Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0tfJZOqij3G3jJDnqOhVbQHVvS8.roa
File: 0tfJZOqij3G3jJDnqOhVbQHVvS8.roa (raw, json)
Hash identifier: u/AcBt9Z9qCN9u97kiwOluJhOeZN/LzARs/xaHswD00=
Subject key identifier: D2:D7:C9:64:EA:A2:8F:71:B7:8C:90:E7:A8:E8:55:6D:01:D5:BD:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EFAAA9D2AA17F1642AC5DDFE955036B3A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0tfJZOqij3G3jJDnqOhVbQHVvS8.roa
Signing time: Sat 20 Apr 2024 08:41:09 +0000
ROA not before: Sat 20 Apr 2024 08:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 80.76.51.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fa:aa:9d:2a:a1:7f:16:42:ac:5d:df:e9:55:03:6b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 20 08:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2d7c964eaa28f71b78c90e7a8e8556d01d5bd2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:85:ff:aa:8a:41:51:5a:41:2e:9b:5d:1b:4e:
81:e9:4f:7f:51:85:5f:62:58:ec:fe:c4:3c:6a:37:
18:78:89:4c:a1:d9:ad:65:77:f4:3c:8f:2c:d8:06:
a0:13:30:7c:ae:f7:df:cb:dd:b1:78:da:d3:2c:44:
31:30:75:f8:60:ac:2e:b8:7d:d7:b2:0c:8a:b3:7c:
d2:50:b6:94:4b:31:1d:70:92:f3:8d:f7:d2:07:4a:
e4:b0:17:bb:26:99:45:dc:00:6c:26:66:3c:24:b5:
11:58:1a:bf:a7:62:90:12:7b:3f:8e:3c:ad:a8:bd:
46:c1:00:ea:97:49:a4:82:f5:cc:d5:61:6e:5b:e9:
e2:e2:2f:9d:91:ac:e8:a1:a3:e0:62:e8:a2:d7:eb:
d1:42:c3:c0:8c:97:a0:13:c7:c4:3c:41:87:a0:d4:
ad:49:2f:f6:8c:ef:cf:fc:75:a5:b5:fe:08:bc:52:
4a:b3:ea:b0:da:21:4e:ff:c3:87:0d:af:e7:ab:76:
3d:25:ec:e4:e0:48:a4:6d:6b:b5:ce:bd:9d:b7:97:
3f:2b:7a:46:a3:e0:b0:1f:f9:6f:2f:4f:da:d8:e0:
4c:0d:43:1d:cb:53:9a:e6:b5:09:44:07:ac:c6:3f:
56:a5:da:ed:e9:3b:43:07:7e:8e:e2:97:fb:0e:ff:
4c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D7:C9:64:EA:A2:8F:71:B7:8C:90:E7:A8:E8:55:6D:01:D5:BD:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0tfJZOqij3G3jJDnqOhVbQHVvS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
141.98.7.0/24
185.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
13:a7:1f:f5:47:30:bb:9c:aa:4d:b3:ce:e8:87:ad:46:31:5e:
0b:50:f5:98:8d:ef:dc:1e:67:99:76:bc:f1:db:8d:92:c3:39:
f3:58:f1:02:2f:6b:33:ab:d6:cf:1d:23:5d:a9:e5:6e:73:19:
18:17:4f:bf:08:a6:fe:11:ca:bd:0b:9a:03:fd:91:0a:3d:97:
b2:ca:a5:f1:39:72:8a:80:eb:bf:61:00:cc:f4:87:32:89:b2:
a0:36:4a:0e:fa:35:59:8b:0d:67:6c:c7:60:cb:7a:62:fd:b8:
da:2e:d5:4d:43:fe:4c:64:05:e1:3c:a9:89:df:25:55:4a:df:
47:3f:95:55:81:a5:eb:7b:39:36:e0:23:aa:da:36:53:93:ca:
ab:78:2d:c2:b4:4e:34:d3:d2:89:4b:a5:69:e4:18:e3:b9:9a:
e5:05:34:c4:4b:5e:3d:d6:6c:09:e3:57:76:c1:cc:0f:e1:80:
11:2e:df:ea:39:0e:09:fc:21:b0:c3:dc:15:13:b1:06:af:9e:
4c:bb:b2:05:90:40:eb:af:3a:cb:7c:8a:f8:ff:9b:84:48:82:
10:d5:2c:cb:30:5f:21:92:1b:9c:52:be:32:e3:cc:de:16:29:
ef:1f:18:b2:19:b9:db:2a:bd:1e:f3:54:1f:c5:ba:6f:c2:0e:
1e:e0:85:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY76qp0qoX8WQqxd3+lVA2s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDIwMDg0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ3Yzk2NGVhYTI4ZjcxYjc4YzkwZTdhOGU4NTU2ZDAxZDViZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYX/qopBUVpBLptdG06B6U9/UYVf
Yljs/sQ8ajcYeIlModmtZXf0PI8s2AagEzB8rvffy92xeNrTLEQxMHX4YKwuuH3X
sgyKs3zSULaUSzEdcJLzjffSB0rksBe7JplF3ABsJmY8JLURWBq/p2KQEns/jjyt
qL1GwQDql0mkgvXM1WFuW+ni4i+dkazooaPgYuii1+vRQsPAjJegE8fEPEGHoNSt
SS/2jO/P/HWltf4IvFJKs+qw2iFO/8OHDa/nq3Y9Jezk4EikbWu1zr2dt5c/K3pG
o+CwH/lvL0/a2OBMDUMdy1Oa5rUJRAesxj9Wpdrt6TtDB36O4pf7Dv9M9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNLXyWTqoo9xt4yQ56joVW0B1b0vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMHRmSlpPcWlqM0czakpEbnFPaFZiUUhWdlM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEwzAwQA
jWIHAwQAudhHMA0GCSqGSIb3DQEBCwUAA4IBAQATpx/1RzC7nKpNs87oh61GMV4L
UPWYje/cHmeZdrzx242SwznzWPECL2szq9bPHSNdqeVucxkYF0+/CKb+Ecq9C5oD
/ZEKPZeyyqXxOXKKgOu/YQDM9IcyibKgNkoO+jVZiw1nbMdgy3pi/bjaLtVNQ/5M
ZAXhPKmJ3yVVSt9HP5VVgaXrezk24COq2jZTk8qreC3CtE4009KJS6Vp5BjjuZrl
BTTES1491mwJ41d2wcwP4YARLt/qOQ4J/CGww9wVE7EGr55Mu7IFkEDrrzrLfIr4
/5uESIIQ1SzLMF8hkhucUr4y48zeFinvHxiyGbnbKr0e81Qfxbpvwg4e4IV1
-----END CERTIFICATE-----
Generated at Mon May 20 04:30:46 2024 by rpki-client on console-fra.rpki-client.org