Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/LUQHwGZaXukUrxOpjNqDLJv2Ek0.roa
File: LUQHwGZaXukUrxOpjNqDLJv2Ek0.roa (raw, json)
Hash identifier: UBHlflp4DZkDXd6w/yYwP4JneZHgUqXIii5XfFdzwNE=
Subject key identifier: 2D:44:07:C0:66:5A:5E:E9:14:AF:13:A9:8C:DA:83:2C:9B:F6:12:4D
Certificate issuer: /CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Certificate serial: 018CC9BC98D56BB40CB7B281B16E0BE8D3C0
Authority key identifier: E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/LUQHwGZaXukUrxOpjNqDLJv2Ek0.roa
Signing time: Tue 02 Jan 2024 10:33:49 +0000
ROA not before: Tue 02 Jan 2024 10:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42514
IP address blocks: 46.22.240.0/20 maxlen: 20
95.141.176.0/20 maxlen: 20
178.17.128.0/20 maxlen: 20
89.232.180.0/22 maxlen: 22
213.166.76.0/22 maxlen: 22
128.204.160.0/19 maxlen: 19
185.12.84.0/22 maxlen: 22
94.102.16.0/20 maxlen: 20
2a02:2648::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:98:d5:6b:b4:0c:b7:b2:81:b1:6e:0b:e8:d3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Validity
Not Before: Jan 2 10:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d4407c0665a5ee914af13a98cda832c9bf6124d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8b:48:87:b6:51:70:39:4f:b2:33:eb:1b:a0:
a0:2c:04:66:97:5e:83:f1:b1:27:9a:7a:45:52:4f:
0b:24:58:44:57:49:6f:f5:52:fd:ff:f2:6f:b8:11:
53:b2:46:63:4a:c1:62:ca:33:f5:5e:9a:75:95:30:
81:4f:7f:a3:61:89:71:22:c2:af:11:36:a4:70:3d:
13:3a:a1:f0:53:1a:ad:72:77:6d:37:3a:d2:18:24:
fc:b4:90:06:10:62:27:45:dc:d4:4b:46:55:93:eb:
61:6b:1c:ed:f9:77:5c:c2:51:23:5e:45:8c:5b:93:
66:23:b5:99:50:f1:6b:23:cb:42:f4:9a:b5:44:7b:
09:dc:65:8b:07:a6:ad:fb:09:9e:ac:7a:d3:57:d4:
8f:0c:55:47:ae:32:ce:8d:b7:26:f2:2b:e9:7d:a4:
2b:da:df:21:b7:d1:4a:b6:1f:9c:14:c5:9b:fb:f7:
7c:bf:4d:0c:58:3f:f4:1d:0d:e1:7e:a0:e8:8b:44:
9e:ea:0c:4d:ae:71:8d:fd:da:f9:ad:a1:45:9b:48:
f2:7e:20:6b:ce:6c:68:87:b3:88:6a:b0:e6:90:b8:
08:ae:72:cc:84:24:c3:69:60:35:f7:9c:cb:8a:1e:
58:22:5e:5c:8c:b2:e6:5c:d3:60:1d:eb:46:6f:59:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:44:07:C0:66:5A:5E:E9:14:AF:13:A9:8C:DA:83:2C:9B:F6:12:4D
X509v3 Authority Key Identifier:
keyid:E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/LUQHwGZaXukUrxOpjNqDLJv2Ek0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.240.0/20
89.232.180.0/22
94.102.16.0/20
95.141.176.0/20
128.204.160.0/19
178.17.128.0/20
185.12.84.0/22
213.166.76.0/22
IPv6:
2a02:2648::/29
Signature Algorithm: sha256WithRSAEncryption
8c:fc:fa:b9:dc:59:91:bc:97:39:49:9c:f1:2d:5c:f8:6e:5d:
d9:8f:b7:ca:f2:fa:d1:99:a3:1f:4a:ab:e4:7a:de:23:a7:70:
25:6f:b0:c8:bb:c5:02:da:81:9c:8f:15:93:70:e1:dd:74:fb:
d3:a4:6e:c3:1f:b4:db:5f:68:27:0a:98:b7:38:26:2d:80:b6:
8c:f4:d5:1e:da:15:6d:50:e5:24:c0:a6:ed:0d:5e:b1:bc:b7:
80:a7:14:13:fa:c4:04:46:7b:5e:a7:3f:07:64:35:ce:7b:56:
60:fd:99:9b:37:47:08:ae:0b:29:f3:fa:e3:55:5e:9f:17:fd:
a9:0d:c3:5a:32:92:91:4f:98:b3:f7:8e:49:84:4a:94:91:ed:
a4:e6:6b:61:35:09:57:e2:8e:20:b8:05:a9:4e:a5:6c:7a:d7:
7c:fa:3a:9a:69:d9:32:f8:4c:53:79:9b:f6:29:2c:29:b1:be:
a0:25:54:df:8b:d1:cc:c0:0c:65:03:82:68:67:e4:52:cd:ba:
31:c3:8b:be:70:de:de:0a:e7:81:92:53:66:78:d0:fd:db:88:
42:81:8b:ad:d2:ae:cf:0a:48:84:6f:1d:c6:45:4a:17:88:bf:
96:64:87:02:c1:57:66:15:7f:92:46:3f:b8:86:a0:66:ce:9e:
ce:e2:5b:78
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzJvJjVa7QMt7KBsW4L6NPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTZjNDMzNjQwMDNlYzNmN2Y3YzZlYTgxNTdiOGE1MGY0
NDBlY2MwHhcNMjQwMTAyMTAzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ0MDdjMDY2NWE1ZWU5MTRhZjEzYTk4Y2RhODMyYzliZjYxMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYtIh7ZRcDlPsjPrG6CgLARml16D
8bEnmnpFUk8LJFhEV0lv9VL9//JvuBFTskZjSsFiyjP1Xpp1lTCBT3+jYYlxIsKv
ETakcD0TOqHwUxqtcndtNzrSGCT8tJAGEGInRdzUS0ZVk+thaxzt+XdcwlEjXkWM
W5NmI7WZUPFrI8tC9Jq1RHsJ3GWLB6at+wmerHrTV9SPDFVHrjLOjbcm8ivpfaQr
2t8ht9FKth+cFMWb+/d8v00MWD/0HQ3hfqDoi0Se6gxNrnGN/dr5raFFm0jyfiBr
zmxoh7OIarDmkLgIrnLMhCTDaWA195zLih5YIl5cjLLmXNNgHetGb1lw0wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFC1EB8BmWl7pFK8TqYzagyyb9hJNMB8GA1UdIwQY
MBaAFOCWxDNkAD7D9/fG6oFXuKUPRA7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2Ut
M2E4NWVlNGM4OWJjLzEvTFVRSHdHWmFYdWtVcnhPcGpOcURMSnYyRWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2UtM2E4NWVlNGM4OWJj
LzEvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELhbwAwQC
Wei0AwQEXmYQAwQEX42wAwQFgMygAwQEshGAAwQCuQxUAwQC1aZMMA0EAgACMAcD
BQMqAiZIMA0GCSqGSIb3DQEBCwUAA4IBAQCM/Pq53FmRvJc5SZzxLVz4bl3Zj7fK
8vrRmaMfSqvket4jp3Alb7DIu8UC2oGcjxWTcOHddPvTpG7DH7TbX2gnCpi3OCYt
gLaM9NUe2hVtUOUkwKbtDV6xvLeApxQT+sQERntepz8HZDXOe1Zg/ZmbN0cIrgsp
8/rjVV6fF/2pDcNaMpKRT5iz945JhEqUke2k5mthNQlX4o4guAWpTqVsetd8+jqa
adky+ExTeZv2KSwpsb6gJVTfi9HMwAxlA4JoZ+RSzboxw4u+cN7eCueBklNmeND9
24hCgYut0q7PCkiEbx3GRUoXiL+WZIcCwVdmFX+SRj+4hqBmzp7O4lt4
-----END CERTIFICATE-----
Generated at Wed May 15 19:24:03 2024 by rpki-client on console-fra.rpki-client.org