Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/LIVwmscXGLD9-GF_7qYEqBKhN88.roa
File: LIVwmscXGLD9-GF_7qYEqBKhN88.roa (raw, json)
Hash identifier: 405iMr3rTR4chngPBzSQchNOw7z/vEy/JtB1QzLXy80=
Subject key identifier: 2C:85:70:9A:C7:17:18:B0:FD:F8:61:7F:EE:A6:04:A8:12:A1:37:CF
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 019340B3432AFA6DD3D70F4CDECEDE737876
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/LIVwmscXGLD9-GF_7qYEqBKhN88.roa
Signing time: Mon 18 Nov 2024 19:15:10 +0000
ROA not before: Mon 18 Nov 2024 19:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 45.83.200.0/22 maxlen: 22
185.114.158.0/24 maxlen: 24
185.114.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:b3:43:2a:fa:6d:d3:d7:0f:4c:de:ce:de:73:78:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Nov 18 19:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c85709ac71718b0fdf8617feea604a812a137cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:84:47:b4:80:92:a1:7e:08:af:54:7f:85:
10:11:7b:6a:29:75:40:19:c7:9f:51:d5:ad:fa:41:
53:38:88:0b:d9:e7:2f:2c:62:9b:9f:fd:15:56:67:
bb:09:d7:4a:e5:47:55:ae:7c:ed:2f:00:9c:99:a3:
70:ca:34:a5:b9:36:0d:a5:a3:d7:6d:30:97:da:8c:
28:a0:73:19:33:2b:74:85:b5:81:f6:04:47:28:8a:
a0:64:d3:2b:1f:08:3d:2c:72:63:e3:6c:b9:fb:16:
14:43:96:2d:e5:e8:34:38:0b:35:46:eb:3c:63:b9:
0b:24:d0:bd:1d:b3:99:ab:33:8d:ee:61:09:60:41:
52:b5:00:9b:52:f0:0d:a2:a1:8a:4b:02:61:51:12:
28:3e:ff:d1:8e:b9:60:9a:3d:ed:3d:5d:5d:04:61:
b2:75:75:d6:72:49:57:06:b3:28:10:45:7f:26:87:
cc:1b:d6:1f:bc:6a:da:c3:1e:aa:d9:b2:80:80:cb:
6d:28:3b:0f:1d:df:7e:bb:76:c1:12:01:42:2e:73:
ce:42:6e:e1:ba:93:d0:75:30:8a:11:70:5b:03:7c:
56:d0:29:4e:2f:be:8f:63:3c:a5:f6:3e:35:f8:5a:
b7:74:d9:cd:33:05:ca:aa:01:3c:8a:50:96:31:6d:
ec:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:70:9A:C7:17:18:B0:FD:F8:61:7F:EE:A6:04:A8:12:A1:37:CF
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/LIVwmscXGLD9-GF_7qYEqBKhN88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.158.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:ae:39:0e:07:82:5b:b2:49:eb:b4:38:db:e5:15:2e:ad:23:
2f:8a:09:90:f1:e2:36:65:04:02:26:7f:c1:46:14:b8:2f:d9:
7f:09:ab:4a:65:65:b9:c7:46:d1:76:2d:29:64:bb:af:a8:bb:
2d:54:5b:ef:74:27:ce:c6:21:1a:8c:76:97:cc:e8:08:27:2e:
9a:58:b1:e5:8c:dd:8f:64:f9:2d:f1:06:27:2f:ef:d6:3b:45:
9a:fb:fc:05:cc:7d:b5:5e:f1:af:c5:0c:a1:2a:04:a8:d3:69:
c8:2b:71:47:06:66:a3:ae:1d:bb:dc:50:f8:1d:b5:c2:0c:33:
f1:87:96:5e:a9:29:17:3c:93:32:08:d4:6a:e2:0c:a0:f8:d4:
85:7e:8f:c2:a3:69:39:67:5f:3d:e8:40:54:ba:16:e5:b6:59:
fd:25:4d:93:70:76:e7:b1:f3:47:7e:2d:85:7e:4c:0d:24:39:
94:bd:63:c7:63:2f:b8:29:d3:e6:71:7e:c6:3a:e4:9f:20:78:
d5:4c:50:a1:83:4b:b5:93:89:a0:c9:08:cb:67:32:81:fa:86:
38:22:ce:e3:1e:2f:b1:c4:b0:05:d9:e3:19:ed:8c:c7:b1:aa:
0a:93:f6:39:1b:89:d3:b2:ae:04:95:55:d7:ed:83:89:9e:c4:
3d:88:7e:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNAs0Mq+m3T1w9M3s7ec3h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQxMTE4MTkxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg1NzA5YWM3MTcxOGIwZmRmODYxN2ZlZWE2MDRhODEyYTEzN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8iER7SAkqF+CK9Uf4UQEXtqKXVA
GcefUdWt+kFTOIgL2ecvLGKbn/0VVme7CddK5UdVrnztLwCcmaNwyjSluTYNpaPX
bTCX2owooHMZMyt0hbWB9gRHKIqgZNMrHwg9LHJj42y5+xYUQ5Yt5eg0OAs1Rus8
Y7kLJNC9HbOZqzON7mEJYEFStQCbUvANoqGKSwJhURIoPv/Rjrlgmj3tPV1dBGGy
dXXWcklXBrMoEEV/JofMG9YfvGrawx6q2bKAgMttKDsPHd9+u3bBEgFCLnPOQm7h
upPQdTCKEXBbA3xW0ClOL76PYzyl9j41+Fq3dNnNMwXKqgE8ilCWMW3shQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCyFcJrHFxiw/fhhf+6mBKgSoTfPMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvTElWd21zY1hHTEQ5LUdGXzdxWUVxQktoTjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVPIAwQB
uXKeMA0GCSqGSIb3DQEBCwUAA4IBAQB+rjkOB4JbsknrtDjb5RUurSMvigmQ8eI2
ZQQCJn/BRhS4L9l/CatKZWW5x0bRdi0pZLuvqLstVFvvdCfOxiEajHaXzOgIJy6a
WLHljN2PZPkt8QYnL+/WO0Wa+/wFzH21XvGvxQyhKgSo02nIK3FHBmajrh273FD4
HbXCDDPxh5ZeqSkXPJMyCNRq4gyg+NSFfo/Co2k5Z1896EBUuhbltln9JU2TcHbn
sfNHfi2FfkwNJDmUvWPHYy+4KdPmcX7GOuSfIHjVTFChg0u1k4mgyQjLZzKB+oY4
Is7jHi+xxLAF2eMZ7YzHsaoKk/Y5G4nTsq4ElVXX7YOJnsQ9iH4z
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:32:25 2024 by rpki-client on console-ams.rpki-client.org