Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/L4NKfF-tf-nx__AzWv0yIZvYnhY.roa
File: L4NKfF-tf-nx__AzWv0yIZvYnhY.roa (raw, json)
Hash identifier: zA3ihhgrtvtHqG4sO/IPWPJHST//Xxv1Nig8QBl+scA=
Subject key identifier: 2F:83:4A:7C:5F:AD:7F:E9:F1:FF:F0:33:5A:FD:32:21:9B:D8:9E:16
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 018CC9BA846FA3BA61B584F5455606EE8991
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/L4NKfF-tf-nx__AzWv0yIZvYnhY.roa
Signing time: Tue 02 Jan 2024 10:31:33 +0000
ROA not before: Tue 02 Jan 2024 10:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51546
IP address blocks: 185.127.228.0/22 maxlen: 22
185.176.96.0/22 maxlen: 22
88.218.23.0/24 maxlen: 24
88.218.20.0/22 maxlen: 22
185.181.44.0/22 maxlen: 22
2a09:9680::/29 maxlen: 29
2a03:9920::/32 maxlen: 32
2a0a:f80::/29 maxlen: 29
2a0a:c080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:84:6f:a3:ba:61:b5:84:f5:45:56:06:ee:89:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Jan 2 10:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f834a7c5fad7fe9f1fff0335afd32219bd89e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ef:b4:bf:be:ad:b5:2e:07:85:55:cb:d2:f6:
d6:df:14:ec:40:2e:4b:ef:a2:8c:05:f7:5d:6e:46:
aa:ad:5f:b7:c0:df:7a:a0:96:35:f4:e5:ff:51:de:
5f:c7:e4:82:60:73:ab:56:fb:bb:2b:df:97:6c:58:
b8:e5:4e:3a:e4:4e:83:f6:cf:7f:7f:69:37:ad:21:
66:16:a8:a3:c1:b6:db:d4:ea:02:01:eb:0a:9d:34:
89:3f:ea:ac:77:e0:6c:32:5c:7d:fa:fe:3e:43:9e:
bf:bf:4b:7d:6c:f6:13:d3:67:e4:87:8e:6b:9e:48:
9a:82:5c:0e:f5:12:5d:b6:ce:a6:99:d8:54:a9:99:
a4:5b:57:f2:fb:2f:a7:76:4e:79:26:bd:5e:28:73:
d9:ff:47:d7:95:c0:b6:eb:55:63:62:39:b7:c6:c7:
82:f2:66:62:fa:74:0a:50:99:0c:6f:eb:ff:5c:ea:
b3:4b:19:31:23:90:37:22:d3:40:00:32:1c:c8:bd:
b5:c3:23:bd:71:18:0f:f8:62:d8:5a:79:2d:22:78:
18:21:1b:87:89:d8:7f:b0:13:72:44:83:0e:e7:95:
4d:65:50:fc:dc:8f:89:01:e8:90:16:d2:72:0c:2c:
58:5c:10:f5:aa:7b:68:37:90:29:f4:04:bf:f1:07:
30:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:83:4A:7C:5F:AD:7F:E9:F1:FF:F0:33:5A:FD:32:21:9B:D8:9E:16
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/L4NKfF-tf-nx__AzWv0yIZvYnhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.20.0/22
185.127.228.0/22
185.176.96.0/22
185.181.44.0/22
IPv6:
2a03:9920::/32
2a09:9680::/29
2a0a:f80::/29
2a0a:c080::/29
Signature Algorithm: sha256WithRSAEncryption
44:47:63:5f:1e:f0:03:4d:90:1c:ca:83:c8:e8:fb:bc:36:52:
59:77:eb:a9:c6:65:06:c3:b3:83:36:59:85:96:ae:2a:fc:0f:
bd:0b:bf:92:9c:cb:e1:b1:2d:70:eb:bc:3c:17:f6:7a:7f:a1:
58:1a:fa:3e:90:44:1d:fa:c8:fb:7b:64:96:3f:aa:ec:e7:b6:
5d:1d:87:95:19:8f:bd:a2:79:43:4f:d7:b3:12:09:aa:d2:53:
96:af:8d:30:52:54:b1:c2:45:ee:79:5d:10:b3:85:a0:f5:f2:
ff:94:62:90:8d:f5:9d:7c:64:71:f6:64:d3:0f:1e:8c:04:dc:
6a:0b:dc:df:f1:25:d2:ef:4d:64:9d:cf:87:4d:8d:0e:e4:a3:
4e:f3:cd:17:19:10:3c:c4:ba:0b:0a:0a:06:a0:23:a7:51:82:
3a:1a:af:dd:e7:ff:b6:7a:98:2f:ec:9a:c2:f9:b7:7b:4e:57:
21:1c:a8:bc:aa:26:9a:54:68:8b:98:82:ca:76:8f:3e:1e:a0:
51:4a:0d:b1:0c:d3:86:25:52:f7:84:ea:2b:d0:80:a9:c5:09:
60:d8:7a:f6:6d:27:17:8b:22:2c:65:78:c7:f0:4b:c6:dd:30:
f8:77:44:5d:cf:6e:fa:f7:bd:8c:a7:b7:e1:0b:1f:82:c5:65:
5d:c4:50:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzJuoRvo7phtYT1RVYG7omRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjQwMTAyMTAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjgzNGE3YzVmYWQ3ZmU5ZjFmZmYwMzM1YWZkMzIyMTliZDg5ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O+0v76ttS4HhVXL0vbW3xTsQC5L
76KMBfddbkaqrV+3wN96oJY19OX/Ud5fx+SCYHOrVvu7K9+XbFi45U465E6D9s9/
f2k3rSFmFqijwbbb1OoCAesKnTSJP+qsd+BsMlx9+v4+Q56/v0t9bPYT02fkh45r
nkiaglwO9RJdts6mmdhUqZmkW1fy+y+ndk55Jr1eKHPZ/0fXlcC261VjYjm3xseC
8mZi+nQKUJkMb+v/XOqzSxkxI5A3ItNAADIcyL21wyO9cRgP+GLYWnktIngYIRuH
idh/sBNyRIMO55VNZVD83I+JAeiQFtJyDCxYXBD1qntoN5Ap9AS/8QcwPQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFC+DSnxfrX/p8f/wM1r9MiGb2J4WMB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvTDROS2ZGLXRmLW54X19Beld2MHlJWnZZbmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCWNoUAwQC
uX/kAwQCubBgAwQCubUsMCIEAgACMBwDBQAqA5kgAwUDKgmWgAMFAyoKD4ADBQMq
CsCAMA0GCSqGSIb3DQEBCwUAA4IBAQBER2NfHvADTZAcyoPI6Pu8NlJZd+upxmUG
w7ODNlmFlq4q/A+9C7+SnMvhsS1w67w8F/Z6f6FYGvo+kEQd+sj7e2SWP6rs57Zd
HYeVGY+9onlDT9ezEgmq0lOWr40wUlSxwkXueV0Qs4Wg9fL/lGKQjfWdfGRx9mTT
Dx6MBNxqC9zf8SXS701knc+HTY0O5KNO880XGRA8xLoLCgoGoCOnUYI6Gq/d5/+2
epgv7JrC+bd7TlchHKi8qiaaVGiLmILKdo8+HqBRSg2xDNOGJVL3hOor0ICpxQlg
2Hr2bScXiyIsZXjH8EvG3TD4d0Rdz276972Mp7fhCx+CxWVdxFAT
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:02 2024 by rpki-client on console-ams.rpki-client.org