Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/LJiYVwOoDPo8IW9twCp6R35Eb_M.roa
File: LJiYVwOoDPo8IW9twCp6R35Eb_M.roa (raw, json)
Hash identifier: VtfJYC13Fjt0a3wKzdGk4DyFsTAWUX+yuxPDxM6nIUM=
Subject key identifier: 2C:98:98:57:03:A8:0C:FA:3C:21:6F:6D:C0:2A:7A:47:7E:44:6F:F3
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC727778BF2160C5144B524874BFDB542
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/LJiYVwOoDPo8IW9twCp6R35Eb_M.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56534
IP address blocks: 85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.143.144.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.142.208.0/22 maxlen: 22
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
82.179.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:77:8b:f2:16:0c:51:44:b5:24:87:4b:fd:b5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c98985703a80cfa3c216f6dc02a7a477e446ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:cb:2e:12:44:7a:7c:93:b4:4a:67:b8:23:
71:61:da:cc:95:13:42:af:91:d9:ed:0a:31:24:f1:
2d:ae:9d:b2:bb:48:a9:e9:0d:6f:87:0c:fd:29:56:
ac:5e:58:55:b8:e4:2b:6b:f7:59:52:b9:a9:d8:77:
de:16:b2:e1:2c:ed:70:83:64:e8:f6:88:7b:0a:14:
ed:0e:fa:bf:85:e0:8c:91:14:82:7b:77:94:22:06:
b6:1c:7b:c9:0d:fa:56:ee:4e:da:44:51:61:d1:cf:
7e:1c:9a:aa:43:de:ee:24:32:d0:4e:9d:7a:f2:c9:
af:77:9b:f3:29:87:09:fb:45:18:aa:83:3f:42:9a:
6a:b6:71:d3:4d:94:e4:ed:a8:c7:8c:e5:0a:db:2c:
54:e6:cb:c7:ac:d1:31:7b:5d:83:c0:74:cd:ce:e9:
6a:39:48:da:c3:1f:a1:3d:e9:dd:dc:e7:87:f6:a2:
17:bd:8a:b2:17:aa:b3:b3:f9:99:9d:15:c9:06:79:
65:1c:25:dd:c6:a1:38:0d:30:03:a6:28:a6:ab:1d:
50:f6:a5:80:c4:2b:b0:b4:77:95:74:47:e1:9e:93:
bb:4e:a0:74:c7:e9:9e:95:00:7f:5d:e1:1f:c7:85:
3f:c2:a9:b1:6b:30:54:a7:5b:f0:8d:98:e4:26:16:
9d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:98:98:57:03:A8:0C:FA:3C:21:6F:6D:C0:2A:7A:47:7E:44:6F:F3
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/LJiYVwOoDPo8IW9twCp6R35Eb_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.164.0-85.142.179.255
85.142.208.0/22
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
69:12:2a:1c:6a:bd:ea:90:95:fe:01:48:8c:b6:50:3b:6d:1f:
5b:25:e9:5c:36:d1:1e:42:b5:df:25:f5:52:9a:02:9d:d1:54:
d6:fa:9f:1a:c1:e9:27:5d:ed:0b:72:75:87:a1:02:41:4a:73:
b7:df:3b:3f:21:33:a6:36:ab:33:3f:14:39:3e:b6:e6:42:89:
32:dd:3b:89:0e:99:69:1c:22:df:d9:c4:b9:13:f0:59:ab:bd:
38:58:10:bb:46:b8:c1:93:bc:29:80:34:a3:89:bd:0e:41:0b:
83:fa:a5:d4:cf:00:5a:77:8e:de:3d:ce:ab:b1:8f:73:d4:39:
81:37:d6:fc:95:f6:50:e4:70:57:ac:a9:4c:7b:4e:7a:a4:c8:
ac:33:8d:c5:3c:ae:32:83:e4:ec:43:6b:65:f7:e5:57:f3:54:
c6:a6:2a:03:97:95:66:ee:a0:f1:4a:c5:84:7a:42:c2:f9:6d:
25:d1:1c:a1:0c:83:87:55:d4:52:0a:58:50:7c:c3:96:c8:02:
6c:ca:c1:67:30:bf:48:dd:59:ed:cf:1f:1a:df:92:13:6a:ca:
10:96:dd:74:6e:e8:1b:c1:62:f7:3d:01:9f:b2:54:81:96:6a:
c1:ca:0d:63:cd:7c:2a:53:46:0e:6e:d6:09:83:fc:01:58:5b:
8a:3a:6d:ac
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzHJ3eL8hYMUUS1JIdL/bVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzk4OTg1NzAzYTgwY2ZhM2MyMTZmNmRjMDJhN2E0NzdlNDQ2ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUzLLhJEenyTtEpnuCNxYdrMlRNC
r5HZ7QoxJPEtrp2yu0ip6Q1vhwz9KVasXlhVuOQra/dZUrmp2HfeFrLhLO1wg2To
9oh7ChTtDvq/heCMkRSCe3eUIga2HHvJDfpW7k7aRFFh0c9+HJqqQ97uJDLQTp16
8smvd5vzKYcJ+0UYqoM/QppqtnHTTZTk7ajHjOUK2yxU5svHrNExe12DwHTNzulq
OUjawx+hPend3OeH9qIXvYqyF6qzs/mZnRXJBnllHCXdxqE4DTADpiimqx1Q9qWA
xCuwtHeVdEfhnpO7TqB0x+melQB/XeEfx4U/wqmxazBUp1vwjZjkJhadwQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCyYmFcDqAz6PCFvbcAqekd+RG/zMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvTEppWVZ3T29EUG84SVc5dHdDcDZSMzVFYl9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCUrP4MAwD
BAJVjqQDBAJVjrADBAJVjtADBAJVj5ADBANVj6ADBAJVj7ADBAJVj7gwDAMEAFWP
ywMEBFWPwAMEAFWP+gMEAlWP/DANBgkqhkiG9w0BAQsFAAOCAQEAaRIqHGq96pCV
/gFIjLZQO20fWyXpXDbRHkK13yX1UpoCndFU1vqfGsHpJ13tC3J1h6ECQUpzt987
PyEzpjarMz8UOT625kKJMt07iQ6ZaRwi39nEuRPwWau9OFgQu0a4wZO8KYA0o4m9
DkELg/ql1M8AWneO3j3Oq7GPc9Q5gTfW/JX2UORwV6ypTHtOeqTIrDONxTyuMoPk
7ENrZfflV/NUxqYqA5eVZu6g8UrFhHpCwvltJdEcoQyDh1XUUgpYUHzDlsgCbMrB
ZzC/SN1Z7c8fGt+SE2rKEJbddG7oG8Fi9z0Bn7JUgZZqwcoNY818KlNGDm7WCYP8
AVhbijptrA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:39:15 2024 by rpki-client on console-ams.rpki-client.org