Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/l4iHVnlKMzV7mNLRg0yhWpFlvEQ.roa
File: l4iHVnlKMzV7mNLRg0yhWpFlvEQ.roa (raw, json)
Hash identifier: CB/cJojCHwa8gcbLbI36BjFE5tIpjNh1+5uKBESizOA=
Subject key identifier: 97:88:87:56:79:4A:33:35:7B:98:D2:D1:83:4C:A1:5A:91:65:BC:44
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 01912BDA5F7623AF339EC3C4CDACA05C6A20
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/l4iHVnlKMzV7mNLRg0yhWpFlvEQ.roa
Signing time: Wed 07 Aug 2024 08:00:17 +0000
ROA not before: Wed 07 Aug 2024 08:00:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39923
IP address blocks: 171.25.229.0/24 maxlen: 24
185.70.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:da:5f:76:23:af:33:9e:c3:c4:cd:ac:a0:5c:6a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Aug 7 08:00:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97888756794a33357b98d2d1834ca15a9165bc44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:60:00:8b:48:b6:d2:94:08:07:0b:7a:8e:17:
0d:a7:66:f5:7c:95:8f:0c:e0:a1:7b:5e:ed:0d:98:
6e:bc:ca:3f:68:2b:04:25:f6:86:64:bd:11:5d:f8:
6d:6f:11:4c:63:e8:ad:d9:a5:79:2f:30:85:c0:f2:
4e:a0:ea:45:ff:49:94:65:16:40:73:05:57:3a:2f:
d5:f6:2e:9a:8f:b7:50:17:e9:c7:6a:64:2e:67:01:
e7:c2:6b:d4:37:28:ec:23:a7:83:4b:59:6c:65:07:
86:ad:32:7c:f5:22:ac:9c:6b:d9:0b:c2:6e:59:d9:
1e:c3:ef:e7:f8:4f:4c:6f:8a:16:db:cc:a3:ad:31:
07:4e:0b:b8:80:aa:63:8e:58:d0:a5:e8:30:8a:29:
e3:87:6d:35:77:1a:9d:00:7d:0e:c1:4f:ae:7e:05:
49:89:8b:06:ed:d4:e5:62:b6:35:77:3c:04:98:fc:
77:91:fa:cf:96:55:5a:d8:36:e2:8f:fa:2b:98:ed:
32:37:c1:88:4c:1d:ec:45:fd:4a:2b:ec:d5:20:11:
2d:1a:f6:8c:85:31:d1:6e:39:1f:af:eb:6f:44:b9:
bd:e6:e8:3a:67:7c:87:06:95:3d:09:71:34:9b:0c:
a0:d2:c3:03:13:4f:4e:04:b6:7e:ad:c8:63:67:b1:
7d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:88:87:56:79:4A:33:35:7B:98:D2:D1:83:4C:A1:5A:91:65:BC:44
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/l4iHVnlKMzV7mNLRg0yhWpFlvEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.229.0/24
185.70.47.0/24
Signature Algorithm: sha256WithRSAEncryption
27:98:c4:0b:c2:23:cf:f1:25:a7:2b:c0:cb:7b:96:20:77:5c:
1e:37:e7:27:4e:98:e9:83:2d:6b:4a:89:5f:25:3a:9a:cb:95:
f4:af:a0:98:43:54:6c:02:b9:3d:b4:8b:dd:78:df:68:71:0d:
96:09:3b:fd:a5:20:bf:68:ae:c8:e7:f9:72:e1:42:d7:e6:12:
d3:fd:3f:3e:06:ea:d6:67:c9:bf:a0:99:c3:61:5c:6c:19:b5:
33:66:f4:2f:aa:04:d6:50:34:23:2b:66:d4:80:2e:37:80:9b:
34:04:e7:88:51:4c:0b:f5:72:94:23:5f:15:77:df:f6:d9:26:
c6:d4:78:df:1f:61:60:b7:29:69:7f:22:90:f5:5d:3a:7b:e6:
52:c8:e2:96:94:2b:78:86:6e:a8:a6:ea:d7:14:f3:f4:01:29:
0f:5c:f6:30:7e:66:42:bf:0f:6b:f0:0b:eb:66:a1:2a:00:77:
6a:bf:5e:1f:e1:ee:84:5f:5b:f7:68:e9:83:3c:8f:4a:51:0a:
b3:f5:99:85:f6:85:c9:83:2f:c2:24:66:fd:1c:41:0e:2f:f9:
66:00:e8:6d:39:0c:a1:fc:a2:23:81:3e:2a:3c:a3:7c:dd:7c:
03:3d:0b:49:eb:5f:21:b6:17:0c:b4:74:b7:d8:cf:54:11:44:
95:f7:b5:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEr2l92I68znsPEzaygXGogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYThjNmU5MzA4YmIwMDA4MzEwMDE3MWUwMGRiYjYxNDBm
NGY1ODAwHhcNMjQwODA3MDgwMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg4ODc1Njc5NGEzMzM1N2I5OGQyZDE4MzRjYTE1YTkxNjViYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2AAi0i20pQIBwt6jhcNp2b1fJWP
DOChe17tDZhuvMo/aCsEJfaGZL0RXfhtbxFMY+it2aV5LzCFwPJOoOpF/0mUZRZA
cwVXOi/V9i6aj7dQF+nHamQuZwHnwmvUNyjsI6eDS1lsZQeGrTJ89SKsnGvZC8Ju
Wdkew+/n+E9Mb4oW28yjrTEHTgu4gKpjjljQpegwiinjh201dxqdAH0OwU+ufgVJ
iYsG7dTlYrY1dzwEmPx3kfrPllVa2Dbij/ormO0yN8GITB3sRf1KK+zVIBEtGvaM
hTHRbjkfr+tvRLm95ug6Z3yHBpU9CXE0mwyg0sMDE09OBLZ+rchjZ7F9GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJeIh1Z5SjM1e5jS0YNMoVqRZbxEMB8GA1UdIwQY
MBaAFBCoxukwi7AAgxABceANu2FA9PWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYt
NmI0OTdiMmMwYjM4LzEvbDRpSFZubEtNelY3bU5MUmcweWhXcEZsdkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYtNmI0OTdiMmMwYjM4
LzEvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxnlAwQA
uUYvMA0GCSqGSIb3DQEBCwUAA4IBAQAnmMQLwiPP8SWnK8DLe5Ygd1weN+cnTpjp
gy1rSolfJTqay5X0r6CYQ1RsArk9tIvdeN9ocQ2WCTv9pSC/aK7I5/ly4ULX5hLT
/T8+BurWZ8m/oJnDYVxsGbUzZvQvqgTWUDQjK2bUgC43gJs0BOeIUUwL9XKUI18V
d9/22SbG1HjfH2FgtylpfyKQ9V06e+ZSyOKWlCt4hm6opurXFPP0ASkPXPYwfmZC
vw9r8AvrZqEqAHdqv14f4e6EX1v3aOmDPI9KUQqz9ZmF9oXJgy/CJGb9HEEOL/lm
AOhtOQyh/KIjgT4qPKN83XwDPQtJ618hthcMtHS32M9UEUSV97V0
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:59 2024 by rpki-client on console-fra.rpki-client.org