Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/ljRLFUNQbVQjBBx8QYNbnOij7Ao.roa
File: ljRLFUNQbVQjBBx8QYNbnOij7Ao.roa (raw, json)
Hash identifier: tdZhlGYlhzJ+Ocu5nU8c7K0jWByKiIHNIevyo9VB49o=
Subject key identifier: 96:34:4B:15:43:50:6D:54:23:04:1C:7C:41:83:5B:9C:E8:A3:EC:0A
Certificate issuer: /CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Certificate serial: 018CC492DF29471C8B54393F10A7EBBFA4C9
Authority key identifier: B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/ljRLFUNQbVQjBBx8QYNbnOij7Ao.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29050
IP address blocks: 46.182.152.0/21 maxlen: 24
185.14.76.0/22 maxlen: 24
213.243.192.0/18 maxlen: 24
5.43.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:df:29:47:1c:8b:54:39:3f:10:a7:eb:bf:a4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96344b1543506d5423041c7c41835b9ce8a3ec0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:a2:f6:ca:ba:c8:51:55:15:29:3c:eb:89:
d6:b2:77:b5:b3:a6:86:aa:8d:c2:14:5d:59:6f:bf:
e6:a6:19:b3:71:83:1c:db:71:88:92:4f:41:75:32:
f6:23:97:58:76:1a:cd:ed:3b:be:be:ea:68:e1:c6:
97:b9:0e:d0:8d:6a:1e:41:c8:b4:2a:e7:93:66:71:
5a:36:cb:85:3a:55:b8:cc:4e:df:87:0b:a5:83:25:
1e:1c:b3:8e:08:0d:90:fa:21:3c:85:83:af:a5:49:
4e:d7:a8:d0:6b:e6:dd:ca:cf:64:5e:65:a6:0a:44:
f1:bf:7a:24:f8:f4:d5:a2:a9:63:ed:08:df:f8:f6:
25:d0:41:18:62:1c:e1:26:54:45:b8:94:d6:92:21:
5f:06:2f:5a:c1:51:65:e6:91:0f:0f:6b:df:20:f0:
31:9c:74:eb:fc:ad:10:6c:33:b6:e3:05:9e:c4:5e:
d1:a3:2b:da:4a:28:61:03:d4:5c:e0:54:4c:ca:91:
4e:61:91:d2:03:00:0f:07:69:2e:e3:65:73:6b:70:
dc:fa:17:a1:c9:89:74:54:8d:08:b8:38:39:e4:29:
67:5c:ad:ce:d4:7b:ea:04:14:a1:52:cf:21:89:e8:
b7:4a:40:3c:df:e4:d1:95:5d:d7:86:51:95:84:e9:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:34:4B:15:43:50:6D:54:23:04:1C:7C:41:83:5B:9C:E8:A3:EC:0A
X509v3 Authority Key Identifier:
keyid:B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/ljRLFUNQbVQjBBx8QYNbnOij7Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.232.0/21
46.182.152.0/21
185.14.76.0/22
213.243.192.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:3b:c8:c0:dc:e3:4e:fd:20:0a:10:b1:89:0f:8c:b1:f2:f5:
f7:df:fe:24:4d:54:94:2d:0c:6b:df:77:be:46:c2:e4:21:57:
8a:56:27:a1:38:46:25:0f:a7:1d:bf:da:fe:4b:1e:2f:8d:3d:
30:f0:93:5a:cd:47:28:4e:e8:70:0e:b8:52:bf:6d:49:4f:eb:
81:1e:d8:ba:cf:40:c3:62:ec:3b:d5:01:7b:e8:39:0d:9d:f3:
32:a5:18:0a:12:bf:6e:b5:6a:40:9b:c7:15:09:26:6a:65:86:
bb:5b:5b:91:9e:e7:5f:8e:57:29:59:b2:54:48:70:58:d7:00:
7e:e4:c9:6f:4c:ee:78:f7:02:e8:4f:39:3e:9b:cb:03:31:5c:
6b:26:74:f8:e5:c3:55:6d:fc:b6:8f:64:92:5b:d2:42:45:79:
26:6c:68:90:c0:cd:05:5f:94:9e:ed:a3:b8:04:a2:c2:70:32:
7a:d0:02:9e:75:2b:15:3d:90:95:95:6f:f3:6e:3a:c5:fc:a7:
19:70:9d:9c:e7:92:6c:be:5a:4a:ec:aa:03:88:56:e8:fb:e8:
f1:7c:a0:aa:a7:9a:7f:d0:07:19:b2:dc:1e:e0:12:08:69:8d:
09:1e:c2:fd:19:65:73:cc:a9:03:7f:5c:78:b8:4d:96:11:4c:
17:eb:d3:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkt8pRxyLVDk/EKfrv6TJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODEwZDdjOWJmYzU4YjllMGExZTU5MTY5YzNkZDMyMmRl
OWY3MzcwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM0NGIxNTQzNTA2ZDU0MjMwNDFjN2M0MTgzNWI5Y2U4YTNlYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOKi9sq6yFFVFSk864nWsne1s6aG
qo3CFF1Zb7/mphmzcYMc23GIkk9BdTL2I5dYdhrN7Tu+vupo4caXuQ7QjWoeQci0
KueTZnFaNsuFOlW4zE7fhwulgyUeHLOOCA2Q+iE8hYOvpUlO16jQa+bdys9kXmWm
CkTxv3ok+PTVoqlj7Qjf+PYl0EEYYhzhJlRFuJTWkiFfBi9awVFl5pEPD2vfIPAx
nHTr/K0QbDO24wWexF7RoyvaSihhA9Rc4FRMypFOYZHSAwAPB2ku42Vza3Dc+heh
yYl0VI0IuDg55ClnXK3O1HvqBBShUs8hiei3SkA83+TRlV3XhlGVhOkNMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJY0SxVDUG1UIwQcfEGDW5zoo+wKMB8GA1UdIwQY
MBaAFLSBDXyb/Fi54KHlkWnD3TIt6fc3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMt
MmE2MzQwMmJlYzY2LzEvbGpSTEZVTlFiVlFqQkJ4OFFZTmJuT2lqN0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMtMmE2MzQwMmJlYzY2
LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSvoAwQD
LraYAwQCuQ5MAwQG1fPAMA0GCSqGSIb3DQEBCwUAA4IBAQBcO8jA3ONO/SAKELGJ
D4yx8vX33/4kTVSULQxr33e+RsLkIVeKViehOEYlD6cdv9r+Sx4vjT0w8JNazUco
TuhwDrhSv21JT+uBHti6z0DDYuw71QF76DkNnfMypRgKEr9utWpAm8cVCSZqZYa7
W1uRnudfjlcpWbJUSHBY1wB+5MlvTO549wLoTzk+m8sDMVxrJnT45cNVbfy2j2SS
W9JCRXkmbGiQwM0FX5Se7aO4BKLCcDJ60AKedSsVPZCVlW/zbjrF/KcZcJ2c55Js
vlpK7KoDiFbo++jxfKCqp5p/0AcZstwe4BIIaY0JHsL9GWVzzKkDf1x4uE2WEUwX
69OY
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:20:19 2024 by rpki-client on console-fra.rpki-client.org