Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/lPBe3KdDE0h6RBNV6Ws2fiMIG_E.roa
File: lPBe3KdDE0h6RBNV6Ws2fiMIG_E.roa (raw, json)
Hash identifier: F2gwKWZfokMKV3Ed3ieEqgGQ5NMB2bPpQrYc2V3vVFE=
Subject key identifier: 94:F0:5E:DC:A7:43:13:48:7A:44:13:55:E9:6B:36:7E:23:08:1B:F1
Certificate issuer: /CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Certificate serial: 018CC7932B01DD3E18D6AB928ADBB2D71AD8
Authority key identifier: ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/lPBe3KdDE0h6RBNV6Ws2fiMIG_E.roa
Signing time: Tue 02 Jan 2024 00:29:19 +0000
ROA not before: Tue 02 Jan 2024 00:29:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64411
IP address blocks: 185.165.164.0/22 maxlen: 22
2a0a:3e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/7cJgAozSqx0OQ3dPRATezSeu88w.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/7cJgAozSqx0OQ3dPRATezSeu88w.mft
rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2b:01:dd:3e:18:d6:ab:92:8a:db:b2:d7:1a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc260028cd2ab1d0e43774f4404decd27aef3cc
Validity
Not Before: Jan 2 00:29:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94f05edca74313487a441355e96b367e23081bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5c:eb:20:d2:dd:1d:4c:30:2c:f9:5d:d5:18:
cc:d4:46:a6:3f:f1:19:d2:3b:00:da:92:ee:fe:a6:
0e:a1:76:1a:d2:cd:00:8d:19:33:ab:38:33:c5:1a:
e4:62:81:1f:20:f9:70:99:3e:50:5d:3d:1b:19:5a:
36:bf:19:9e:10:97:33:b4:d8:82:3b:47:ca:2b:03:
b8:a5:5e:56:96:14:a3:f3:1d:a7:01:64:d0:41:1c:
76:66:a2:d4:84:67:94:65:17:b8:6a:cf:36:66:27:
f0:b7:31:4e:40:f5:32:6f:4d:19:a5:07:e8:99:d5:
ff:54:d8:a1:d4:d5:a1:c3:55:42:df:23:aa:b7:d6:
5d:44:17:46:f8:4b:ce:a6:f2:f3:34:95:f1:13:0e:
cc:66:53:24:b1:4d:d9:44:81:f7:8e:76:5e:36:2c:
33:e3:4f:f9:e8:a9:ec:eb:e9:c5:94:98:f8:88:09:
cf:2c:b7:9d:b6:b4:9b:cd:34:d8:6e:71:cb:a8:89:
3f:26:79:a1:7b:f1:5a:3d:83:2b:e6:86:f9:72:05:
ba:54:3f:a3:b6:67:52:81:49:fc:a6:ce:af:a6:7b:
cb:6b:e4:f4:09:c4:fe:88:49:82:b0:fe:2a:34:0f:
67:ed:e2:eb:80:8e:74:7f:0e:44:30:7f:7f:a4:81:
62:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F0:5E:DC:A7:43:13:48:7A:44:13:55:E9:6B:36:7E:23:08:1B:F1
X509v3 Authority Key Identifier:
keyid:ED:C2:60:02:8C:D2:AB:1D:0E:43:77:4F:44:04:DE:CD:27:AE:F3:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cJgAozSqx0OQ3dPRATezSeu88w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/lPBe3KdDE0h6RBNV6Ws2fiMIG_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9952b6-336f-4668-bafb-fdc258377301/1/7cJgAozSqx0OQ3dPRATezSeu88w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.164.0/22
IPv6:
2a0a:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
53:fa:ad:1a:e0:a0:8c:d6:b7:97:00:83:9f:83:20:62:62:f1:
f9:36:36:4e:3d:c5:5b:88:f5:11:ff:3b:68:93:71:02:ba:da:
b7:ed:6a:bc:4d:d2:51:3f:19:aa:0d:ab:f2:a4:18:fa:b1:3c:
56:11:bb:41:9d:2d:5f:6d:0d:15:5d:2f:ea:0a:24:0d:f0:cc:
9b:b0:bc:4b:ec:15:86:c0:6e:7b:05:f3:92:db:d0:93:68:5b:
cd:00:45:0e:c9:68:b3:90:ce:c7:55:6f:4d:f6:38:3b:f6:5b:
a1:f1:bc:1a:61:ce:60:48:6d:63:07:b9:6e:ff:28:c8:3a:26:
4b:f0:df:1e:6e:76:24:bd:8b:f2:f0:78:44:38:f9:4d:05:85:
8a:f7:ba:c4:2d:18:13:1b:7d:2f:ef:41:c6:4f:68:f6:42:08:
77:47:b0:9e:8c:3a:bc:56:7d:b8:1f:44:12:d3:8c:c9:2f:f2:
10:9a:fd:e2:b0:fe:63:ba:36:b6:45:05:d1:75:e4:1e:4c:9c:
e5:bc:e9:2a:bd:a5:3c:cf:fc:38:86:7f:12:df:39:2a:23:b3:
2f:5b:d6:84:6d:0c:47:86:39:91:6a:54:58:e8:ec:fd:83:c0:
5f:e0:38:53:21:1b:9b:e8:c1:f0:14:e1:5a:af:95:8e:62:7e:
40:c9:f5:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHkysB3T4Y1quSituy1xrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzI2MDAyOGNkMmFiMWQwZTQzNzc0ZjQ0MDRkZWNkMjdh
ZWYzY2MwHhcNMjQwMTAyMDAyOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYwNWVkY2E3NDMxMzQ4N2E0NDEzNTVlOTZiMzY3ZTIzMDgxYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlzrINLdHUwwLPld1RjM1EamP/EZ
0jsA2pLu/qYOoXYa0s0AjRkzqzgzxRrkYoEfIPlwmT5QXT0bGVo2vxmeEJcztNiC
O0fKKwO4pV5WlhSj8x2nAWTQQRx2ZqLUhGeUZRe4as82ZifwtzFOQPUyb00ZpQfo
mdX/VNih1NWhw1VC3yOqt9ZdRBdG+EvOpvLzNJXxEw7MZlMksU3ZRIH3jnZeNiwz
40/56Kns6+nFlJj4iAnPLLedtrSbzTTYbnHLqIk/Jnmhe/FaPYMr5ob5cgW6VD+j
tmdSgUn8ps6vpnvLa+T0CcT+iEmCsP4qNA9n7eLrgI50fw5EMH9/pIFiBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJTwXtynQxNIekQTVelrNn4jCBvxMB8GA1UdIwQY
MBaAFO3CYAKM0qsdDkN3T0QE3s0nrvPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmIt
ZmRjMjU4Mzc3MzAxLzEvbFBCZTNLZERFMGg2UkJOVjZXczJmaU1JR19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTUyYjYtMzM2Zi00NjY4LWJhZmItZmRjMjU4Mzc3MzAx
LzEvN2NKZ0FvelNxeDBPUTNkUFJBVGV6U2V1ODh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaWkMA0E
AgACMAcDBQMqCj4AMA0GCSqGSIb3DQEBCwUAA4IBAQBT+q0a4KCM1reXAIOfgyBi
YvH5NjZOPcVbiPUR/ztok3ECutq37Wq8TdJRPxmqDavypBj6sTxWEbtBnS1fbQ0V
XS/qCiQN8MybsLxL7BWGwG57BfOS29CTaFvNAEUOyWizkM7HVW9N9jg79luh8bwa
Yc5gSG1jB7lu/yjIOiZL8N8ebnYkvYvy8HhEOPlNBYWK97rELRgTG30v70HGT2j2
Qgh3R7CejDq8Vn24H0QS04zJL/IQmv3isP5juja2RQXRdeQeTJzlvOkqvaU8z/w4
hn8S3zkqI7MvW9aEbQxHhjmRalRY6Oz9g8Bf4DhTIRub6MHwFOFar5WOYn5AyfU1
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:15 2024 by rpki-client on console-fra.rpki-client.org