Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/lUdO9ObCQ4SaKu9Mfa2WKd2DOQc.roa
File: lUdO9ObCQ4SaKu9Mfa2WKd2DOQc.roa (raw, json)
Hash identifier: YMkSZOU0nkPS8Xjzz+VE69Fx5J3tG3kKpPXCqdxJWbs=
Subject key identifier: 95:47:4E:F4:E6:C2:43:84:9A:2A:EF:4C:7D:AD:96:29:DD:83:39:07
Certificate issuer: /CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Certificate serial: 018CC7936896585CDB39BF291B6D71929DA1
Authority key identifier: FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/lUdO9ObCQ4SaKu9Mfa2WKd2DOQc.roa
Signing time: Tue 02 Jan 2024 00:29:35 +0000
ROA not before: Tue 02 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196810
IP address blocks: 185.15.200.0/22 maxlen: 22
185.213.204.0/22 maxlen: 22
89.207.232.0/21 maxlen: 25
194.104.86.0/23 maxlen: 23
185.170.16.0/22 maxlen: 22
194.104.2.0/23 maxlen: 23
178.23.168.0/21 maxlen: 25
185.224.40.0/22 maxlen: 22
2a02:ab40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/_VPDr_MeJ9KhvE2bPudbuKm1eDg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/_VPDr_MeJ9KhvE2bPudbuKm1eDg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 09:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:68:96:58:5c:db:39:bf:29:1b:6d:71:92:9d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Validity
Not Before: Jan 2 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95474ef4e6c243849a2aef4c7dad9629dd833907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1d:09:f2:85:d8:1f:76:4d:83:30:01:43:7e:
e8:25:e5:34:72:27:e9:b6:2c:72:00:a3:c2:56:76:
f1:59:8e:14:73:28:48:90:4c:8e:e3:6a:92:1b:fe:
21:51:cd:37:37:6b:fd:e6:da:e3:79:b9:41:a5:36:
bb:b9:39:8d:0d:c5:c1:43:6e:4e:09:25:30:a1:06:
3c:e8:8f:91:5c:5c:84:78:22:4d:56:62:a1:dc:20:
38:17:5a:43:c5:e1:a8:53:d8:6f:5a:13:f0:17:eb:
6a:14:d7:7b:ae:fa:b8:d0:1a:1b:5c:2b:43:eb:19:
0d:f3:11:14:d8:06:67:c6:31:d3:6e:f7:13:7e:0e:
c7:f4:b9:64:74:1f:fe:98:2f:e9:84:16:5a:54:02:
0c:a5:3d:0c:3e:14:d4:55:d5:23:61:e4:57:56:7a:
d6:e0:5a:2f:44:10:47:e7:80:49:91:53:b3:3a:82:
e4:e6:22:51:33:cb:61:38:e3:25:17:96:e6:6a:82:
a8:1a:a1:af:31:ce:25:cd:44:4e:15:3f:cc:7e:c5:
66:a0:73:18:ec:a0:b7:34:e0:c3:88:c0:58:ae:f5:
02:1d:10:6c:17:28:df:d1:24:12:34:8d:38:f9:c0:
a1:8b:7f:f3:83:ac:16:c5:b5:78:9c:38:e9:d2:01:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:4E:F4:E6:C2:43:84:9A:2A:EF:4C:7D:AD:96:29:DD:83:39:07
X509v3 Authority Key Identifier:
keyid:FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/lUdO9ObCQ4SaKu9Mfa2WKd2DOQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/_VPDr_MeJ9KhvE2bPudbuKm1eDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.232.0/21
178.23.168.0/21
185.15.200.0/22
185.170.16.0/22
185.213.204.0/22
185.224.40.0/22
194.104.2.0/23
194.104.86.0/23
IPv6:
2a02:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:a8:81:50:ff:fc:aa:35:ee:34:4c:7a:62:42:14:3d:45:07:
fa:5a:04:07:a1:13:e1:ee:2b:53:91:b8:54:cf:2b:94:ad:34:
ee:9d:d4:8d:4d:63:92:76:36:a8:4b:9b:e0:e3:b7:61:c8:2e:
e0:85:40:8c:6e:45:2f:0d:b4:1b:d8:1c:e1:9c:94:52:c4:27:
9a:8d:dc:d6:4a:93:ec:88:8f:c3:87:8c:85:ff:35:2b:3a:e5:
d3:c9:b8:99:a2:e2:04:02:4f:4e:dd:e1:6b:cf:7a:ca:7a:dc:
fa:37:f7:2f:ea:5d:03:61:13:4e:c6:c1:3f:8e:29:82:16:82:
68:84:54:56:14:c2:ef:60:ad:ca:63:8c:6f:4e:64:4d:7a:b3:
8c:6c:2f:0c:bf:52:88:6f:36:94:54:b4:09:d7:c0:7b:ae:da:
02:7b:d2:43:c7:54:7d:75:59:cc:4f:ba:fb:7c:43:54:f7:0c:
e4:6b:bc:07:a6:5d:d9:0b:19:49:14:6a:cb:47:37:36:35:fa:
e1:50:ba:50:96:d3:0e:98:3f:54:28:89:80:2b:96:92:67:92:
9e:67:a4:66:ce:51:25:fe:63:1e:a4:2a:26:75:c6:d3:2d:e3:
be:1f:69:2a:76:22:80:c4:20:ec:6b:0a:4f:6f:4c:a9:5d:15:
2a:ec:c3:68
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzHk2iWWFzbOb8pG21xkp2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTNjM2FmZjMxZTI3ZDJhMWJjNGQ5YjNlZTc1YmI4YTli
NTc4MzgwHhcNMjQwMTAyMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ3NGVmNGU2YzI0Mzg0OWEyYWVmNGM3ZGFkOTYyOWRkODMzOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx0J8oXYH3ZNgzABQ37oJeU0cifp
tixyAKPCVnbxWY4UcyhIkEyO42qSG/4hUc03N2v95trjeblBpTa7uTmNDcXBQ25O
CSUwoQY86I+RXFyEeCJNVmKh3CA4F1pDxeGoU9hvWhPwF+tqFNd7rvq40BobXCtD
6xkN8xEU2AZnxjHTbvcTfg7H9LlkdB/+mC/phBZaVAIMpT0MPhTUVdUjYeRXVnrW
4FovRBBH54BJkVOzOoLk5iJRM8thOOMlF5bmaoKoGqGvMc4lzUROFT/MfsVmoHMY
7KC3NODDiMBYrvUCHRBsFyjf0SQSNI04+cChi3/zg6wWxbV4nDjp0gEpeQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJVHTvTmwkOEmirvTH2tlindgzkHMB8GA1UdIwQY
MBaAFP1Tw6/zHifSobxNmz7nW7iptXg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQt
NTZkYmZmMTRlZTA1LzEvbFVkTzlPYkNRNFNhS3U5TWZhMldLZDJET1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQtNTZkYmZmMTRlZTA1
LzEvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDWc/oAwQD
sheoAwQCuQ/IAwQCuaoQAwQCudXMAwQCueAoAwQBwmgCAwQBwmhWMA0EAgACMAcD
BQMqAqtAMA0GCSqGSIb3DQEBCwUAA4IBAQBbqIFQ//yqNe40THpiQhQ9RQf6WgQH
oRPh7itTkbhUzyuUrTTundSNTWOSdjaoS5vg47dhyC7ghUCMbkUvDbQb2BzhnJRS
xCeajdzWSpPsiI/Dh4yF/zUrOuXTybiZouIEAk9O3eFrz3rKetz6N/cv6l0DYRNO
xsE/jimCFoJohFRWFMLvYK3KY4xvTmRNerOMbC8Mv1KIbzaUVLQJ18B7rtoCe9JD
x1R9dVnMT7r7fENU9wzka7wHpl3ZCxlJFGrLRzc2NfrhULpQltMOmD9UKImAK5aS
Z5KeZ6RmzlEl/mMepComdcbTLeO+H2kqdiKAxCDsawpPb0ypXRUq7MNo
-----END CERTIFICATE-----
Generated at Wed Nov 27 17:16:39 2024 by rpki-client on console-fra.rpki-client.org