Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/z_LVs8H1x9R_lGMiDQ1scKGK06U.roa
File: z_LVs8H1x9R_lGMiDQ1scKGK06U.roa (raw, json)
Hash identifier: 4bkF7dbnHtMIooLcUjxfBS37/0YUM1p5g8w+UckmzEM=
Subject key identifier: CF:F2:D5:B3:C1:F5:C7:D4:7F:94:63:22:0D:0D:6C:70:A1:8A:D3:A5
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018CC86F310A253F26F67B8BFA6CCB5F7D8D
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/z_LVs8H1x9R_lGMiDQ1scKGK06U.roa
Signing time: Tue 02 Jan 2024 04:29:39 +0000
ROA not before: Tue 02 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210776
IP address blocks: 185.242.220.0/24 maxlen: 24
185.242.222.0/24 maxlen: 24
185.242.221.0/24 maxlen: 24
185.242.223.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
85.222.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:31:0a:25:3f:26:f6:7b:8b:fa:6c:cb:5f:7d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cff2d5b3c1f5c7d47f9463220d0d6c70a18ad3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:34:90:39:88:9d:d5:1e:f9:71:fa:32:32:
35:e8:f4:2b:84:19:98:a4:9d:b7:93:2e:89:80:5a:
04:70:51:1b:34:5c:b2:64:5d:dc:06:ac:ca:a6:92:
88:b1:eb:f7:da:71:ec:dc:b6:3c:6a:f9:29:06:fa:
7a:3a:a9:09:3f:12:3e:44:5b:22:06:12:3e:31:41:
68:d5:4a:d2:5b:bc:db:ea:37:7b:01:84:3d:24:ae:
09:c3:0e:21:59:4b:67:74:68:fa:ab:ab:37:a6:83:
ff:01:cd:8a:c3:bf:07:91:a2:f4:40:ac:0b:02:33:
e5:b7:18:de:9f:db:4d:41:47:90:78:68:39:bd:9f:
37:34:1c:41:eb:b2:5d:74:7c:7b:39:66:62:3c:9f:
75:fa:18:7f:62:c2:dd:c1:cd:74:24:12:2c:9d:80:
e9:68:70:b4:95:8c:3a:ef:ef:b2:b6:62:8f:d5:71:
c6:ee:f8:9f:45:58:99:3f:04:d2:c3:94:df:c1:b2:
44:cf:c5:1f:9a:a3:7e:40:b4:69:54:43:78:a4:5e:
0f:ee:fb:4b:fb:5c:c6:f5:ba:4d:ca:d6:4b:58:66:
65:99:dd:d4:ce:1d:40:b4:65:24:b2:8c:30:d8:bd:
58:32:bb:3d:0b:0b:a1:55:82:b2:9e:af:88:03:78:
dd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F2:D5:B3:C1:F5:C7:D4:7F:94:63:22:0D:0D:6C:70:A1:8A:D3:A5
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/z_LVs8H1x9R_lGMiDQ1scKGK06U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.238.0/23
185.242.220.0/22
Signature Algorithm: sha256WithRSAEncryption
15:d2:4b:9b:47:ea:57:83:b1:35:d5:cc:84:78:4f:56:bd:97:
1d:2e:fb:9e:63:b3:e9:a9:67:1b:d1:31:4c:57:c5:8c:11:0e:
3a:91:42:45:6d:ab:be:1f:81:b5:75:74:b0:a3:a3:e6:94:fe:
16:19:51:22:34:e9:b8:73:56:14:59:98:9c:74:d7:6e:12:d0:
cf:0b:7b:50:ff:26:45:87:76:d7:c8:30:8c:e2:f0:e6:a0:cc:
98:9e:08:4a:6c:7c:2f:51:50:f1:70:4c:2f:9e:14:b0:b0:91:
c9:e4:85:b3:c9:c2:66:a4:56:9c:3a:bf:0b:6d:30:14:bd:6b:
fe:b0:63:f5:bb:5f:ac:db:f8:c5:c1:e0:fd:b9:40:cd:85:b8:
5d:c4:26:54:31:b6:42:b7:e2:8c:d9:c2:ca:f7:10:ec:73:92:
91:50:06:b5:bf:7f:05:73:c7:bf:a3:c3:7c:6d:f3:e3:b8:46:
67:2f:f4:ec:43:7a:92:17:bd:b5:e3:36:71:c1:10:7c:16:d6:
e0:bc:f3:32:d1:58:35:8e:3d:f9:9d:96:da:65:71:f3:4b:02:
48:af:79:55:48:a2:57:4a:f6:65:e9:5c:f5:c8:5e:eb:d1:bf:
cc:a8:52:bb:9d:7a:f7:16:7e:18:0c:68:a2:00:c3:a1:3b:01:
45:86:e9:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbzEKJT8m9nuL+mzLX32NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjQwMTAyMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYyZDViM2MxZjVjN2Q0N2Y5NDYzMjIwZDBkNmM3MGExOGFkM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldw0kDmIndUe+XH6MjI16PQrhBmY
pJ23ky6JgFoEcFEbNFyyZF3cBqzKppKIsev32nHs3LY8avkpBvp6OqkJPxI+RFsi
BhI+MUFo1UrSW7zb6jd7AYQ9JK4Jww4hWUtndGj6q6s3poP/Ac2Kw78HkaL0QKwL
AjPltxjen9tNQUeQeGg5vZ83NBxB67JddHx7OWZiPJ91+hh/YsLdwc10JBIsnYDp
aHC0lYw67++ytmKP1XHG7vifRViZPwTSw5TfwbJEz8UfmqN+QLRpVEN4pF4P7vtL
+1zG9bpNytZLWGZlmd3Uzh1AtGUksoww2L1YMrs9CwuhVYKynq+IA3jdkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/y1bPB9cfUf5RjIg0NbHChitOlMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvel9MVnM4SDF4OVJfbEdNaURRMXNjS0dLMDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVd7uAwQC
ufLcMA0GCSqGSIb3DQEBCwUAA4IBAQAV0kubR+pXg7E11cyEeE9WvZcdLvueY7Pp
qWcb0TFMV8WMEQ46kUJFbau+H4G1dXSwo6PmlP4WGVEiNOm4c1YUWZicdNduEtDP
C3tQ/yZFh3bXyDCM4vDmoMyYnghKbHwvUVDxcEwvnhSwsJHJ5IWzycJmpFacOr8L
bTAUvWv+sGP1u1+s2/jFweD9uUDNhbhdxCZUMbZCt+KM2cLK9xDsc5KRUAa1v38F
c8e/o8N8bfPjuEZnL/TsQ3qSF7214zZxwRB8FtbgvPMy0Vg1jj35nZbaZXHzSwJI
r3lVSKJXSvZl6Vz1yF7r0b/MqFK7nXr3Fn4YDGiiAMOhOwFFhumK
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:04:34 2024 by rpki-client on console-ams.rpki-client.org