Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/ljYUEwMk2Dm5z9GTQTvNUIAGSkQ.roa
File: ljYUEwMk2Dm5z9GTQTvNUIAGSkQ.roa (raw, json)
Hash identifier: Y83QBK+ZOtJiOAYxiXxS2DRuvXjxuSd7xgB5r4MEe8E=
Subject key identifier: 96:36:14:13:03:24:D8:39:B9:CF:D1:93:41:3B:CD:50:80:06:4A:44
Certificate issuer: /CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Certificate serial: 018CC348A2EF8BE90B23A6411427D450A223
Authority key identifier: 3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/ljYUEwMk2Dm5z9GTQTvNUIAGSkQ.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44347
IP address blocks: 185.14.34.0/23 maxlen: 23
185.14.32.0/23 maxlen: 23
185.14.32.0/22 maxlen: 22
188.65.48.0/22 maxlen: 22
188.65.48.0/21 maxlen: 21
188.65.52.0/22 maxlen: 22
46.43.192.0/19 maxlen: 19
46.43.192.0/18 maxlen: 18
46.43.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/OlOeUB3_N83JLL7gzduS7S6BwTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/OlOeUB3_N83JLL7gzduS7S6BwTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a2:ef:8b:e9:0b:23:a6:41:14:27:d4:50:a2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=963614130324d839b9cfd193413bcd5080064a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:94:2b:db:b6:70:e8:eb:d5:b1:f5:a8:1d:1a:
2e:9d:7e:44:50:bb:fc:ee:1a:89:71:d3:51:44:42:
b0:b9:50:bb:69:3d:90:ff:fb:ff:c4:ef:95:2c:a3:
f4:53:87:d3:9b:c4:46:0b:53:11:27:83:50:90:c1:
91:7a:31:79:a5:0d:07:ed:c7:19:ee:1c:05:de:83:
ee:b3:f7:6c:e5:68:a9:df:17:5e:58:c8:27:0e:f1:
5e:b7:1a:b1:c5:43:ef:f4:af:6f:22:11:36:f3:94:
b4:21:3b:ba:f7:cf:dd:d3:c6:15:20:3d:14:bb:43:
61:4c:5b:22:5b:ea:12:3c:00:6e:28:c0:31:e3:5a:
19:a5:37:6e:68:0e:f6:8b:b5:0f:41:57:64:60:4d:
7d:83:f9:ce:d5:a9:bc:62:ef:39:3b:7e:70:69:d3:
c4:dd:b4:34:9a:d0:3c:8d:07:27:4c:c2:f9:ca:71:
03:4e:42:1b:7f:bd:a3:14:2c:de:26:dd:5f:0d:99:
c1:40:57:94:6b:f1:44:30:5b:ac:e0:1d:fc:68:a8:
36:a7:82:b5:cd:44:2c:ea:92:e8:7a:d0:2d:9e:8c:
27:2c:26:e2:62:50:12:cd:42:06:72:a9:3d:77:40:
67:3e:ac:a7:ba:02:b4:1a:94:95:26:41:6a:ab:7c:
6d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:36:14:13:03:24:D8:39:B9:CF:D1:93:41:3B:CD:50:80:06:4A:44
X509v3 Authority Key Identifier:
keyid:3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/ljYUEwMk2Dm5z9GTQTvNUIAGSkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/OlOeUB3_N83JLL7gzduS7S6BwTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.43.192.0/18
185.14.32.0/22
188.65.48.0/21
Signature Algorithm: sha256WithRSAEncryption
c4:fe:1f:30:f3:3d:cc:46:83:52:a7:79:0d:28:eb:6f:a3:34:
76:6e:b8:cb:d3:00:35:ee:1a:c8:1a:9b:c7:15:d9:5b:2b:82:
bf:83:32:f8:5f:13:a4:b5:02:2f:f9:b5:f1:d4:f9:25:51:c6:
54:e8:1a:94:65:f1:27:57:1e:14:83:5c:d4:38:cd:50:31:65:
6f:e7:7d:21:87:00:b1:a6:74:60:d3:a5:e5:fb:15:66:b3:d6:
e5:4c:d1:46:65:c9:c6:7e:d3:9d:20:c3:30:f2:db:82:6e:ed:
5e:a7:dd:57:1a:73:fd:42:c4:ff:12:41:36:8c:bb:e4:0a:48:
b4:b2:c3:c8:f7:dd:18:da:d6:44:5f:59:ff:0e:92:1a:71:b8:
f4:0b:e4:35:b6:f7:75:c9:bc:f9:53:c9:62:1d:40:7e:94:d3:
39:3b:8b:33:19:30:3d:ad:84:1d:ba:f1:21:8a:d7:d8:04:eb:
d1:25:27:d1:63:4f:15:21:a2:ed:8b:2b:1f:11:18:af:2f:c8:
4f:a5:a4:67:aa:94:b3:8f:bf:b9:19:c7:42:c1:8b:3f:85:39:
bd:22:0e:86:e4:5a:c1:61:e4:f6:0d:1f:0d:32:7b:c4:18:26:
0d:7f:d3:d3:d5:5b:1b:33:c7:89:42:aa:ef:0d:52:e7:de:85:
12:e8:47:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSKLvi+kLI6ZBFCfUUKIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNTM5ZTUwMWRmZjM3Y2RjOTJjYmVlMGNkZGI5MmVkMmU4
MWMxM2MwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM2MTQxMzAzMjRkODM5YjljZmQxOTM0MTNiY2Q1MDgwMDY0YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Qr27Zw6OvVsfWoHRounX5EULv8
7hqJcdNRREKwuVC7aT2Q//v/xO+VLKP0U4fTm8RGC1MRJ4NQkMGRejF5pQ0H7ccZ
7hwF3oPus/ds5Wip3xdeWMgnDvFetxqxxUPv9K9vIhE285S0ITu698/d08YVID0U
u0NhTFsiW+oSPABuKMAx41oZpTduaA72i7UPQVdkYE19g/nO1am8Yu85O35wadPE
3bQ0mtA8jQcnTML5ynEDTkIbf72jFCzeJt1fDZnBQFeUa/FEMFus4B38aKg2p4K1
zUQs6pLoetAtnownLCbiYlASzUIGcqk9d0BnPqynugK0GpSVJkFqq3xtLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJY2FBMDJNg5uc/Rk0E7zVCABkpEMB8GA1UdIwQY
MBaAFDpTnlAd/zfNySy+4M3bku0ugcE8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTIt
MDI3YzBkNjQyNGUzLzEvbGpZVUV3TWsyRG01ejlHVFFUdk5VSUFHU2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTItMDI3YzBkNjQyNGUz
LzEvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGLivAAwQC
uQ4gAwQDvEEwMA0GCSqGSIb3DQEBCwUAA4IBAQDE/h8w8z3MRoNSp3kNKOtvozR2
brjL0wA17hrIGpvHFdlbK4K/gzL4XxOktQIv+bXx1PklUcZU6BqUZfEnVx4Ug1zU
OM1QMWVv530hhwCxpnRg06Xl+xVms9blTNFGZcnGftOdIMMw8tuCbu1ep91XGnP9
QsT/EkE2jLvkCki0ssPI990Y2tZEX1n/DpIacbj0C+Q1tvd1ybz5U8liHUB+lNM5
O4szGTA9rYQduvEhitfYBOvRJSfRY08VIaLtiysfERivL8hPpaRnqpSzj7+5GcdC
wYs/hTm9Ig6G5FrBYeT2DR8NMnvEGCYNf9PT1VsbM8eJQqrvDVLn3oUS6EfF
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:13:12 2024 by rpki-client on console-fra.rpki-client.org