
35:e1:41:65:92:9b:45:f6:c6:e5:3b:df:ab:70:65:f9:d1:6d:
67:14:ef:34:49:0b:43:57:cc:4f:7d:1b:ef:76:dd:d0:40:98:
87:73:e6:d2:ef:5a:cf:62:30:ff:05:49:1c:93:86:73:63:c2:
ec:3b:bb:b6:7b:e8:bd:68:e1:90:e8:9d:47:75:49:8c:e7:9b:
73:c1:fb:fa:1e:19:31:3e:73:e1:2d:d6:77:6e:aa:d4:79:c9:
a6:a3:1e:1d:9f:be:13:b5:b8:c2:92:e8:4a:39:a1:61:ca:b4:
8e:35:e6:e3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzDSPhnccr5hWt9hUeLFPDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTVlNjczNzkzM2Q3MjA2YzliNGEwOGNmYjE0MjNlZWJhNjk2YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGsetb0PGBenyyIWnzgEqSQV/D47
EgpUjIOdx6WMEiGiXpaS6Y0UC+y96Rfci3ok03al15IGsTbRlzMjZI2w2n6m416R
a/1UbXuLQbfztJRsHu3uLLfgeplvLiIwXxFAsbhglWciADLtAhZojkR0ddAObSzN
Y20RDIa7xRXMRxEHmpDRHb+w3trM555j9xBdZPb0ViYaVJr5yjKMb+PhchakJ0KI
RNOqX7pdvEU/pMmI1oGe35y4xAL+piGwFS0XK2F51Q1EWnYd4lPjZ1uMgZoDzM+e
+poUDuLUWnAk98p7ryxIr9g+QrlzKl8COb1yD3tkX1Rw30ZaOWLNMCa+tQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFC5eZzeTPXIGybSgjPsUI+66aWxJMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvTGw1bk41TTljZ2JKdEtDTS14UWo3cnBwYkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQCkNDQAwQA
1eO+MBoEAgACMBQwEgMHACoAEcAARwMHACoAEcAASDANBgkqhkiG9w0BAQsFAAOC
AQEAlsg7wTjy8m2TaqbCDR3mYshinZtCKnkZHXNw7ve+/Y6VCscP6VDwO13to8Js
UxwVk/CFyzvqX4MfcWmawiud1yXbufOHTDSh/LIyPvfZaNQTQ2WImFlf4YMYvhrV
W2jOYwfUoS+krtENdYgBw6qRU+2j1MJZEe/kJfOHUtxybi2Jma4MTUiTCRLV40IS
KwESNeFBZZKbRfbG5Tvfq3Bl+dFtZxTvNEkLQ1fMT30b73bd0ECYh3Pm0u9az2Iw
/wVJHJOGc2PC7Du7tnvovWjhkOidR3VJjOebc8H7+h4ZMT5z4S3Wd26q1HnJpqMe
HZ++E7W4wpLoSjmhYcq0jjXm4w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:33:12 2024 by rpki-client on console-ams.rpki-client.org