Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/l-ora4J64SpShJieqvpPKgjy-aU.roa
File: l-ora4J64SpShJieqvpPKgjy-aU.roa (raw, json)
Hash identifier: /q0jef6lgVjOU9xuG5gobMY7W1IhbWmvU3lcxYY0eT4=
Subject key identifier: 97:EA:2B:6B:82:7A:E1:2A:52:84:98:9E:AA:FA:4F:2A:08:F2:F9:A5
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 018CC6B7A55F85691EC944A96F4E999A5058
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/l-ora4J64SpShJieqvpPKgjy-aU.roa
Signing time: Mon 01 Jan 2024 20:29:33 +0000
ROA not before: Mon 01 Jan 2024 20:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
37.10.30.0/24 maxlen: 24
37.10.31.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.20.0/24 maxlen: 24
5.57.21.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.1.0/24 maxlen: 24
37.10.4.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.7.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a5:5f:85:69:1e:c9:44:a9:6f:4e:99:9a:50:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 1 20:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97ea2b6b827ae12a5284989eaafa4f2a08f2f9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:96:af:aa:d1:a1:97:12:76:0e:33:d7:97:80:
24:81:7a:59:6c:04:52:62:6a:34:6f:8d:4c:98:0e:
37:6c:97:d0:55:f6:8b:59:d9:21:7e:25:d0:7a:af:
18:5a:ca:28:d4:f9:c9:95:10:3a:45:3d:94:f3:43:
b4:d0:fa:2d:55:c9:e6:8f:dc:bc:1b:5b:d0:88:a8:
36:97:f8:b2:c5:a8:b3:a2:b1:53:e4:a5:17:ff:70:
fe:80:1d:7c:b6:80:9f:e0:8d:ad:70:9c:03:2f:30:
4d:0f:80:20:57:87:88:73:9c:e2:ca:bc:17:88:4d:
f2:b7:7c:f7:80:60:e8:f2:0d:27:98:db:07:93:57:
5c:f5:0a:cd:b7:40:34:a6:f1:f5:8d:e8:81:58:40:
8d:e3:4a:ee:f9:4a:c3:30:58:0f:aa:c0:11:80:06:
bd:27:b8:f3:5b:73:43:e3:fd:60:23:f9:46:74:92:
04:3f:cf:7f:ac:6c:f6:95:09:b4:e3:d6:13:c5:e4:
2c:a3:8f:ab:11:c2:60:e2:88:e3:a8:15:45:10:6b:
f7:b6:54:62:0c:5e:af:2a:ea:c9:b6:5f:36:11:9b:
f6:e2:ed:c7:31:5f:82:47:4b:2b:47:91:1b:98:3f:
46:85:aa:79:5b:9b:09:be:07:8b:5b:ac:28:51:4b:
42:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EA:2B:6B:82:7A:E1:2A:52:84:98:9E:AA:FA:4F:2A:08:F2:F9:A5
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/l-ora4J64SpShJieqvpPKgjy-aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0-5.57.21.255
5.57.23.0/24
37.10.0.0/23
37.10.4.0/22
37.10.30.0/23
37.10.63.0/24
185.28.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:79:27:65:01:e0:2a:7a:af:60:73:a7:38:10:55:ea:89:45:
e6:19:b1:24:3d:42:51:86:ef:0a:b3:2d:ae:5c:78:49:56:91:
7a:5e:b1:c7:14:85:ca:a0:82:7d:b3:93:d8:dc:75:08:f7:f5:
e1:48:96:5f:b5:12:17:1d:c5:8a:6f:2b:f5:5f:cf:16:5f:ed:
ce:6c:03:c2:57:06:c3:b2:9c:00:f2:45:67:31:e2:80:47:9c:
5a:4f:21:04:ce:fa:13:78:f9:a5:2f:2a:48:59:6f:f0:10:6a:
f5:a4:35:1f:04:5f:64:e4:63:7c:ce:3c:e9:6c:b0:09:bd:89:
b1:78:15:2a:c5:4d:1c:67:f8:a5:e8:f9:b9:33:32:73:2a:3f:
d1:11:49:5c:a4:fc:b8:1a:53:88:96:7f:cd:5b:1b:0c:01:a8:
d7:e9:bf:1f:2f:e0:1f:c2:df:3c:66:04:2d:96:ed:20:13:f6:
08:1a:8d:af:4e:31:8f:29:b2:f6:76:9c:d6:ea:b8:8c:95:47:
75:33:0b:a6:3f:c6:07:d1:bd:4e:eb:6e:5b:ee:20:f0:e9:8e:
95:85:b0:f7:d2:7e:c0:51:a4:b7:4e:cc:bb:1e:6c:e6:b5:01:
e9:70:c4:a8:04:5e:a9:da:68:94:33:21:44:de:11:d3:03:5c:
ec:c2:63:6d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzGt6VfhWkeyUSpb06ZmlBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjQwMTAxMjAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VhMmI2YjgyN2FlMTJhNTI4NDk4OWVhYWZhNGYyYTA4ZjJmOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpavqtGhlxJ2DjPXl4AkgXpZbARS
Ymo0b41MmA43bJfQVfaLWdkhfiXQeq8YWsoo1PnJlRA6RT2U80O00PotVcnmj9y8
G1vQiKg2l/iyxaizorFT5KUX/3D+gB18toCf4I2tcJwDLzBND4AgV4eIc5ziyrwX
iE3yt3z3gGDo8g0nmNsHk1dc9QrNt0A0pvH1jeiBWECN40ru+UrDMFgPqsARgAa9
J7jzW3ND4/1gI/lGdJIEP89/rGz2lQm049YTxeQso4+rEcJg4ojjqBVFEGv3tlRi
DF6vKurJtl82EZv24u3HMV+CR0srR5EbmD9Ghap5W5sJvgeLW6woUUtCIwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJfqK2uCeuEqUoSYnqr6TyoI8vmlMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvbC1vcmE0SjY0U3BTaEppZXF2cFBLZ2p5LWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAQFORAD
BAEFORQDBAAFORcDBAElCgADBAIlCgQDBAElCh4DBAAlCj8DBAK5HNwwDQYJKoZI
hvcNAQELBQADggEBAD55J2UB4Cp6r2BzpzgQVeqJReYZsSQ9QlGG7wqzLa5ceElW
kXpesccUhcqggn2zk9jcdQj39eFIll+1EhcdxYpvK/VfzxZf7c5sA8JXBsOynADy
RWcx4oBHnFpPIQTO+hN4+aUvKkhZb/AQavWkNR8EX2TkY3zOPOlssAm9ibF4FSrF
TRxn+KXo+bkzMnMqP9ERSVyk/LgaU4iWf81bGwwBqNfpvx8v4B/C3zxmBC2W7SAT
9ggaja9OMY8psvZ2nNbquIyVR3UzC6Y/xgfRvU7rblvuIPDpjpWFsPfSfsBRpLdO
zLsebOa1AelwxKgEXqnaaJQzIUTeEdMDXOzCY20=
-----END CERTIFICATE-----
Generated at Thu May 2 16:15:53 2024 by rpki-client on console-fra.rpki-client.org