Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lYTW5HTOLvKagcLU2Im21zbOHoQ.roa
File: lYTW5HTOLvKagcLU2Im21zbOHoQ.roa (raw, json)
Hash identifier: FtPq+0rWTosqFgc8JF+02McUQJyBiIWNO2cDaDWINAg=
Subject key identifier: 95:84:D6:E4:74:CE:2E:F2:9A:81:C2:D4:D8:89:B6:D7:36:CE:1E:84
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501121691F42FBB74F4DC52660E2B6C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lYTW5HTOLvKagcLU2Im21zbOHoQ.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47377
IP address blocks: 185.135.140.0/22 maxlen: 24
203.0.8.0/23 maxlen: 24
91.190.102.0/23 maxlen: 24
185.238.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:12:16:91:f4:2f:bb:74:f4:dc:52:66:0e:2b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9584d6e474ce2ef29a81c2d4d889b6d736ce1e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d6:29:fb:63:a4:95:c3:a3:ed:b6:40:a7:8c:
29:05:2a:36:6d:14:82:98:16:1f:ea:19:8e:39:eb:
d6:ab:58:02:db:a8:bb:a0:21:24:de:34:48:03:12:
ed:da:fb:83:5a:67:e3:51:01:b6:00:5e:65:f5:28:
ff:8c:ea:94:d5:a1:51:31:ca:12:fa:02:e0:ac:41:
1f:82:74:48:c5:37:19:17:03:41:b8:48:40:46:3b:
f9:91:c1:2e:87:5e:c2:3e:9b:65:69:21:05:4e:85:
59:5d:d0:2b:34:47:5b:05:0b:af:a1:95:e5:d2:c4:
14:8a:68:e7:f8:de:7d:16:29:e4:b0:66:bf:84:f0:
ab:d7:1d:af:a8:e5:fc:20:89:35:9c:ba:fb:71:d8:
fe:01:7c:98:62:34:8a:e0:cc:cb:60:88:b5:fb:d5:
4d:d7:55:e9:91:b7:ba:f6:5a:54:84:f0:5c:67:92:
be:84:11:de:89:f4:6e:ac:9e:59:4d:22:b8:f4:b3:
c3:27:0b:1a:e4:46:10:16:c8:2e:d4:a1:50:e9:55:
c5:79:3a:2b:b0:69:ac:f5:cc:e8:9f:f5:b2:f3:09:
d2:f9:12:74:c1:e6:b5:5a:1f:07:08:e8:b3:93:67:
55:bf:38:ec:2c:7c:30:c6:81:5f:60:52:4b:5d:7d:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:84:D6:E4:74:CE:2E:F2:9A:81:C2:D4:D8:89:B6:D7:36:CE:1E:84
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lYTW5HTOLvKagcLU2Im21zbOHoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.102.0/23
185.135.140.0/22
185.238.8.0/22
203.0.8.0/23
Signature Algorithm: sha256WithRSAEncryption
35:52:98:c2:c4:d0:ec:5a:c5:fa:6a:7a:7b:5d:bb:20:f4:16:
16:07:ca:4e:d2:b5:2d:56:93:f5:c3:2c:7b:d3:ef:64:4d:c4:
e5:73:75:cb:67:f1:53:ef:12:40:d2:40:c3:e7:63:a7:58:90:
48:c9:ee:a0:13:85:c8:31:38:8d:42:bc:bb:d5:4b:95:63:e3:
da:af:54:22:57:36:d3:a3:3c:92:b9:0c:d4:2b:5f:08:f4:c1:
6a:2a:2a:21:e1:ba:8c:a3:8b:af:3c:2c:8b:1d:65:89:90:fc:
38:55:18:9b:92:76:d4:2d:c3:93:36:bb:93:54:ea:0d:18:ed:
2b:17:73:a2:fb:0d:4a:db:b0:89:f3:cd:9d:49:23:4e:ee:32:
d9:bc:7f:ea:f3:52:9e:94:f6:78:56:32:5a:39:e5:1b:7f:4d:
4a:b0:35:57:1e:3d:e7:2e:64:0a:e2:46:87:7e:3d:a5:f3:44:
98:56:48:46:a8:1f:9f:c0:b9:23:c4:21:13:8f:55:9d:3a:31:
ec:34:89:e6:ad:20:08:ff:0e:c8:2e:10:f4:96:a2:75:36:bb:
cd:46:59:1b:ac:28:88:3e:8c:c3:ba:d5:0a:1c:c9:17:14:47:
04:9b:af:61:4d:04:b7:dc:39:93:fc:a0:4f:f9:eb:ba:56:64:
e2:3d:5e:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFARIWkfQvu3T03FJmDitsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg0ZDZlNDc0Y2UyZWYyOWE4MWMyZDRkODg5YjZkNzM2Y2UxZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNYp+2OklcOj7bZAp4wpBSo2bRSC
mBYf6hmOOevWq1gC26i7oCEk3jRIAxLt2vuDWmfjUQG2AF5l9Sj/jOqU1aFRMcoS
+gLgrEEfgnRIxTcZFwNBuEhARjv5kcEuh17CPptlaSEFToVZXdArNEdbBQuvoZXl
0sQUimjn+N59FinksGa/hPCr1x2vqOX8IIk1nLr7cdj+AXyYYjSK4MzLYIi1+9VN
11Xpkbe69lpUhPBcZ5K+hBHeifRurJ5ZTSK49LPDJwsa5EYQFsgu1KFQ6VXFeTor
sGms9czon/Wy8wnS+RJ0wea1Wh8HCOizk2dVvzjsLHwwxoFfYFJLXX2drwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJWE1uR0zi7ymoHC1NiJttc2zh6EMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbFlUVzVIVE9MdkthZ2NMVTJJbTIxemJPSG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW75mAwQC
uYeMAwQCue4IAwQBywAIMA0GCSqGSIb3DQEBCwUAA4IBAQA1UpjCxNDsWsX6anp7
Xbsg9BYWB8pO0rUtVpP1wyx70+9kTcTlc3XLZ/FT7xJA0kDD52OnWJBIye6gE4XI
MTiNQry71UuVY+Par1QiVzbTozySuQzUK18I9MFqKioh4bqMo4uvPCyLHWWJkPw4
VRibknbULcOTNruTVOoNGO0rF3Oi+w1K27CJ882dSSNO7jLZvH/q81KelPZ4VjJa
OeUbf01KsDVXHj3nLmQK4kaHfj2l80SYVkhGqB+fwLkjxCETj1WdOjHsNInmrSAI
/w7ILhD0lqJ1NrvNRlkbrCiIPozDutUKHMkXFEcEm69hTQS33DmT/KBP+eu6VmTi
PV7L
-----END CERTIFICATE-----
Generated at Sun May 5 19:53:50 2024 by rpki-client on console-fra.rpki-client.org