Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/lCpwPixaYD9w4jB5wr5HOMVf4No.roa
File: lCpwPixaYD9w4jB5wr5HOMVf4No.roa (raw, json)
Hash identifier: J53flcWDtsYZSXPJXTg39Ucp0g+1AlOOKdTdmWQYLvA=
Subject key identifier: 94:2A:70:3E:2C:5A:60:3F:70:E2:30:79:C2:BE:47:38:C5:5F:E0:DA
Certificate issuer: /CN=7887a16965875f6f53bcc31f0e493a96154eb7b9
Certificate serial: 018CC26D17CAF6795DD493DE5191776DF057
Authority key identifier: 78:87:A1:69:65:87:5F:6F:53:BC:C3:1F:0E:49:3A:96:15:4E:B7:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIehaWWHX29TvMMfDkk6lhVOt7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/lCpwPixaYD9w4jB5wr5HOMVf4No.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204720
IP address blocks: 185.141.226.0/24 maxlen: 24
185.141.225.0/24 maxlen: 24
185.141.224.0/24 maxlen: 24
185.141.227.0/24 maxlen: 24
2a0c:4481:9::/48 maxlen: 48
2a0c:4481:4::/48 maxlen: 48
2a0c:4480:c::/48 maxlen: 48
2a0c:4480:7::/48 maxlen: 48
2a0c:4480:2::/48 maxlen: 48
2a0c:4481:1::/48 maxlen: 48
2a0c:4481:6::/48 maxlen: 48
2a0c:4480:b::/48 maxlen: 48
2a0c:4480:6::/48 maxlen: 48
2a0c:4480:9::/48 maxlen: 48
2a0c:4481:3::/48 maxlen: 48
2a0c:4481:8::/48 maxlen: 48
2a0c:4480:d::/48 maxlen: 48
2a0c:4480:8::/48 maxlen: 48
2a0c:4480:3::/48 maxlen: 48
2a0c:4481:5::/48 maxlen: 48
2a0c:4480:1::/48 maxlen: 48
2a0c:4481::/48 maxlen: 48
2a0c:4481:7::/48 maxlen: 48
2a0c:4481:2::/48 maxlen: 48
2a0c:4480:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/eIehaWWHX29TvMMfDkk6lhVOt7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/eIehaWWHX29TvMMfDkk6lhVOt7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/eIehaWWHX29TvMMfDkk6lhVOt7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:17:ca:f6:79:5d:d4:93:de:51:91:77:6d:f0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7887a16965875f6f53bcc31f0e493a96154eb7b9
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=942a703e2c5a603f70e23079c2be4738c55fe0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9e:b6:30:f5:7a:98:98:de:6d:75:28:42:8f:
e1:c6:ca:b3:e7:1a:18:d8:2f:36:8c:5f:db:8f:bb:
07:c5:d2:34:88:e2:88:6f:35:ab:e9:e4:02:ea:38:
2e:9b:97:76:66:ce:59:42:0a:a6:64:e3:68:fb:85:
c2:49:4a:87:b8:14:7a:a2:b9:28:d5:6b:25:66:fc:
68:e3:6e:00:a8:a6:3a:24:0f:2c:bf:b6:68:4a:d0:
b4:53:5d:9f:3e:8f:04:d0:88:df:e0:6f:99:25:0c:
4b:3b:5a:2e:1f:df:3c:37:be:a9:42:e9:f5:37:8a:
80:9b:d5:a6:ed:40:d8:75:df:a3:71:91:ee:17:5c:
66:24:f1:30:ed:e0:3a:c0:23:f3:84:7e:94:bf:61:
93:37:c2:1c:9a:6d:f5:b5:8b:39:8c:c9:fe:01:b2:
67:8b:41:e2:b4:22:d4:29:1a:03:6e:25:83:8f:a9:
2e:32:fd:b6:0b:55:85:31:b1:0e:c6:52:0b:01:bb:
2b:30:35:85:23:33:ac:c4:eb:bb:f5:b8:29:49:e8:
2b:a4:84:de:30:33:d0:61:3c:f6:2b:41:f5:04:76:
0d:8c:41:de:13:42:5a:ba:d1:3d:b6:f8:92:84:7b:
4e:46:99:63:25:bb:60:df:1b:f6:e4:04:7f:ab:c9:
31:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:2A:70:3E:2C:5A:60:3F:70:E2:30:79:C2:BE:47:38:C5:5F:E0:DA
X509v3 Authority Key Identifier:
keyid:78:87:A1:69:65:87:5F:6F:53:BC:C3:1F:0E:49:3A:96:15:4E:B7:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIehaWWHX29TvMMfDkk6lhVOt7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/lCpwPixaYD9w4jB5wr5HOMVf4No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/197eec-762a-4e42-b9d2-7568a10df443/1/eIehaWWHX29TvMMfDkk6lhVOt7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.224.0/22
IPv6:
2a0c:4480:1::-2a0c:4480:3:ffff:ffff:ffff:ffff:ffff
2a0c:4480:6::-2a0c:4480:d:ffff:ffff:ffff:ffff:ffff
2a0c:4481::-2a0c:4481:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:19:95:e4:b4:18:cf:5a:50:45:71:e3:37:86:82:02:99:7a:
e5:e5:1d:c8:80:f8:1f:b1:8a:86:f3:10:7c:1e:ca:65:21:9d:
62:ab:cd:eb:13:59:1f:98:49:bb:cf:1a:bb:a7:41:89:4b:a7:
0e:6f:6c:bb:16:1a:18:ea:98:1d:4b:3b:23:c2:38:6c:1b:e7:
2c:9a:7c:da:e5:5a:90:01:6c:1f:04:66:51:50:1b:4c:ad:7d:
15:72:c0:cb:40:21:6f:a6:b4:4a:14:89:f6:b3:2d:8a:73:8b:
6e:63:20:a5:2b:28:64:68:3e:18:f4:90:17:eb:22:d8:06:75:
e1:95:29:dc:5e:8e:11:e3:9f:e6:63:4c:4b:6b:0e:6f:26:fa:
61:c5:95:f1:b1:1c:24:9f:f0:c8:e0:18:73:e5:31:e1:3b:9e:
42:12:6f:c5:f6:d7:d0:5d:2c:cc:f1:85:ba:26:1d:09:00:df:
be:c5:06:b2:0a:85:ac:70:d6:f0:7d:cb:7b:ec:fd:e4:1e:38:
88:b3:86:af:06:83:25:98:1c:e6:ea:e9:3f:c0:93:82:e0:12:
2f:22:51:f7:75:8f:74:75:00:d5:09:bf:6c:6c:e7:ba:6b:9b:
86:0f:fe:00:31:a5:91:42:80:8d:3e:c5:2c:f0:13:bb:91:87:
e3:8a:68:19
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzCbRfK9nld1JPeUZF3bfBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ODdhMTY5NjU4NzVmNmY1M2JjYzMxZjBlNDkzYTk2MTU0
ZWI3YjkwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDJhNzAzZTJjNWE2MDNmNzBlMjMwNzljMmJlNDczOGM1NWZlMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ62MPV6mJjebXUoQo/hxsqz5xoY
2C82jF/bj7sHxdI0iOKIbzWr6eQC6jgum5d2Zs5ZQgqmZONo+4XCSUqHuBR6orko
1WslZvxo424AqKY6JA8sv7ZoStC0U12fPo8E0Ijf4G+ZJQxLO1ouH988N76pQun1
N4qAm9Wm7UDYdd+jcZHuF1xmJPEw7eA6wCPzhH6Uv2GTN8Icmm31tYs5jMn+AbJn
i0HitCLUKRoDbiWDj6kuMv22C1WFMbEOxlILAbsrMDWFIzOsxOu79bgpSegrpITe
MDPQYTz2K0H1BHYNjEHeE0JautE9tviShHtORpljJbtg3xv25AR/q8kxXwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJQqcD4sWmA/cOIwecK+RzjFX+DaMB8GA1UdIwQY
MBaAFHiHoWllh19vU7zDHw5JOpYVTre5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUllaGFXV0hYMjlUdk1NZkRrazZsaFZPdDdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOTdlZWMtNzYyYS00ZTQyLWI5ZDIt
NzU2OGExMGRmNDQzLzEvbENwd1BpeGFZRDl3NGpCNXdyNUhPTVZmNE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOTdlZWMtNzYyYS00ZTQyLWI5ZDItNzU2OGExMGRmNDQz
LzEvZUllaGFXV0hYMjlUdk1NZkRrazZsaFZPdDdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQCuY3gMEAE
AgACMDowEgMHACoMRIAAAQMHAioMRIAAADASAwcBKgxEgAAGAwcBKgxEgAAMMBAD
BQAqDESBAwcBKgxEgQAIMA0GCSqGSIb3DQEBCwUAA4IBAQCOGZXktBjPWlBFceM3
hoICmXrl5R3IgPgfsYqG8xB8HsplIZ1iq83rE1kfmEm7zxq7p0GJS6cOb2y7FhoY
6pgdSzsjwjhsG+csmnza5VqQAWwfBGZRUBtMrX0VcsDLQCFvprRKFIn2sy2Kc4tu
YyClKyhkaD4Y9JAX6yLYBnXhlSncXo4R45/mY0xLaw5vJvphxZXxsRwkn/DI4Bhz
5THhO55CEm/F9tfQXSzM8YW6Jh0JAN++xQayCoWscNbwfct77P3kHjiIs4avBoMl
mBzm6uk/wJOC4BIvIlH3dY90dQDVCb9sbOe6a5uGD/4AMaWRQoCNPsUs8BO7kYfj
imgZ
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:31:29 2024 by rpki-client on console-ams.rpki-client.org