Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ijLTeQsU1eNTxMJEikOhtOAd0eg.roa
File: ijLTeQsU1eNTxMJEikOhtOAd0eg.roa (raw, json)
Hash identifier: R1N90tN/jYkN1jkhWJdsRIjMd2mdlOpZ3SD5tuGZbqA=
Subject key identifier: 8A:32:D3:79:0B:14:D5:E3:53:C4:C2:44:8A:43:A1:B4:E0:1D:D1:E8
Certificate issuer: /CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Certificate serial: 018CC2DAE0039CECC58F66CEA9479BCF5472
Authority key identifier: 65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ijLTeQsU1eNTxMJEikOhtOAd0eg.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39591
IP address blocks: 77.94.240.0/21 maxlen: 24
79.143.212.0/23 maxlen: 24
79.143.208.0/20 maxlen: 24
79.143.208.0/22 maxlen: 24
79.143.215.0/24 maxlen: 24
79.143.214.0/24 maxlen: 24
79.143.216.0/21 maxlen: 24
185.3.104.0/22 maxlen: 24
2a00:1280::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ZdqE27TGoS08m44ht3MEVooD21A.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ZdqE27TGoS08m44ht3MEVooD21A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e0:03:9c:ec:c5:8f:66:ce:a9:47:9b:cf:54:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a32d3790b14d5e353c4c2448a43a1b4e01dd1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a9:d3:67:d9:14:70:3b:0e:8d:4b:bf:80:e6:
98:3c:af:ff:43:4f:14:1b:88:51:8f:d2:9e:89:2f:
ed:40:ab:68:79:23:8f:41:ed:2e:f3:0d:ae:16:90:
ba:2c:4c:4a:4c:28:77:be:43:f6:3a:e1:52:62:25:
26:f5:2f:d9:cc:c6:51:94:94:fd:50:f3:e0:ee:4f:
01:2a:38:39:b1:ab:cf:5b:d8:cd:85:81:78:18:f6:
89:31:14:8c:fe:47:ce:31:9d:c9:70:54:61:41:8c:
8d:af:8c:b6:f2:f0:d1:f6:64:35:d3:36:18:26:d9:
f0:c1:7d:33:9c:fe:f2:d8:29:9c:e5:49:84:bd:2a:
f4:f6:d0:d4:df:b5:d6:e8:52:f7:3b:15:be:d7:f2:
7a:cb:31:8c:54:97:cb:ef:91:85:6f:c1:eb:06:fe:
63:bd:d1:af:3e:9c:0b:9a:3f:9c:57:22:90:83:ce:
6f:e0:7a:7e:26:a5:3c:17:5b:3d:a3:0e:c9:d7:e7:
fc:e1:d7:08:62:3f:38:70:00:b2:1b:5c:59:95:0c:
40:2d:94:9c:8e:85:35:21:85:c8:10:e9:a5:69:51:
e3:8d:68:be:31:03:6c:06:f0:45:ef:c3:92:08:e8:
2f:32:05:85:a8:dc:e5:a1:92:ac:09:47:86:10:e3:
d6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:32:D3:79:0B:14:D5:E3:53:C4:C2:44:8A:43:A1:B4:E0:1D:D1:E8
X509v3 Authority Key Identifier:
keyid:65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ijLTeQsU1eNTxMJEikOhtOAd0eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ZdqE27TGoS08m44ht3MEVooD21A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.240.0/21
79.143.208.0/20
185.3.104.0/22
IPv6:
2a00:1280::/32
Signature Algorithm: sha256WithRSAEncryption
64:dc:b0:4c:9f:d4:fd:85:bc:e2:34:b6:78:7c:d3:31:f6:06:
d8:4f:53:a9:8e:cd:89:15:a4:1b:cd:b4:88:bc:9c:30:8d:48:
cd:ae:30:e9:fc:d5:1a:fe:47:34:c1:66:98:3d:16:d1:4c:e8:
d8:cc:5d:8e:05:ea:6c:13:71:09:45:1f:cf:17:b8:04:3f:89:
e1:2e:a9:f4:4f:96:47:77:76:91:71:1f:f1:0d:1b:32:c1:26:
79:c3:19:39:33:11:23:1a:43:20:a8:13:94:76:8e:ef:b2:f2:
bc:5e:19:af:d8:b6:32:63:35:86:2b:21:8c:28:c1:5a:41:4e:
36:90:8c:01:0d:ac:b8:35:79:82:2e:7e:ee:df:64:1a:53:01:
f4:45:3f:2d:1c:aa:fc:e2:87:96:09:e0:1d:13:3b:96:5b:6a:
56:6e:cd:c6:d8:39:86:be:3b:e5:cd:72:f7:38:cd:fe:92:a4:
9d:9f:86:cd:a8:22:0e:8c:cb:3a:3d:85:d1:15:79:86:62:6f:
f8:9b:07:e2:9a:80:6f:04:39:5d:96:6a:7e:76:3c:85:ca:97:
ee:51:2e:23:28:2c:6b:d5:e9:a1:00:48:38:43:cd:ab:5f:a4:
d2:e0:26:67:2e:10:30:ad:e5:60:01:cb:44:0e:5e:3a:a8:ca:
04:3e:27:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2uADnOzFj2bOqUebz1RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGE4NGRiYjRjNmExMmQzYzliOGUyMWI3NzMwNDU2OGEw
M2RiNTAwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTMyZDM3OTBiMTRkNWUzNTNjNGMyNDQ4YTQzYTFiNGUwMWRkMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKnTZ9kUcDsOjUu/gOaYPK//Q08U
G4hRj9KeiS/tQKtoeSOPQe0u8w2uFpC6LExKTCh3vkP2OuFSYiUm9S/ZzMZRlJT9
UPPg7k8BKjg5savPW9jNhYF4GPaJMRSM/kfOMZ3JcFRhQYyNr4y28vDR9mQ10zYY
JtnwwX0znP7y2Cmc5UmEvSr09tDU37XW6FL3OxW+1/J6yzGMVJfL75GFb8HrBv5j
vdGvPpwLmj+cVyKQg85v4Hp+JqU8F1s9ow7J1+f84dcIYj84cACyG1xZlQxALZSc
joU1IYXIEOmlaVHjjWi+MQNsBvBF78OSCOgvMgWFqNzloZKsCUeGEOPWQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIoy03kLFNXjU8TCRIpDobTgHdHoMB8GA1UdIwQY
MBaAFGXahNu0xqEtPJuOIbdzBFaKA9tQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRxRTI3VEdvUzA4bTQ0aHQzTUVWb29EMjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYjI2NWYtYmJiNi00OWQ4LTliMjkt
NTdiOTE3Y2U0NzY1LzEvaWpMVGVRc1UxZU5UeE1KRWlrT2h0T0FkMGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYjI2NWYtYmJiNi00OWQ4LTliMjktNTdiOTE3Y2U0NzY1
LzEvWmRxRTI3VEdvUzA4bTQ0aHQzTUVWb29EMjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTV7wAwQE
T4/QAwQCuQNoMA0EAgACMAcDBQAqABKAMA0GCSqGSIb3DQEBCwUAA4IBAQBk3LBM
n9T9hbziNLZ4fNMx9gbYT1Opjs2JFaQbzbSIvJwwjUjNrjDp/NUa/kc0wWaYPRbR
TOjYzF2OBepsE3EJRR/PF7gEP4nhLqn0T5ZHd3aRcR/xDRsywSZ5wxk5MxEjGkMg
qBOUdo7vsvK8Xhmv2LYyYzWGKyGMKMFaQU42kIwBDay4NXmCLn7u32QaUwH0RT8t
HKr84oeWCeAdEzuWW2pWbs3G2DmGvjvlzXL3OM3+kqSdn4bNqCIOjMs6PYXRFXmG
Ym/4mwfimoBvBDldlmp+djyFypfuUS4jKCxr1emhAEg4Q82rX6TS4CZnLhAwreVg
ActEDl46qMoEPidl
-----END CERTIFICATE-----
Generated at Sat Sep 28 15:56:49 2024 by rpki-client on console-fra.rpki-client.org