Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/YfnqqpQxd0sVF1nYw5J-Dm4c5rE.roa
File: YfnqqpQxd0sVF1nYw5J-Dm4c5rE.roa (raw, json)
Hash identifier: oLF4fcqQSXz4+YsKmC1WGt/AZHnnhMfyH7ZM4kSwF+Y=
Subject key identifier: 61:F9:EA:AA:94:31:77:4B:15:17:59:D8:C3:92:7E:0E:6E:1C:E6:B1
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 018DB31E9370112375A6C8FF620CFB344146
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/YfnqqpQxd0sVF1nYw5J-Dm4c5rE.roa
Signing time: Fri 16 Feb 2024 18:12:21 +0000
ROA not before: Fri 16 Feb 2024 18:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29447
IP address blocks: 78.208.0.0/12 maxlen: 12
78.208.0.0/17 maxlen: 17
78.208.128.0/17 maxlen: 17
78.209.0.0/17 maxlen: 17
78.209.128.0/17 maxlen: 17
78.210.0.0/17 maxlen: 17
78.210.128.0/17 maxlen: 17
78.211.0.0/17 maxlen: 17
78.211.128.0/17 maxlen: 17
81.56.0.0/15 maxlen: 17
2a01:e09::/32 maxlen: 32
2a01:e10::/30 maxlen: 30
2a01:e11::/32 maxlen: 32
2a01:e11::/36 maxlen: 36
2a01:e11:1000::/36 maxlen: 36
2a01:e11:2000::/36 maxlen: 36
2a01:e11:3000::/36 maxlen: 36
2a01:e11:4000::/36 maxlen: 36
2a01:e11:5000::/36 maxlen: 36
2a01:e11:6000::/36 maxlen: 36
2a01:e11:7000::/36 maxlen: 36
2a01:e11:8000::/36 maxlen: 36
2a01:e11:9000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:1e:93:70:11:23:75:a6:c8:ff:62:0c:fb:34:41:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Feb 16 18:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f9eaaa9431774b151759d8c3927e0e6e1ce6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:65:ea:8e:4e:4f:16:1b:dc:fa:dd:6e:28:65:
be:17:e3:e4:f3:c0:f0:ba:32:2d:c9:98:af:b5:e6:
c4:15:cd:39:14:3a:91:32:ff:92:b5:56:88:6d:66:
af:b6:11:14:f9:b5:d8:09:df:3d:aa:43:19:89:e2:
66:97:f1:36:18:36:47:d6:91:4f:c3:e0:8f:db:61:
a3:3f:0b:42:c7:c3:e7:dd:69:37:51:6a:7c:97:ef:
80:40:b6:09:e5:7b:20:ef:67:b3:13:57:90:e2:73:
e0:09:65:47:05:3b:91:bf:a7:c8:00:cc:3a:ab:c0:
c1:ce:8f:41:f2:f5:9a:de:54:30:43:66:e4:13:20:
e2:dc:da:aa:7a:d0:cd:b0:7e:fe:35:d4:2e:0a:b4:
ec:ab:57:cd:99:43:8f:28:bf:9e:c2:0f:9e:85:01:
0b:42:4c:f1:6e:f9:58:22:d7:25:c6:4a:ca:51:5b:
fb:09:84:49:13:19:a2:9b:94:04:02:cd:a3:a6:92:
f3:33:75:dc:71:49:e2:4a:bf:60:43:4c:39:af:52:
68:1f:50:0f:26:e8:fd:e6:ac:84:1f:20:3a:1b:28:
f4:a3:fa:b0:4b:3e:21:b5:fc:2a:b8:32:3c:38:93:
c2:ca:61:0e:2a:37:bd:7e:37:b0:5a:ae:ed:76:06:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F9:EA:AA:94:31:77:4B:15:17:59:D8:C3:92:7E:0E:6E:1C:E6:B1
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/YfnqqpQxd0sVF1nYw5J-Dm4c5rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.208.0.0/12
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
47:5c:e5:a7:60:53:58:49:70:35:de:63:90:06:8f:cb:4d:dc:
83:f7:f9:f2:4f:c5:24:28:f4:37:91:ce:0c:27:df:e4:3b:be:
b3:1e:10:4f:b0:dc:17:d8:24:d6:0a:48:16:b4:f8:01:31:bb:
05:6b:fc:60:c9:fc:b0:06:aa:d6:b6:bc:f4:06:ff:d3:d5:4d:
a6:0d:bd:ac:5b:4a:db:b8:4f:a9:9a:51:ff:ca:33:2d:3e:49:
25:66:81:44:c7:b7:d0:8e:5b:33:47:6f:fa:ce:4f:d3:44:4b:
7e:b2:3b:1d:a3:37:3a:a8:78:02:bb:8e:14:62:68:57:f5:93:
0f:e7:f3:ab:ce:6d:6a:4c:53:95:e1:b4:d0:04:14:7c:db:f1:
5b:5a:78:34:d8:3a:0e:ad:5e:55:f3:59:67:4d:b1:31:c0:10:
62:7a:9d:45:1e:c9:20:7e:d4:e3:bd:0c:7d:57:83:56:69:35:
0f:d5:93:e6:66:54:40:7e:29:84:b0:23:8f:1b:c1:4d:a0:d2:
ce:4f:0a:df:2c:7e:8e:16:e9:da:9c:46:22:f8:18:da:a6:a7:
d2:57:f3:65:b0:ff:0d:14:5d:dc:29:26:dd:25:7d:34:6d:a8:
01:0f:fd:69:9b:c3:39:04:62:d7:bc:10:83:e8:65:75:50:8f:
11:32:8f:2a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2zHpNwESN1psj/Ygz7NEFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjQwMjE2MTgxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY5ZWFhYTk0MzE3NzRiMTUxNzU5ZDhjMzkyN2UwZTZlMWNlNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2Xqjk5PFhvc+t1uKGW+F+Pk88Dw
ujItyZivtebEFc05FDqRMv+StVaIbWavthEU+bXYCd89qkMZieJml/E2GDZH1pFP
w+CP22GjPwtCx8Pn3Wk3UWp8l++AQLYJ5Xsg72ezE1eQ4nPgCWVHBTuRv6fIAMw6
q8DBzo9B8vWa3lQwQ2bkEyDi3NqqetDNsH7+NdQuCrTsq1fNmUOPKL+ewg+ehQEL
QkzxbvlYItclxkrKUVv7CYRJExmim5QEAs2jppLzM3XccUniSr9gQ0w5r1JoH1AP
Juj95qyEHyA6Gyj0o/qwSz4htfwquDI8OJPCymEOKje9fjewWq7tdgYAtwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGH56qqUMXdLFRdZ2MOSfg5uHOaxMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvWWZucXFwUXhkMHNWRjFuWXc1Si1EbTRjNXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAQBAIAATAKAwMETtADAwFR
ODAUBAIAAjAOAwUAKgEOCQMFAioBDhAwDQYJKoZIhvcNAQELBQADggEBAEdc5adg
U1hJcDXeY5AGj8tN3IP3+fJPxSQo9DeRzgwn3+Q7vrMeEE+w3BfYJNYKSBa0+AEx
uwVr/GDJ/LAGqta2vPQG/9PVTaYNvaxbStu4T6maUf/KMy0+SSVmgUTHt9COWzNH
b/rOT9NES36yOx2jNzqoeAK7jhRiaFf1kw/n86vObWpMU5XhtNAEFHzb8VtaeDTY
Og6tXlXzWWdNsTHAEGJ6nUUeySB+1OO9DH1Xg1ZpNQ/Vk+ZmVEB+KYSwI48bwU2g
0s5PCt8sfo4W6dqcRiL4GNqmp9JX82Ww/w0UXdwpJt0lfTRtqAEP/WmbwzkEYte8
EIPoZXVQjxEyjyo=
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:37:56 2024 by rpki-client on console-ams.rpki-client.org