Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/lNjLQzQuWdiPKqs8kZFszSCkwyI.roa
File: lNjLQzQuWdiPKqs8kZFszSCkwyI.roa (raw, json)
Hash identifier: 3e+CD0KQsw4Bn3QIwZM9rBfHVZWPpCuSyu+aDKJh000=
Subject key identifier: 94:D8:CB:43:34:2E:59:D8:8F:2A:AB:3C:91:91:6C:CD:20:A4:C3:22
Certificate issuer: /CN=21fc142f7d75a714b9acc653d0b5ced337ca4495
Certificate serial: 018CC5DC712F9770CB651A3C151BBD206FE2
Authority key identifier: 21:FC:14:2F:7D:75:A7:14:B9:AC:C6:53:D0:B5:CE:D3:37:CA:44:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IfwUL311pxS5rMZT0LXO0zfKRJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/lNjLQzQuWdiPKqs8kZFszSCkwyI.roa
Signing time: Mon 01 Jan 2024 16:30:07 +0000
ROA not before: Mon 01 Jan 2024 16:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199278
IP address blocks: 185.17.79.0/29 maxlen: 29
185.17.77.0/28 maxlen: 28
185.17.76.0/24 maxlen: 24
185.17.76.0/22 maxlen: 22
185.17.78.0/24 maxlen: 24
185.17.77.0/24 maxlen: 24
185.17.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/IfwUL311pxS5rMZT0LXO0zfKRJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/IfwUL311pxS5rMZT0LXO0zfKRJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IfwUL311pxS5rMZT0LXO0zfKRJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:71:2f:97:70:cb:65:1a:3c:15:1b:bd:20:6f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21fc142f7d75a714b9acc653d0b5ced337ca4495
Validity
Not Before: Jan 1 16:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94d8cb43342e59d88f2aab3c91916ccd20a4c322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c6:c3:88:d4:88:fd:df:92:36:83:54:5f:af:
40:2b:b5:a8:5a:5d:f4:11:09:2a:0b:4f:39:88:0c:
9d:ee:81:8c:bd:f6:47:0b:a9:22:c7:2e:2c:a9:5b:
8e:60:45:08:cf:d9:f7:53:f3:44:07:d4:5b:6d:68:
45:66:52:48:f5:ac:e7:1b:c4:29:b1:ef:f9:f7:be:
d7:57:54:f5:09:e4:34:64:75:85:e2:1f:4a:56:0b:
38:89:60:b3:18:1d:4b:d6:22:4c:81:b9:29:3b:a5:
06:89:30:56:dd:aa:63:8f:62:5c:e6:7e:00:cc:02:
75:4c:0b:b3:76:1b:bc:92:c9:ac:13:aa:66:fd:27:
68:1a:23:7f:cf:2d:29:af:e9:ad:b0:e7:a5:08:5c:
4a:8e:95:aa:45:29:eb:7c:39:f8:66:23:48:d3:6f:
27:bd:88:8e:ab:06:96:d4:ea:30:00:93:54:96:de:
eb:10:60:db:66:b4:94:20:ac:d0:06:2d:5d:9a:e9:
de:85:f7:9b:08:1b:45:83:17:3a:b3:b8:8e:92:6b:
8c:b8:3a:dd:91:eb:68:06:3a:49:12:f9:55:b3:c6:
da:bb:87:c7:73:75:d9:17:32:c0:30:77:c2:99:87:
a1:40:f9:02:d8:07:69:63:04:72:36:fa:d6:f6:56:
3a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D8:CB:43:34:2E:59:D8:8F:2A:AB:3C:91:91:6C:CD:20:A4:C3:22
X509v3 Authority Key Identifier:
keyid:21:FC:14:2F:7D:75:A7:14:B9:AC:C6:53:D0:B5:CE:D3:37:CA:44:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfwUL311pxS5rMZT0LXO0zfKRJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/lNjLQzQuWdiPKqs8kZFszSCkwyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/IfwUL311pxS5rMZT0LXO0zfKRJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.76.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:9e:84:73:72:e8:67:f3:9d:6f:48:c2:5d:06:9f:06:6a:8d:
b8:2d:64:41:4b:20:51:11:9a:c7:a1:88:4b:ed:b4:28:8a:48:
fc:41:2b:9f:72:89:12:70:41:65:95:dc:70:5d:47:06:23:c2:
40:f5:aa:f5:d2:80:f1:c2:bd:5c:31:3f:65:a8:d5:4c:39:7a:
7d:fa:82:32:2a:95:ed:2e:f1:0f:b6:a4:7b:18:1d:cf:a6:ad:
e8:41:55:84:89:2f:b6:e6:8a:08:d7:d7:84:7f:40:87:99:f9:
04:e2:81:cd:e2:88:db:15:4e:3b:53:46:a9:e9:42:53:a6:f6:
8e:40:ac:a5:06:f8:ec:42:56:2a:3f:c4:7b:90:d8:d8:13:28:
9f:05:d5:0f:80:f3:8e:c4:a2:c7:8a:38:7a:ff:20:5d:6e:0d:
4c:58:e1:a6:d7:71:03:fe:7e:f6:7b:9a:d2:29:c5:1a:85:63:
bd:0e:c7:86:80:39:c3:f9:28:63:6c:c8:ce:d8:75:0e:cd:fd:
69:78:8d:d5:fc:b7:2b:a4:c9:8c:0f:77:42:3b:d2:42:cb:38:
cc:aa:0f:71:d4:8e:16:24:37:0d:c3:2a:5e:fc:7a:7c:5f:18:
da:e0:56:c9:db:6c:ed:5f:af:ec:2d:a0:4f:95:53:98:47:ee:
bc:ab:48:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3HEvl3DLZRo8FRu9IG/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZmMxNDJmN2Q3NWE3MTRiOWFjYzY1M2QwYjVjZWQzMzdj
YTQ0OTUwHhcNMjQwMTAxMTYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ4Y2I0MzM0MmU1OWQ4OGYyYWFiM2M5MTkxNmNjZDIwYTRjMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsbDiNSI/d+SNoNUX69AK7WoWl30
EQkqC085iAyd7oGMvfZHC6kixy4sqVuOYEUIz9n3U/NEB9RbbWhFZlJI9aznG8Qp
se/5977XV1T1CeQ0ZHWF4h9KVgs4iWCzGB1L1iJMgbkpO6UGiTBW3apjj2Jc5n4A
zAJ1TAuzdhu8ksmsE6pm/SdoGiN/zy0pr+mtsOelCFxKjpWqRSnrfDn4ZiNI028n
vYiOqwaW1OowAJNUlt7rEGDbZrSUIKzQBi1dmunehfebCBtFgxc6s7iOkmuMuDrd
ketoBjpJEvlVs8bau4fHc3XZFzLAMHfCmYehQPkC2AdpYwRyNvrW9lY6IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTYy0M0LlnYjyqrPJGRbM0gpMMiMB8GA1UdIwQY
MBaAFCH8FC99dacUuazGU9C1ztM3ykSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWZ3VUwzMTFweFM1ck1aVDBMWE8wemZLUkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80OTBjNTAtNmMwNy00NjQ2LTliZDIt
OGNmMTE1YWEyY2MzLzEvbE5qTFF6UXVXZGlQS3FzOGtaRnN6U0Nrd3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80OTBjNTAtNmMwNy00NjQ2LTliZDItOGNmMTE1YWEyY2Mz
LzEvSWZ3VUwzMTFweFM1ck1aVDBMWE8wemZLUkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRFMMA0G
CSqGSIb3DQEBCwUAA4IBAQCNnoRzcuhn851vSMJdBp8Gao24LWRBSyBREZrHoYhL
7bQoikj8QSufcokScEFlldxwXUcGI8JA9ar10oDxwr1cMT9lqNVMOXp9+oIyKpXt
LvEPtqR7GB3Ppq3oQVWEiS+25ooI19eEf0CHmfkE4oHN4ojbFU47U0ap6UJTpvaO
QKylBvjsQlYqP8R7kNjYEyifBdUPgPOOxKLHijh6/yBdbg1MWOGm13ED/n72e5rS
KcUahWO9DseGgDnD+ShjbMjO2HUOzf1peI3V/LcrpMmMD3dCO9JCyzjMqg9x1I4W
JDcNwype/Hp8Xxja4FbJ22ztX6/sLaBPlVOYR+68q0i/
-----END CERTIFICATE-----
Generated at Sun May 19 06:36:11 2024 by rpki-client on console-fra.rpki-client.org