Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/lR2gucBfq-HdqHvGmCRsAeJUsPE.roa
File: lR2gucBfq-HdqHvGmCRsAeJUsPE.roa (raw, json)
Hash identifier: KwIEUUviSUoOPhgvLSM5mK5EGp6gCKF9dY6SeOGcEC0=
Subject key identifier: 95:1D:A0:B9:C0:5F:AB:E1:DD:A8:7B:C6:98:24:6C:01:E2:54:B0:F1
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018CCA993FDA6F93B531027C3651EA47D6EC
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/lR2gucBfq-HdqHvGmCRsAeJUsPE.roa
Signing time: Tue 02 Jan 2024 14:34:50 +0000
ROA not before: Tue 02 Jan 2024 14:34:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49419
IP address blocks: 185.224.56.0/22 maxlen: 24
84.19.128.0/20 maxlen: 24
84.19.144.0/21 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:3f:da:6f:93:b5:31:02:7c:36:51:ea:47:d6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Jan 2 14:34:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951da0b9c05fabe1dda87bc698246c01e254b0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:a1:47:c9:51:3f:3d:82:b0:e8:bf:2f:18:
3e:1d:1f:99:3c:63:30:8f:d7:18:26:99:9d:89:c1:
12:40:15:ce:5d:93:35:3e:b5:dc:6a:49:4e:8d:38:
71:cf:09:8e:d0:69:16:d1:8a:35:7a:d8:d5:b3:b7:
22:b4:2f:03:d7:cc:36:4a:c1:39:71:af:2a:2e:f2:
5d:e2:c5:dd:0e:47:38:bb:67:80:3b:bb:78:71:89:
ae:4d:b1:ec:8a:40:8f:93:72:7a:96:01:5d:77:10:
35:51:06:b2:d2:0f:31:54:94:5f:1d:ef:07:a5:f3:
16:9b:67:b8:70:5d:c2:ee:6e:36:8d:09:e1:12:b5:
01:de:29:27:99:ea:38:27:13:87:0e:cd:c5:ba:a7:
3a:f1:65:cb:5c:47:20:80:f9:9e:58:9f:c9:67:96:
ce:36:b6:1c:e6:1d:1b:f1:de:55:9f:09:bf:89:75:
dd:29:88:82:eb:6e:ff:8f:2c:d7:03:c8:8d:54:ac:
81:90:27:0c:cb:75:55:fb:57:35:d3:3c:b2:d5:67:
b7:77:50:b7:7f:03:1f:71:95:05:d6:99:38:e4:4f:
96:07:1d:95:f5:8b:87:86:05:ac:bc:a5:6b:5f:5d:
0f:c9:d7:af:a1:4a:ff:1a:8f:1f:aa:dc:44:c4:d9:
ad:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1D:A0:B9:C0:5F:AB:E1:DD:A8:7B:C6:98:24:6C:01:E2:54:B0:F1
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/lR2gucBfq-HdqHvGmCRsAeJUsPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.128.0-84.19.151.255
185.224.56.0/22
IPv6:
2a0b:fd80::/31
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
19:ed:e7:2c:d6:7d:75:4b:3d:da:8e:a2:6e:4e:74:cb:f9:e8:
de:55:11:fc:9e:d7:77:cb:74:8e:27:f8:33:e4:e2:63:39:02:
c5:d7:9b:8a:72:89:83:66:96:fc:b5:b2:3a:4d:d0:f4:42:e6:
6b:e9:08:39:6a:41:2f:bd:a3:2e:c8:1a:8a:b5:a4:f2:4f:ca:
e7:3a:9b:1b:e5:89:78:e5:78:62:9e:0f:6e:74:a4:e4:67:02:
82:93:9e:57:7c:3a:69:fd:1f:19:81:cb:cf:b8:fb:ed:c6:b0:
d9:66:55:13:1e:bf:77:5e:6b:3f:0c:b4:81:3e:6e:98:cb:76:
d4:8c:ab:60:74:76:b8:e1:d0:6a:c5:1e:eb:01:7f:76:8e:06:
73:ae:d1:09:2a:f8:2b:17:5d:98:37:50:b0:69:65:25:28:be:
3d:10:54:2c:4c:54:4f:76:76:e8:da:f3:64:a3:82:e9:0a:10:
ce:26:76:1b:f0:33:65:38:5c:c0:ba:37:8e:ac:95:0d:b4:e3:
3c:53:2c:a9:5a:42:c3:f5:73:95:56:57:5b:4f:62:a8:ae:f2:
df:74:9c:90:28:98:60:81:c1:9d:8c:5d:37:85:f3:ff:c2:3e:
0c:c8:b7:7f:d1:12:76:0b:8d:b0:4f:80:25:9a:55:99:a0:f5:
79:2c:6a:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKmT/ab5O1MQJ8NlHqR9bsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjQwMTAyMTQzNDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFkYTBiOWMwNWZhYmUxZGRhODdiYzY5ODI0NmMwMWUyNTRiMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIOhR8lRPz2CsOi/Lxg+HR+ZPGMw
j9cYJpmdicESQBXOXZM1PrXcaklOjThxzwmO0GkW0Yo1etjVs7citC8D18w2SsE5
ca8qLvJd4sXdDkc4u2eAO7t4cYmuTbHsikCPk3J6lgFddxA1UQay0g8xVJRfHe8H
pfMWm2e4cF3C7m42jQnhErUB3iknmeo4JxOHDs3Fuqc68WXLXEcggPmeWJ/JZ5bO
NrYc5h0b8d5Vnwm/iXXdKYiC627/jyzXA8iNVKyBkCcMy3VV+1c10zyy1We3d1C3
fwMfcZUF1pk45E+WBx2V9YuHhgWsvKVrX10PydevoUr/Go8fqtxExNmtywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJUdoLnAX6vh3ah7xpgkbAHiVLDxMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvbFIyZ3VjQmZxLUhkcUh2R21DUnNBZUpVc1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAdUE4AD
BANUE5ADBAK54DgwFAQCAAIwDgMFASoL/YADBQAqC/2HMA0GCSqGSIb3DQEBCwUA
A4IBAQAZ7ecs1n11Sz3ajqJuTnTL+ejeVRH8ntd3y3SOJ/gz5OJjOQLF15uKcomD
Zpb8tbI6TdD0QuZr6Qg5akEvvaMuyBqKtaTyT8rnOpsb5Yl45Xhing9udKTkZwKC
k55XfDpp/R8ZgcvPuPvtxrDZZlUTHr93Xms/DLSBPm6Yy3bUjKtgdHa44dBqxR7r
AX92jgZzrtEJKvgrF12YN1CwaWUlKL49EFQsTFRPdnbo2vNko4LpChDOJnYb8DNl
OFzAujeOrJUNtOM8UyypWkLD9XOVVldbT2KorvLfdJyQKJhggcGdjF03hfP/wj4M
yLd/0RJ2C42wT4AlmlWZoPV5LGpC
-----END CERTIFICATE-----
Generated at Tue Jul 2 22:07:23 2024 by rpki-client on console-fra.rpki-client.org