Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/LCFa7d0hRmIBhg7NQVRXijM0iSs.roa
File: LCFa7d0hRmIBhg7NQVRXijM0iSs.roa (raw, json)
Hash identifier: PJtyFwmRneGdEJI+x5VUpJpebDD4P0nA87oyAYQmazE=
Subject key identifier: 2C:21:5A:ED:DD:21:46:62:01:86:0E:CD:41:54:57:8A:33:34:89:2B
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018EA2F89A397480BDF69BE7BA861BEBB932
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/LCFa7d0hRmIBhg7NQVRXijM0iSs.roa
Signing time: Wed 03 Apr 2024 07:59:45 +0000
ROA not before: Wed 03 Apr 2024 07:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
62.131.0.0/16 maxlen: 16
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.136.192.0/18 maxlen: 18
82.168.0.0/15 maxlen: 15
82.170.0.0/16 maxlen: 16
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
188.142.0.0/17 maxlen: 17
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.197.0.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:f8:9a:39:74:80:bd:f6:9b:e7:ba:86:1b:eb:b9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Apr 3 07:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c215aeddd21466201860ecd4154578a3334892b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:30:85:c2:78:77:e0:74:c4:96:f1:88:5c:53:
53:1c:f1:43:b2:0c:90:68:74:da:76:ec:51:7f:48:
ae:91:e7:61:0c:ec:77:48:6e:61:cb:95:a9:b9:bb:
2b:85:4c:23:bc:ce:dd:77:97:d9:3e:c8:57:3f:44:
b6:3c:b5:89:d0:98:87:1f:42:34:97:d3:94:34:f8:
4a:9d:c3:8a:11:9b:e4:34:10:16:a0:28:ad:bb:32:
6d:61:a9:2d:4d:aa:9a:4f:1d:ac:11:95:4d:f3:a8:
67:3d:e4:19:f9:05:ac:4e:7d:42:b3:21:6d:da:08:
a0:84:4c:13:80:32:b7:5f:59:55:5a:b5:d8:0b:d4:
38:b4:b7:cc:7d:7c:bb:61:0b:16:58:67:a9:ff:29:
bd:6b:12:fe:0e:e8:a9:0e:7e:10:fd:41:6e:66:72:
d1:c9:b1:9f:59:d7:31:a0:96:5e:7c:55:a4:0d:fc:
f8:9a:d1:32:20:fe:a2:41:f2:87:5d:6c:38:f8:f6:
1e:c0:cf:ca:a3:b5:82:13:a9:d9:62:99:ab:79:72:
72:b5:e7:c3:9f:e7:70:af:12:5a:76:a2:97:88:30:
e4:c7:f5:70:cf:45:46:59:2a:1f:61:e7:c3:c6:53:
47:73:4a:85:9c:d5:31:5d:8e:a3:2d:fc:94:2b:d8:
7e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:21:5A:ED:DD:21:46:62:01:86:0E:CD:41:54:57:8A:33:34:89:2B
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/LCFa7d0hRmIBhg7NQVRXijM0iSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0-82.170.255.255
84.80.0.0/16
84.82.0.0-84.87.255.255
85.113.224.0/19
86.80.0.0-86.90.255.255
86.92.0.0/14
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.84.0.0/16
213.197.0.0/18
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
78:cb:cf:41:d5:bf:c5:fe:da:e8:57:10:1f:9d:59:dc:24:d1:
3d:81:31:d5:d5:94:5a:71:ac:b7:96:66:95:08:f8:72:a2:57:
e8:4a:38:d5:5d:1e:25:25:58:bf:c9:6d:ed:f1:6e:0e:dc:b0:
8a:3e:cb:8f:31:45:b2:e3:06:57:21:b6:4c:d1:84:02:4b:1e:
3a:4b:5a:81:cb:e8:c1:24:53:ae:53:4a:8c:52:39:bc:c4:79:
74:6b:04:7d:2a:33:36:70:3c:85:84:2a:45:7d:27:d8:c4:c8:
bb:39:0f:8d:02:39:6b:6a:a5:c2:23:2c:f8:8a:23:fe:d1:58:
05:e3:31:68:19:71:3e:be:3e:da:22:f1:d7:02:6a:af:8d:8b:
e7:ab:06:c5:00:3c:01:bd:03:52:fc:f9:c2:a3:9d:b6:32:f3:
71:e4:ad:da:18:61:1b:92:c4:c8:dd:0a:43:4d:df:59:b4:c9:
c7:14:95:e5:2e:48:0f:99:12:6e:b2:07:c9:14:50:0c:c3:f1:
46:12:b7:9c:62:92:8e:f7:4c:ee:fc:fd:38:e8:41:d2:b3:dd:
d8:00:e3:60:99:08:7c:13:e7:32:c2:95:4d:ca:73:c8:5f:bf:
b0:c8:f8:ba:fa:9b:3b:b2:63:99:79:09:84:32:d7:56:13:78:
6a:5a:46:0a
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY6i+Jo5dIC99pvnuoYb67kyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwNDAzMDc1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzIxNWFlZGRkMjE0NjYyMDE4NjBlY2Q0MTU0NTc4YTMzMzQ4OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TCFwnh34HTElvGIXFNTHPFDsgyQ
aHTaduxRf0iukedhDOx3SG5hy5WpubsrhUwjvM7dd5fZPshXP0S2PLWJ0JiHH0I0
l9OUNPhKncOKEZvkNBAWoCituzJtYaktTaqaTx2sEZVN86hnPeQZ+QWsTn1CsyFt
2gighEwTgDK3X1lVWrXYC9Q4tLfMfXy7YQsWWGep/ym9axL+DuipDn4Q/UFuZnLR
ybGfWdcxoJZefFWkDfz4mtEyIP6iQfKHXWw4+PYewM/Ko7WCE6nZYpmreXJytefD
n+dwrxJadqKXiDDkx/Vwz0VGWSofYefDxlNHc0qFnNUxXY6jLfyUK9h+eQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCwhWu3dIUZiAYYOzUFUV4ozNIkrMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvTENGYTdkMGhSbUlCaGc3TlFWUlhpak0waVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBkgQCAAEwgYsDBAcl
+wADAwA+gwMEBz77AAMDBE2gAwMBUDwDAwJRzAMEBlKIwDAKAwMDUqgDAwBSqgMD
AFRQMAoDAwFUUgMDA1RQAwQFVXHgMAoDAwRWUAMDAFZaAwMCVlwDAwBYnwMEB7yO
AAMDAcPwAwQG1HuAAwQG1LaAAwMA1O4DAwDVCgMDANVUAwQG1cUAMA0EAgACMAcD
BQcqAqQAMA0GCSqGSIb3DQEBCwUAA4IBAQB4y89B1b/F/troVxAfnVncJNE9gTHV
1ZRacay3lmaVCPhyolfoSjjVXR4lJVi/yW3t8W4O3LCKPsuPMUWy4wZXIbZM0YQC
Sx46S1qBy+jBJFOuU0qMUjm8xHl0awR9KjM2cDyFhCpFfSfYxMi7OQ+NAjlraqXC
Iyz4iiP+0VgF4zFoGXE+vj7aIvHXAmqvjYvnqwbFADwBvQNS/PnCo522MvNx5K3a
GGEbksTI3QpDTd9ZtMnHFJXlLkgPmRJusgfJFFAMw/FGErecYpKO90zu/P046EHS
s93YAONgmQh8E+cywpVNynPIX7+wyPi6+ps7smOZeQmEMtdWE3hqWkYK
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:49:30 2024 by rpki-client on console-ams.rpki-client.org