Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/LV5NNz8kGnACN0PAubzQTkyTkrA.roa
File: LV5NNz8kGnACN0PAubzQTkyTkrA.roa (raw, json)
Hash identifier: GsBwMa9xesOrZOnko4/XfoELEUOTRnzVYCLuzYe1VCo=
Subject key identifier: 2D:5E:4D:37:3F:24:1A:70:02:37:43:C0:B9:BC:D0:4E:4C:93:92:B0
Certificate issuer: /CN=6810aa89239242dacc9d03e3af22d4e87a783414
Certificate serial: 018CC64B2FCCEEA21B1F90F5FC9977CB51BC
Authority key identifier: 68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/LV5NNz8kGnACN0PAubzQTkyTkrA.roa
Signing time: Mon 01 Jan 2024 18:31:05 +0000
ROA not before: Mon 01 Jan 2024 18:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51093
IP address blocks: 185.108.16.0/24 maxlen: 24
212.48.224.0/22 maxlen: 24
212.48.232.0/24 maxlen: 24
212.48.228.0/22 maxlen: 24
212.48.230.0/24 maxlen: 24
2a06:300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2f:cc:ee:a2:1b:1f:90:f5:fc:99:77:cb:51:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6810aa89239242dacc9d03e3af22d4e87a783414
Validity
Not Before: Jan 1 18:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d5e4d373f241a70023743c0b9bcd04e4c9392b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:82:5f:2d:30:03:d4:d6:ea:72:d7:e4:bf:6e:
f6:2d:8a:47:85:92:6a:28:f9:f4:d6:f2:76:99:c9:
b6:f4:e3:3a:8b:c1:54:86:be:34:45:48:0d:b7:75:
9d:4c:99:84:eb:58:91:ae:fa:0d:a5:79:77:32:80:
8a:ec:22:26:61:e5:2d:4a:a6:b1:20:aa:f3:0d:e5:
48:17:11:37:f9:b2:ba:59:0e:9d:8d:c2:0b:0a:01:
05:da:7f:c2:5f:b5:70:b6:53:96:31:86:ec:ba:86:
23:57:0f:8b:4a:00:4e:16:df:89:30:1e:7a:ba:46:
b8:7a:fb:1d:7c:4f:25:67:a8:9b:ef:25:8e:8f:76:
44:1f:ba:78:bf:a0:09:9b:96:e5:5f:9a:d6:0b:17:
a7:ff:3b:ba:1e:49:2e:c2:33:a5:c3:0c:b9:57:1e:
c0:16:3c:56:9f:d2:3f:08:70:3c:68:9d:74:17:06:
17:00:01:4b:f0:6e:2e:4f:87:9e:63:32:5c:34:d6:
f9:35:a9:68:f1:7d:f6:e7:82:c9:9c:07:a6:f7:ac:
56:66:1e:2a:32:8e:b0:0c:c6:85:1d:7d:a0:f3:a9:
c9:36:df:cf:78:28:46:58:14:e8:9a:e1:58:7a:3b:
71:ab:dd:24:3a:90:f9:a5:ff:3b:c2:80:ae:ec:5e:
07:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5E:4D:37:3F:24:1A:70:02:37:43:C0:B9:BC:D0:4E:4C:93:92:B0
X509v3 Authority Key Identifier:
keyid:68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/LV5NNz8kGnACN0PAubzQTkyTkrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.16.0/24
212.48.224.0-212.48.232.255
IPv6:
2a06:300::/29
Signature Algorithm: sha256WithRSAEncryption
b3:91:6f:6b:fd:78:f6:10:3e:eb:29:85:65:eb:df:b1:74:ce:
ea:86:43:bd:6b:88:51:34:93:93:f8:08:be:d0:3d:aa:21:bb:
e4:0d:9c:d3:60:9f:68:59:21:91:d2:43:e4:34:ef:7c:73:5b:
f8:b0:13:58:60:d9:f2:8a:f9:78:1f:5b:bf:64:b6:c3:ca:ed:
32:b1:78:c1:94:2e:87:ef:e6:0f:28:06:ca:83:67:2b:35:9d:
61:1b:be:be:4f:90:79:d4:60:8a:a6:d9:34:e2:e6:e5:ce:db:
17:02:15:c0:bb:06:5f:61:c5:cf:48:dd:f3:12:07:36:14:56:
4d:d4:e5:3c:32:e3:fd:88:ff:28:c1:cb:48:ff:0d:87:e4:30:
da:aa:1c:7a:25:db:c5:e6:dc:3c:58:bf:b7:a6:2b:2e:4f:26:
ac:4f:ca:65:0c:31:30:e0:bb:d8:9c:16:aa:5c:5c:fd:4b:ca:
23:10:51:d3:d3:26:5e:f2:ea:5c:f0:35:57:d2:33:af:35:d9:
9d:bb:c1:e4:7e:1d:cd:f1:63:36:fc:00:7a:15:b8:11:d3:b1:
e4:cd:4a:62:88:b2:bd:ec:0b:94:4f:42:a9:95:72:e4:5b:44:
6f:73:cf:37:62:67:54:e1:29:bd:8b:9b:1c:68:b4:c0:bf:be:
d8:f6:c8:a5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGSy/M7qIbH5D1/Jl3y1G8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTBhYTg5MjM5MjQyZGFjYzlkMDNlM2FmMjJkNGU4N2E3
ODM0MTQwHhcNMjQwMTAxMTgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDVlNGQzNzNmMjQxYTcwMDIzNzQzYzBiOWJjZDA0ZTRjOTM5MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4JfLTAD1Nbqctfkv272LYpHhZJq
KPn01vJ2mcm29OM6i8FUhr40RUgNt3WdTJmE61iRrvoNpXl3MoCK7CImYeUtSqax
IKrzDeVIFxE3+bK6WQ6djcILCgEF2n/CX7VwtlOWMYbsuoYjVw+LSgBOFt+JMB56
uka4evsdfE8lZ6ib7yWOj3ZEH7p4v6AJm5blX5rWCxen/zu6HkkuwjOlwwy5Vx7A
FjxWn9I/CHA8aJ10FwYXAAFL8G4uT4eeYzJcNNb5Nalo8X3254LJnAem96xWZh4q
Mo6wDMaFHX2g86nJNt/PeChGWBTomuFYejtxq90kOpD5pf87woCu7F4HhwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC1eTTc/JBpwAjdDwLm80E5Mk5KwMB8GA1UdIwQY
MBaAFGgQqokjkkLazJ0D468i1Oh6eDQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEt
MWY2ODk5MzViOTBmLzEvTFY1Tk56OGtHbkFDTjBQQXVielFUa3lUa3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEtMWY2ODk5MzViOTBm
LzEvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAuWwQMAwD
BAXUMOADBADUMOgwDQQCAAIwBwMFAyoGAwAwDQYJKoZIhvcNAQELBQADggEBALOR
b2v9ePYQPusphWXr37F0zuqGQ71riFE0k5P4CL7QPaohu+QNnNNgn2hZIZHSQ+Q0
73xzW/iwE1hg2fKK+XgfW79ktsPK7TKxeMGULofv5g8oBsqDZys1nWEbvr5PkHnU
YIqm2TTi5uXO2xcCFcC7Bl9hxc9I3fMSBzYUVk3U5Twy4/2I/yjBy0j/DYfkMNqq
HHol28Xm3DxYv7emKy5PJqxPymUMMTDgu9icFqpcXP1LyiMQUdPTJl7y6lzwNVfS
M6812Z27weR+Hc3xYzb8AHoVuBHTseTNSmKIsr3sC5RPQqmVcuRbRG9zzzdiZ1Th
Kb2LmxxotMC/vtj2yKU=
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:08:53 2024 by rpki-client on console-ams.rpki-client.org