Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/LjKZXBPPz2TSmKsrocfvo_pFzwk.roa
File: LjKZXBPPz2TSmKsrocfvo_pFzwk.roa (raw, json)
Hash identifier: Yj1ruijSu/WqXafJtbM8vpSgpOea9KExqqPznGSTWkM=
Subject key identifier: 2E:32:99:5C:13:CF:CF:64:D2:98:AB:2B:A1:C7:EF:A3:FA:45:CF:09
Certificate issuer: /CN=55843a1b20a2dbe3e4ed53e7548d7689678d5a37
Certificate serial: 018CC6B8BBD0CB312263F4476F9817C8364D
Authority key identifier: 55:84:3A:1B:20:A2:DB:E3:E4:ED:53:E7:54:8D:76:89:67:8D:5A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/LjKZXBPPz2TSmKsrocfvo_pFzwk.roa
Signing time: Mon 01 Jan 2024 20:30:44 +0000
ROA not before: Mon 01 Jan 2024 20:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198068
IP address blocks: 46.36.216.0/21 maxlen: 32
5.101.176.0/20 maxlen: 32
5.188.16.0/21 maxlen: 32
5.188.24.0/22 maxlen: 32
5.45.112.0/20 maxlen: 32
5.101.112.0/20 maxlen: 32
181.114.240.0/20 maxlen: 32
159.253.16.0/21 maxlen: 32
185.4.72.0/22 maxlen: 32
45.67.128.0/22 maxlen: 32
2a03:f480::/32 maxlen: 128
2a09:8240::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:bb:d0:cb:31:22:63:f4:47:6f:98:17:c8:36:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55843a1b20a2dbe3e4ed53e7548d7689678d5a37
Validity
Not Before: Jan 1 20:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e32995c13cfcf64d298ab2ba1c7efa3fa45cf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:66:f0:3f:55:18:42:9c:59:9f:b0:08:d5:
d9:dc:0d:b9:48:c2:46:95:91:69:bf:23:c6:23:d8:
49:4d:e7:f7:7f:3c:31:9c:59:e2:52:47:9c:e6:0f:
1e:5b:40:18:73:08:a7:06:b0:7b:b6:9a:7b:41:a1:
d8:91:be:f3:d9:89:1e:32:26:08:a7:ce:82:bc:17:
26:d3:bf:d5:5d:b5:36:3b:90:8f:8a:da:75:d6:c3:
b3:b9:12:ee:54:d1:28:34:1a:5e:9e:5f:8b:05:7c:
0d:10:25:0c:73:03:17:93:2f:4e:ac:1e:fc:0d:a4:
78:5c:0f:8d:1b:ab:ac:55:f5:97:41:26:d2:1d:8a:
95:c9:c6:7c:d7:c4:e0:84:b4:56:4c:14:d8:3b:4d:
6b:f8:f0:50:27:b0:9e:ec:e3:fc:7c:93:aa:a3:65:
96:cf:de:99:66:b9:ec:5f:4f:7f:cb:57:da:64:1b:
50:eb:b3:69:51:cf:52:fc:b1:02:0d:54:48:cd:a4:
2f:26:8d:dd:55:6d:0c:63:38:6c:bb:8d:6d:7f:e2:
d0:74:58:c3:e7:da:2b:95:a7:d1:cf:2f:54:41:02:
6d:c4:e8:7a:5c:00:ba:ed:57:1e:09:94:dc:11:e6:
cb:1e:46:9b:f3:5a:96:3b:7f:08:73:28:ed:bf:f4:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:32:99:5C:13:CF:CF:64:D2:98:AB:2B:A1:C7:EF:A3:FA:45:CF:09
X509v3 Authority Key Identifier:
keyid:55:84:3A:1B:20:A2:DB:E3:E4:ED:53:E7:54:8D:76:89:67:8D:5A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/LjKZXBPPz2TSmKsrocfvo_pFzwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.112.0/20
5.101.112.0/20
5.101.176.0/20
5.188.16.0-5.188.27.255
45.67.128.0/22
46.36.216.0/21
159.253.16.0/21
181.114.240.0/20
185.4.72.0/22
IPv6:
2a03:f480::/32
2a09:8240::/32
Signature Algorithm: sha256WithRSAEncryption
0d:66:be:96:eb:b3:e2:5b:3f:cc:c6:3a:73:89:4f:3e:75:80:
21:cf:c4:46:df:e7:a5:69:9a:33:1f:fe:74:05:98:20:a2:d2:
d8:c7:86:36:79:83:f3:7e:b4:4c:ba:64:e0:b4:07:b7:be:a4:
6d:93:e4:f6:ea:18:04:cb:e9:1e:5e:39:fd:b1:f7:29:eb:3f:
59:8a:fb:b4:6d:ee:e7:09:0f:40:e9:6b:9f:01:1b:89:83:ad:
64:de:ad:16:a3:53:67:56:65:35:01:0d:d1:92:18:f4:dd:5b:
af:d8:d0:95:2c:ec:fb:13:02:c2:64:f2:53:f9:e5:1d:c0:bf:
44:95:9e:19:43:f3:c1:f5:81:af:5d:6b:4a:5c:2f:a3:6e:87:
c3:1c:7d:63:d2:28:60:1f:76:ce:c1:be:8b:00:2f:85:59:f3:
01:97:78:3a:4f:8d:21:09:5f:f3:02:7d:7f:ae:66:df:0c:24:
76:f5:30:c4:0c:05:91:7f:9b:80:63:e3:f4:4f:50:01:1c:a4:
8e:9b:d8:4b:47:81:e0:13:fd:4b:49:f9:10:aa:7a:cd:97:02:
9e:3f:da:b9:03:00:20:f7:8c:18:cf:e6:48:3c:71:cc:1b:d5:
7e:7b:96:de:62:81:9f:c2:a3:22:b9:24:3b:dd:32:3b:78:7b:
de:77:23:16
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzGuLvQyzEiY/RHb5gXyDZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODQzYTFiMjBhMmRiZTNlNGVkNTNlNzU0OGQ3Njg5Njc4
ZDVhMzcwHhcNMjQwMTAxMjAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTMyOTk1YzEzY2ZjZjY0ZDI5OGFiMmJhMWM3ZWZhM2ZhNDVjZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdZm8D9VGEKcWZ+wCNXZ3A25SMJG
lZFpvyPGI9hJTef3fzwxnFniUkec5g8eW0AYcwinBrB7tpp7QaHYkb7z2YkeMiYI
p86CvBcm07/VXbU2O5CPitp11sOzuRLuVNEoNBpenl+LBXwNECUMcwMXky9OrB78
DaR4XA+NG6usVfWXQSbSHYqVycZ818TghLRWTBTYO01r+PBQJ7Ce7OP8fJOqo2WW
z96ZZrnsX09/y1faZBtQ67NpUc9S/LECDVRIzaQvJo3dVW0MYzhsu41tf+LQdFjD
59orlafRzy9UQQJtxOh6XAC67VceCZTcEebLHkab81qWO38Icyjtv/TvbQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC4ymVwTz89k0pirK6HH76P6Rc8JMB8GA1UdIwQY
MBaAFFWEOhsgotvj5O1T51SNdolnjVo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllRNkd5Q2kyLVBrN1ZQblZJMTJpV2VOV2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kNjFiMzMtYWJkZi00OTAzLWE4MmMt
YjUxNzI1OTdmNzNhLzEvTGpLWlhCUFB6MlRTbUtzcm9jZnZvX3BGendrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kNjFiMzMtYWJkZi00OTAzLWE4MmMtYjUxNzI1OTdmNzNh
LzEvVllRNkd5Q2kyLVBrN1ZQblZJMTJpV2VOV2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQEBS1wAwQE
BWVwAwQEBWWwMAwDBAQFvBADBAIFvBgDBAItQ4ADBAMuJNgDBAOf/RADBAS1cvAD
BAK5BEgwFAQCAAIwDgMFACoD9IADBQAqCYJAMA0GCSqGSIb3DQEBCwUAA4IBAQAN
Zr6W67PiWz/MxjpziU8+dYAhz8RG3+elaZozH/50BZggotLYx4Y2eYPzfrRMumTg
tAe3vqRtk+T26hgEy+keXjn9sfcp6z9Zivu0be7nCQ9A6WufARuJg61k3q0Wo1Nn
VmU1AQ3Rkhj03Vuv2NCVLOz7EwLCZPJT+eUdwL9ElZ4ZQ/PB9YGvXWtKXC+jbofD
HH1j0ihgH3bOwb6LAC+FWfMBl3g6T40hCV/zAn1/rmbfDCR29TDEDAWRf5uAY+P0
T1ABHKSOm9hLR4HgE/1LSfkQqnrNlwKeP9q5AwAg94wYz+ZIPHHMG9V+e5beYoGf
wqMiuSQ73TI7eHvedyMW
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:29 2024 by rpki-client on console-fra.rpki-client.org