Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/4LLtxwxch0mZp-V2DWYuKrvPjlw.roa
File: 4LLtxwxch0mZp-V2DWYuKrvPjlw.roa (raw, json)
Hash identifier: frg/70UjgFrtOfW0nmkbQmt9eHZ41pna/8kq4RuBpoo=
Subject key identifier: E0:B2:ED:C7:0C:5C:87:49:99:A7:E5:76:0D:66:2E:2A:BB:CF:8E:5C
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01933E21E95ECF1F6BE77E61E22530718495
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/4LLtxwxch0mZp-V2DWYuKrvPjlw.roa
Signing time: Mon 18 Nov 2024 07:17:10 +0000
ROA not before: Mon 18 Nov 2024 07:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50149
IP address blocks: 62.122.216.0/22 maxlen: 22
89.104.107.0/24 maxlen: 24
89.104.119.0/24 maxlen: 24
89.104.125.0/24 maxlen: 24
94.154.128.0/22 maxlen: 22
185.228.88.0/23 maxlen: 23
185.228.90.0/23 maxlen: 23
2a00:ab01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:21:e9:5e:cf:1f:6b:e7:7e:61:e2:25:30:71:84:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Nov 18 07:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0b2edc70c5c874999a7e5760d662e2abbcf8e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:54:02:4f:fc:ef:d1:26:f4:a3:20:f6:f4:
4c:69:e8:43:31:0b:33:d3:1b:6e:f5:3a:17:ca:34:
bd:9a:c7:e2:10:72:28:1a:46:9a:7f:80:52:70:6e:
a3:49:69:30:4c:cc:93:5e:2d:3f:67:ad:fa:64:ea:
4a:14:c9:20:30:46:96:dd:9b:5b:bb:bc:f5:1a:b5:
1b:d2:2a:ac:fd:bc:08:61:bd:d8:eb:30:80:f8:01:
74:88:df:40:e1:8a:cd:bc:43:09:b4:da:74:c9:73:
8f:e4:ce:2d:76:8f:bb:d3:5d:71:16:34:80:06:ec:
e8:16:63:6f:39:83:9b:79:26:49:66:54:f3:d2:05:
06:89:a6:35:b7:59:ca:0d:43:da:a0:99:59:78:17:
e6:35:15:53:54:89:12:bc:4a:ec:93:a7:1a:c8:13:
7c:13:82:88:af:28:e1:9e:93:db:53:fa:da:70:54:
18:a4:07:86:df:04:b6:85:80:db:2f:9d:4d:24:8f:
37:5a:e9:c5:08:b2:fa:37:34:4e:b2:ba:5b:91:b7:
cf:88:fa:3f:f8:d2:47:5b:b0:ad:38:55:9d:65:d8:
3b:38:7e:75:05:e6:ea:d6:3b:cf:a4:98:38:5b:73:
5e:83:48:a3:30:f8:e1:13:f8:c9:b4:07:b2:71:b0:
6a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B2:ED:C7:0C:5C:87:49:99:A7:E5:76:0D:66:2E:2A:BB:CF:8E:5C
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/4LLtxwxch0mZp-V2DWYuKrvPjlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.216.0/22
89.104.107.0/24
89.104.119.0/24
89.104.125.0/24
94.154.128.0/22
185.228.88.0/22
IPv6:
2a00:ab01::/32
Signature Algorithm: sha256WithRSAEncryption
66:79:33:69:28:44:d6:b2:ae:4e:fa:3c:c7:c9:e1:91:5d:e3:
44:9f:9f:d0:f2:fc:e8:28:e8:85:ad:43:b7:1d:0e:5e:55:5c:
8e:5b:d5:30:bb:11:1b:f6:74:06:a9:99:0d:c5:43:0e:b3:f9:
7a:76:2f:9f:78:cb:c2:0b:02:5b:c4:08:b7:11:da:84:1b:b5:
cd:60:8f:91:fa:6d:d3:bc:e7:d9:40:05:67:65:99:00:37:a4:
57:a8:da:8a:fd:fb:00:ba:a6:a0:19:34:a8:a7:6d:2d:1e:39:
18:5d:9d:16:35:2c:00:a0:47:be:68:d9:40:81:d9:90:7e:50:
84:a7:26:2e:20:1d:66:3a:11:5e:00:33:28:7b:52:89:08:b7:
33:c1:b2:f4:c5:ec:50:74:08:2a:96:83:e1:2b:42:98:60:63:
7c:c8:e6:63:a7:67:f3:b0:8c:83:25:f5:74:db:b6:a8:1e:89:
9d:94:96:f3:3e:82:38:90:7b:b4:df:46:03:53:27:7f:0a:78:
32:82:4b:95:5c:d4:52:23:e1:ca:ab:7c:f4:30:92:ad:0a:ad:
a6:83:33:3b:f5:58:d8:7c:33:f1:30:1f:e7:65:dd:33:3d:7e:
d5:25:ca:ce:3b:c8:06:d5:e2:64:ed:19:19:2e:72:33:a5:76:
7e:c1:d7:43
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZM+Ielezx9r535h4iUwcYSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjQxMTE4MDcxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGIyZWRjNzBjNWM4NzQ5OTlhN2U1NzYwZDY2MmUyYWJiY2Y4ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCZUAk/879Em9KMg9vRMaehDMQsz
0xtu9ToXyjS9msfiEHIoGkaaf4BScG6jSWkwTMyTXi0/Z636ZOpKFMkgMEaW3Ztb
u7z1GrUb0iqs/bwIYb3Y6zCA+AF0iN9A4YrNvEMJtNp0yXOP5M4tdo+7011xFjSA
BuzoFmNvOYObeSZJZlTz0gUGiaY1t1nKDUPaoJlZeBfmNRVTVIkSvErsk6cayBN8
E4KIryjhnpPbU/racFQYpAeG3wS2hYDbL51NJI83WunFCLL6NzROsrpbkbfPiPo/
+NJHW7CtOFWdZdg7OH51Bebq1jvPpJg4W3Neg0ijMPjhE/jJtAeycbBqRwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOCy7ccMXIdJmafldg1mLiq7z45cMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvNExMdHh3eGNoMG1acC1WMkRXWXVLcnZQamx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCPnrYAwQA
WWhrAwQAWWh3AwQAWWh9AwQCXpqAAwQCueRYMA0EAgACMAcDBQAqAKsBMA0GCSqG
SIb3DQEBCwUAA4IBAQBmeTNpKETWsq5O+jzHyeGRXeNEn5/Q8vzoKOiFrUO3HQ5e
VVyOW9UwuxEb9nQGqZkNxUMOs/l6di+feMvCCwJbxAi3EdqEG7XNYI+R+m3TvOfZ
QAVnZZkAN6RXqNqK/fsAuqagGTSop20tHjkYXZ0WNSwAoEe+aNlAgdmQflCEpyYu
IB1mOhFeADMoe1KJCLczwbL0xexQdAgqloPhK0KYYGN8yOZjp2fzsIyDJfV027ao
HomdlJbzPoI4kHu030YDUyd/CngygkuVXNRSI+HKq3z0MJKtCq2mgzM79VjYfDPx
MB/nZd0zPX7VJcrOO8gG1eJk7RkZLnIzpXZ+wddD
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:17 2024 by rpki-client on console-fra.rpki-client.org