Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lJ1PoCWVm-1_iRMMNNGzUT8M10I.roa
File: lJ1PoCWVm-1_iRMMNNGzUT8M10I.roa (raw, json)
Hash identifier: /NCSeOPecSjepfg0DUg1cfBtoEB+0Pb8FlfNGIFIPjc=
Subject key identifier: 94:9D:4F:A0:25:95:9B:ED:7F:89:13:0C:34:D1:B3:51:3F:0C:D7:42
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018E76DAABF455CB9BE47AE3435E3D538C81
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lJ1PoCWVm-1_iRMMNNGzUT8M10I.roa
Signing time: Mon 25 Mar 2024 18:23:46 +0000
ROA not before: Mon 25 Mar 2024 18:23:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.58.99.0/24 maxlen: 24
91.240.33.0/24 maxlen: 24
109.196.104.0/24 maxlen: 24
109.196.105.0/24 maxlen: 24
109.196.106.0/24 maxlen: 24
109.196.107.0/24 maxlen: 24
109.196.108.0/24 maxlen: 24
109.196.109.0/24 maxlen: 24
109.196.110.0/24 maxlen: 24
109.196.111.0/24 maxlen: 24
176.101.56.0/24 maxlen: 24
176.101.57.0/24 maxlen: 24
176.101.58.0/24 maxlen: 24
176.101.59.0/24 maxlen: 24
176.101.60.0/24 maxlen: 24
176.101.61.0/24 maxlen: 24
176.101.62.0/24 maxlen: 24
176.101.63.0/24 maxlen: 24
213.109.108.0/24 maxlen: 24
213.109.109.0/24 maxlen: 24
213.109.110.0/24 maxlen: 24
213.109.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:da:ab:f4:55:cb:9b:e4:7a:e3:43:5e:3d:53:8c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Mar 25 18:23:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=949d4fa025959bed7f89130c34d1b3513f0cd742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d3:2c:5e:08:c0:42:ad:13:4f:99:45:a3:09:
ef:42:b4:ec:43:45:f1:07:da:af:35:9a:f9:e4:7f:
20:48:05:8c:0c:81:8f:cf:40:91:45:30:45:cb:c8:
b0:07:60:c7:67:ee:6e:35:2c:59:71:22:c0:78:d4:
f7:b5:2d:d5:73:52:3d:14:72:3e:b6:76:51:9a:44:
b9:ea:00:bf:07:21:3a:be:33:72:89:03:56:30:25:
32:83:00:20:d9:f7:70:0e:06:0e:bd:96:9e:cf:28:
d7:fd:e3:2c:33:2c:4c:7b:87:2f:69:a3:f9:81:34:
28:0a:cd:59:07:4c:e5:a6:92:7b:b6:da:82:23:b7:
82:1b:ee:c5:74:31:00:b5:58:8e:28:ed:fc:f5:fe:
08:03:28:66:d6:cc:5e:7b:96:a6:ab:72:0c:cf:de:
c6:14:ed:0f:9c:48:a8:0f:5b:41:57:bf:4f:be:e9:
23:3e:48:3d:42:85:75:fb:ae:f4:e6:ab:90:c9:89:
fc:79:36:a0:2b:7d:a4:b3:3a:e6:c7:d4:4b:f6:dc:
ae:d9:45:f1:10:4a:af:aa:ac:3e:61:12:a0:6e:37:
f0:bf:44:e0:27:cd:fd:b6:ac:92:09:8d:75:da:6b:
ce:7d:e0:46:74:43:5a:e1:76:e6:69:0a:1e:7e:b5:
66:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9D:4F:A0:25:95:9B:ED:7F:89:13:0C:34:D1:B3:51:3F:0C:D7:42
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lJ1PoCWVm-1_iRMMNNGzUT8M10I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.99.0/24
91.240.33.0/24
109.196.104.0/21
176.101.56.0/21
213.109.108.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:e3:ab:24:a6:cb:fc:97:d9:a4:74:c9:98:c4:60:d4:c0:a0:
1d:df:9a:f8:bd:b3:3f:06:90:a5:f1:5f:b6:29:bd:8d:ee:00:
f7:02:58:b0:e0:24:59:3c:b5:d7:a4:a1:53:fd:db:65:2f:8b:
4c:aa:ce:42:58:d7:84:8a:79:b5:f4:be:58:f5:84:45:40:17:
e1:01:8f:2d:61:18:79:74:40:c7:9d:92:54:a7:54:e5:25:78:
dd:5f:6c:2e:ff:a9:ba:be:dc:51:50:7f:a0:35:82:b6:e7:ed:
e7:eb:75:e3:dc:f1:48:37:7d:52:13:75:6e:1c:ca:59:73:7c:
1a:14:d9:e8:d0:d2:53:31:d8:92:6b:31:62:26:e7:cd:fa:34:
c6:d4:5c:0c:86:5a:2a:ed:2b:34:d6:4a:73:0d:2b:8c:4b:fc:
5f:6a:58:e2:af:0d:94:4e:e3:2d:c5:b9:be:fb:b5:73:ad:dd:
e6:fd:d4:41:1e:00:ac:a5:e1:eb:3e:4a:c7:bf:d7:77:a1:04:
7c:6b:45:e3:35:0d:57:3e:43:16:bc:d2:37:a5:9c:08:36:27:
e2:68:66:03:87:d7:6c:ad:d0:33:a2:98:13:70:a1:80:3e:79:
a6:bf:8b:f3:64:23:bb:04:df:2a:f4:4e:c3:57:81:be:42:5e:
fb:4e:65:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY522qv0Vcub5HrjQ149U4yBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMzI1MTgyMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDlkNGZhMDI1OTU5YmVkN2Y4OTEzMGMzNGQxYjM1MTNmMGNkNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdMsXgjAQq0TT5lFownvQrTsQ0Xx
B9qvNZr55H8gSAWMDIGPz0CRRTBFy8iwB2DHZ+5uNSxZcSLAeNT3tS3Vc1I9FHI+
tnZRmkS56gC/ByE6vjNyiQNWMCUygwAg2fdwDgYOvZaezyjX/eMsMyxMe4cvaaP5
gTQoCs1ZB0zlppJ7ttqCI7eCG+7FdDEAtViOKO389f4IAyhm1sxee5amq3IMz97G
FO0PnEioD1tBV79PvukjPkg9QoV1+6705quQyYn8eTagK32kszrmx9RL9tyu2UXx
EEqvqqw+YRKgbjfwv0TgJ839tqySCY112mvOfeBGdENa4XbmaQoefrVmMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJSdT6AllZvtf4kTDDTRs1E/DNdCMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvbEoxUG9DV1ZtLTFfaVJNTU5OR3pVVDhNMTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjpjAwQA
W/AhAwQDbcRoAwQDsGU4AwQC1W1sMA0GCSqGSIb3DQEBCwUAA4IBAQCq46skpsv8
l9mkdMmYxGDUwKAd35r4vbM/BpCl8V+2Kb2N7gD3Aliw4CRZPLXXpKFT/dtlL4tM
qs5CWNeEinm19L5Y9YRFQBfhAY8tYRh5dEDHnZJUp1TlJXjdX2wu/6m6vtxRUH+g
NYK25+3n63Xj3PFIN31SE3VuHMpZc3waFNno0NJTMdiSazFiJufN+jTG1FwMhloq
7Ss01kpzDSuMS/xfaljirw2UTuMtxbm++7Vzrd3m/dRBHgCspeHrPkrHv9d3oQR8
a0XjNQ1XPkMWvNI3pZwINifiaGYDh9dsrdAzopgTcKGAPnmmv4vzZCO7BN8q9E7D
V4G+Ql77TmX8
-----END CERTIFICATE-----
Generated at Tue Jun 4 04:11:43 2024 by rpki-client on console-ams.rpki-client.org