Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/llIXoFlQO2GRcBLYHFOyIKnQqAo.roa
File: llIXoFlQO2GRcBLYHFOyIKnQqAo.roa (raw, json)
Hash identifier: wXm+3q9ilDz9LQxjzYjtzGFCBKeC3s9tHhp3o93W8Us=
Subject key identifier: 96:52:17:A0:59:50:3B:61:91:70:12:D8:1C:53:B2:20:A9:D0:A8:0A
Certificate issuer: /CN=09a9e2ee8bcea6d5b919c4a33d26d9bbf982a843
Certificate serial: 018CC79524518F622454D52F3F4E5E5E87A3
Authority key identifier: 09:A9:E2:EE:8B:CE:A6:D5:B9:19:C4:A3:3D:26:D9:BB:F9:82:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cani7ovOptW5GcSjPSbZu_mCqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/llIXoFlQO2GRcBLYHFOyIKnQqAo.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201505
IP address blocks: 86.48.60.0/22 maxlen: 22
86.58.216.0/21 maxlen: 21
185.187.144.0/22 maxlen: 22
2a13:2540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/Cani7ovOptW5GcSjPSbZu_mCqEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/Cani7ovOptW5GcSjPSbZu_mCqEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cani7ovOptW5GcSjPSbZu_mCqEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 17:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:24:51:8f:62:24:54:d5:2f:3f:4e:5e:5e:87:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a9e2ee8bcea6d5b919c4a33d26d9bbf982a843
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=965217a059503b61917012d81c53b220a9d0a80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:39:01:d9:78:fe:ee:b8:22:23:3c:de:3d:37:
43:82:bf:e2:32:98:1e:89:e0:2f:c3:b6:4b:aa:10:
2a:7a:ae:84:3e:82:be:cd:83:b6:cd:cc:c9:50:d2:
f2:5f:32:41:88:98:d8:4d:33:20:8d:41:bc:c3:ec:
60:b7:cf:87:67:ab:a2:4a:e4:6c:d0:7c:64:36:01:
49:8e:a8:fe:3a:24:4f:a1:dd:2d:5c:36:80:b5:00:
8e:1a:ca:3a:b6:bc:54:ae:f1:fc:d2:72:01:1b:57:
f5:3d:93:14:59:47:4d:04:65:48:d3:c4:90:e7:a8:
37:d0:47:2b:5c:55:23:79:a8:fa:11:89:15:3a:49:
c6:2e:fa:8e:5b:8e:e3:cb:b9:59:33:47:23:13:f7:
79:85:7b:3c:52:a2:38:80:47:43:51:61:c3:79:c4:
7d:6f:60:16:85:37:ab:be:26:71:27:86:c9:e8:83:
6c:0c:ee:b1:33:ed:db:fc:32:41:b8:42:04:b5:13:
3d:9f:5a:cb:ba:35:92:62:de:b5:94:92:3a:9a:26:
af:a3:c0:b9:0c:0c:b6:df:ed:88:83:af:91:fe:3c:
6b:7a:7e:40:55:50:35:7b:f6:59:e5:92:65:a6:ca:
ee:e5:69:d8:90:d9:46:17:7d:83:8b:65:ff:0f:0a:
12:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:52:17:A0:59:50:3B:61:91:70:12:D8:1C:53:B2:20:A9:D0:A8:0A
X509v3 Authority Key Identifier:
keyid:09:A9:E2:EE:8B:CE:A6:D5:B9:19:C4:A3:3D:26:D9:BB:F9:82:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cani7ovOptW5GcSjPSbZu_mCqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/llIXoFlQO2GRcBLYHFOyIKnQqAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/58d15b-9f02-42c4-b02d-a01eea65fd33/1/Cani7ovOptW5GcSjPSbZu_mCqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.60.0/22
86.58.216.0/21
185.187.144.0/22
IPv6:
2a13:2540::/29
Signature Algorithm: sha256WithRSAEncryption
5f:75:ce:20:e9:4c:88:fd:7a:49:c9:f3:e1:7a:b4:20:89:0c:
88:1a:84:39:63:44:49:95:47:20:d5:44:ff:ae:f6:34:a6:1e:
2e:4c:12:53:f4:d8:cd:40:c5:77:14:93:9c:c2:d2:8e:5c:25:
cb:82:b9:12:47:d3:8f:56:20:8a:be:e6:ba:af:01:93:27:95:
4f:6d:53:75:68:ea:d4:12:ba:0f:4d:3e:6c:42:c4:5a:68:e6:
ff:b6:59:51:01:f6:92:a9:d6:19:d3:d7:3f:da:55:64:c9:49:
85:cc:2e:47:69:46:42:12:3f:17:e5:92:cd:63:53:13:ec:9e:
d9:ae:8c:7e:6f:02:a6:d0:29:24:38:8b:4e:30:f3:ea:46:d8:
c6:c7:ad:1b:c2:76:fc:52:e3:fe:84:6f:d3:01:89:2d:c9:e6:
d6:7d:44:ef:77:e3:de:96:98:b3:f9:c0:f3:f3:a2:8f:b2:29:
ed:6e:5c:b3:5a:c5:17:be:b5:fc:d9:f1:af:27:e2:d4:0c:ba:
31:87:f2:6d:21:92:b7:b3:11:11:bd:28:9a:59:4d:05:d7:73:
29:95:41:e1:85:f7:be:7e:c4:6c:28:fc:7c:ad:f3:24:19:b4:
b8:1d:3e:fa:14:b3:b9:e8:4d:6b:d9:43:48:37:91:39:3d:8f:
cf:c0:be:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlSRRj2IkVNUvP05eXoejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YTllMmVlOGJjZWE2ZDViOTE5YzRhMzNkMjZkOWJiZjk4
MmE4NDMwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUyMTdhMDU5NTAzYjYxOTE3MDEyZDgxYzUzYjIyMGE5ZDBhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TkB2Xj+7rgiIzzePTdDgr/iMpge
ieAvw7ZLqhAqeq6EPoK+zYO2zczJUNLyXzJBiJjYTTMgjUG8w+xgt8+HZ6uiSuRs
0HxkNgFJjqj+OiRPod0tXDaAtQCOGso6trxUrvH80nIBG1f1PZMUWUdNBGVI08SQ
56g30EcrXFUjeaj6EYkVOknGLvqOW47jy7lZM0cjE/d5hXs8UqI4gEdDUWHDecR9
b2AWhTerviZxJ4bJ6INsDO6xM+3b/DJBuEIEtRM9n1rLujWSYt61lJI6miavo8C5
DAy23+2Ig6+R/jxren5AVVA1e/ZZ5ZJlpsru5WnYkNlGF32Di2X/DwoSewIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJZSF6BZUDthkXAS2BxTsiCp0KgKMB8GA1UdIwQY
MBaAFAmp4u6LzqbVuRnEoz0m2bv5gqhDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FuaTdvdk9wdFc1R2NTalBTYlp1X21DcUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81OGQxNWItOWYwMi00MmM0LWIwMmQt
YTAxZWVhNjVmZDMzLzEvbGxJWG9GbFFPMkdSY0JMWUhGT3lJS25RcUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81OGQxNWItOWYwMi00MmM0LWIwMmQtYTAxZWVhNjVmZDMz
LzEvQ2FuaTdvdk9wdFc1R2NTalBTYlp1X21DcUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVjA8AwQD
VjrYAwQCubuQMA0EAgACMAcDBQMqEyVAMA0GCSqGSIb3DQEBCwUAA4IBAQBfdc4g
6UyI/XpJyfPherQgiQyIGoQ5Y0RJlUcg1UT/rvY0ph4uTBJT9NjNQMV3FJOcwtKO
XCXLgrkSR9OPViCKvua6rwGTJ5VPbVN1aOrUEroPTT5sQsRaaOb/tllRAfaSqdYZ
09c/2lVkyUmFzC5HaUZCEj8X5ZLNY1MT7J7Zrox+bwKm0CkkOItOMPPqRtjGx60b
wnb8UuP+hG/TAYktyebWfUTvd+Pelpiz+cDz86KPsintblyzWsUXvrX82fGvJ+LU
DLoxh/JtIZK3sxERvSiaWU0F13MplUHhhfe+fsRsKPx8rfMkGbS4HT76FLO56E1r
2UNIN5E5PY/PwL5S
-----END CERTIFICATE-----
Generated at Wed May 22 01:09:19 2024 by rpki-client on console-fra.rpki-client.org