Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/v11vx5UYJDiDhoEOurqN2FXV82g.roa
File: v11vx5UYJDiDhoEOurqN2FXV82g.roa (raw, json)
Hash identifier: asGwA7us9LMKC4EjvyGb/mouuZj7R3XOpSm/C+OeORg=
Subject key identifier: BF:5D:6F:C7:95:18:24:38:83:86:81:0E:BA:BA:8D:D8:55:D5:F3:68
Certificate issuer: /CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Certificate serial: 018F61C6E86C5D7B0B21AD0CEFA51AA631CB
Authority key identifier: 2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/v11vx5UYJDiDhoEOurqN2FXV82g.roa
Signing time: Fri 10 May 2024 09:12:56 +0000
ROA not before: Fri 10 May 2024 09:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29545
IP address blocks: 86.111.32.0/21 maxlen: 21
86.111.36.0/24 maxlen: 24
86.111.37.0/24 maxlen: 24
86.111.38.0/24 maxlen: 24
86.111.39.0/24 maxlen: 24
86.111.40.0/22 maxlen: 22
86.111.40.0/24 maxlen: 24
86.111.41.0/24 maxlen: 24
86.111.50.0/23 maxlen: 23
86.111.50.0/24 maxlen: 24
213.163.229.0/24 maxlen: 24
213.163.232.0/24 maxlen: 24
213.163.233.0/24 maxlen: 24
213.163.236.0/23 maxlen: 23
213.163.238.0/24 maxlen: 24
213.163.242.0/23 maxlen: 23
213.163.244.0/23 maxlen: 23
213.163.248.0/23 maxlen: 23
213.163.254.0/24 maxlen: 24
2a00:1f88::/32 maxlen: 32
2a00:1f88:a402::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/LgojFvTptYqlLe7lx9H0uER27IY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/LgojFvTptYqlLe7lx9H0uER27IY.mft
rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:c6:e8:6c:5d:7b:0b:21:ad:0c:ef:a5:1a:a6:31:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a2316f4e9b58aa52deee5c7d1f4b84476ec86
Validity
Not Before: May 10 09:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf5d6fc7951824388386810ebaba8dd855d5f368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:94:ed:8a:73:12:18:dc:71:0c:e0:8a:88:fd:
2b:ff:0f:f2:d8:2e:bf:b1:55:fb:66:d2:bf:bb:eb:
ef:cf:55:5c:d7:c5:3d:d9:47:6d:6b:13:9c:da:82:
13:47:9a:4b:fb:33:10:f1:63:36:cf:b7:09:75:4d:
31:52:b4:4b:53:e4:07:5d:eb:d0:48:ea:a0:b4:2b:
11:30:96:18:09:be:0d:00:ba:7d:b0:d5:b0:93:17:
bd:1e:30:dc:c4:0a:2d:08:69:34:f5:d5:92:a0:9a:
6d:4b:4f:8f:38:99:72:bd:7c:22:49:b9:b7:6a:e2:
53:66:bd:dc:c6:aa:0e:d0:34:00:a7:6c:5b:74:f7:
0e:7c:4d:f2:24:d5:60:26:cb:7f:73:88:eb:1f:43:
19:40:94:f1:45:5b:be:66:36:9b:af:f4:54:f3:10:
59:a5:04:55:94:2c:d0:5e:40:89:05:8b:ce:e2:34:
82:b8:98:5d:ad:85:a7:26:93:8f:23:c8:34:38:31:
41:33:5e:e2:39:dc:78:a8:aa:2b:b0:b8:52:a3:aa:
db:eb:58:23:36:5c:52:62:d2:d2:71:44:b6:1a:3e:
7a:67:33:e9:60:8a:42:1d:13:83:41:d6:4e:95:26:
c5:86:34:38:cd:7f:00:97:10:7d:db:46:db:e3:38:
58:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5D:6F:C7:95:18:24:38:83:86:81:0E:BA:BA:8D:D8:55:D5:F3:68
X509v3 Authority Key Identifier:
keyid:2E:0A:23:16:F4:E9:B5:8A:A5:2D:EE:E5:C7:D1:F4:B8:44:76:EC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgojFvTptYqlLe7lx9H0uER27IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/v11vx5UYJDiDhoEOurqN2FXV82g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c45811-75ba-4dd7-a421-f36d9ee346d4/1/LgojFvTptYqlLe7lx9H0uER27IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.32.0-86.111.43.255
86.111.50.0/23
213.163.229.0/24
213.163.232.0/23
213.163.236.0-213.163.238.255
213.163.242.0-213.163.245.255
213.163.248.0/23
213.163.254.0/24
IPv6:
2a00:1f88::/32
Signature Algorithm: sha256WithRSAEncryption
4d:bc:f5:91:ad:9f:1e:89:c7:9d:40:8d:fc:b6:6b:ec:95:da:
28:18:10:ff:18:f9:8c:81:e1:9d:46:05:ac:6b:72:e8:9a:2d:
99:80:a8:b2:51:06:0e:30:cf:cb:2d:46:7b:c2:ae:90:c1:46:
92:6f:88:09:06:57:bf:b8:cc:4f:5c:58:54:6b:a4:13:ef:8c:
3a:0e:da:06:47:e8:aa:21:02:19:23:a9:ce:84:de:61:fa:8a:
c6:e3:a8:14:dc:7c:69:20:07:74:6e:a2:9a:e0:a6:7a:4d:11:
8e:45:9d:b9:2b:2b:d7:47:df:00:51:ac:ea:2e:fe:4c:14:60:
bb:83:64:68:96:4a:13:fe:ca:17:4c:c6:b8:21:8d:df:50:6d:
d1:57:4b:f6:d2:a6:6e:e8:50:3d:b9:7f:c3:ce:96:b7:58:d1:
f8:db:bf:73:a4:ee:cf:da:50:13:61:ce:4e:b5:6f:48:d4:2b:
87:fc:14:2b:a2:d6:7c:83:7a:68:fc:9c:e0:3e:d2:21:27:4d:
25:f6:9d:67:69:4c:fe:e5:ad:a4:db:9f:c7:55:7d:76:40:2b:
fa:69:8e:e3:b8:16:1f:23:60:3e:4b:be:d9:5f:b4:0f:8d:95:
b1:8b:fe:d9:c1:74:f9:5b:ea:f6:ad:af:0b:1f:f0:ac:a1:63:
22:a9:d0:0e
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY9hxuhsXXsLIa0M76UapjHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGEyMzE2ZjRlOWI1OGFhNTJkZWVlNWM3ZDFmNGI4NDQ3
NmVjODYwHhcNMjQwNTEwMDkxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjVkNmZjNzk1MTgyNDM4ODM4NjgxMGViYWJhOGRkODU1ZDVmMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15TtinMSGNxxDOCKiP0r/w/y2C6/
sVX7ZtK/u+vvz1Vc18U92UdtaxOc2oITR5pL+zMQ8WM2z7cJdU0xUrRLU+QHXevQ
SOqgtCsRMJYYCb4NALp9sNWwkxe9HjDcxAotCGk09dWSoJptS0+POJlyvXwiSbm3
auJTZr3cxqoO0DQAp2xbdPcOfE3yJNVgJst/c4jrH0MZQJTxRVu+Zjabr/RU8xBZ
pQRVlCzQXkCJBYvO4jSCuJhdrYWnJpOPI8g0ODFBM17iOdx4qKorsLhSo6rb61gj
NlxSYtLScUS2Gj56ZzPpYIpCHRODQdZOlSbFhjQ4zX8AlxB920bb4zhYVwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFL9db8eVGCQ4g4aBDrq6jdhV1fNoMB8GA1UdIwQY
MBaAFC4KIxb06bWKpS3u5cfR9LhEduyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEt
ZjM2ZDllZTM0NmQ0LzEvdjExdng1VVlKRGlEaG9FT3VycU4yRlhWODJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jNDU4MTEtNzViYS00ZGQ3LWE0MjEtZjM2ZDllZTM0NmQ0
LzEvTGdvakZ2VHB0WXFsTGU3bHg5SDB1RVIyN0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIMAwDBAVWbyAD
BAJWbygDBAFWbzIDBADVo+UDBAHVo+gwDAMEAtWj7AMEANWj7jAMAwQB1aPyAwQB
1aP0AwQB1aP4AwQA1aP+MA0EAgACMAcDBQAqAB+IMA0GCSqGSIb3DQEBCwUAA4IB
AQBNvPWRrZ8eicedQI38tmvsldooGBD/GPmMgeGdRgWsa3Lomi2ZgKiyUQYOMM/L
LUZ7wq6QwUaSb4gJBle/uMxPXFhUa6QT74w6DtoGR+iqIQIZI6nOhN5h+orG46gU
3HxpIAd0bqKa4KZ6TRGORZ25KyvXR98AUazqLv5MFGC7g2RolkoT/soXTMa4IY3f
UG3RV0v20qZu6FA9uX/Dzpa3WNH4279zpO7P2lATYc5OtW9I1CuH/BQrotZ8g3po
/JzgPtIhJ00l9p1naUz+5a2k25/HVX12QCv6aY7juBYfI2A+S77ZX7QPjZWxi/7Z
wXT5W+r2ra8LH/CsoWMiqdAO
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:54:19 2024 by rpki-client on console-fra.rpki-client.org