Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/j3m1Ic79b_Z5sqKCzQpl5hQERYA.roa
File: j3m1Ic79b_Z5sqKCzQpl5hQERYA.roa (raw, json)
Hash identifier: mw2jE4e1NTmSp1A+mBQ/gKtR/Gmp+fmeLUiesM/JXAs=
Subject key identifier: 8F:79:B5:21:CE:FD:6F:F6:79:B2:A2:82:CD:0A:65:E6:14:04:45:80
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 018CC26D54B10390C07261ADAC40E5F67929
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/j3m1Ic79b_Z5sqKCzQpl5hQERYA.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12312
IP address blocks: 212.172.0.0/16 maxlen: 16
195.78.160.0/19 maxlen: 19
194.162.0.0/16 maxlen: 16
80.83.96.0/20 maxlen: 20
62.144.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
194.112.16.0/20 maxlen: 20
62.246.0.0/16 maxlen: 16
195.52.0.0/16 maxlen: 23
195.63.0.0/16 maxlen: 16
62.26.0.0/15 maxlen: 23
185.210.52.0/22 maxlen: 22
195.185.0.0/16 maxlen: 16
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
2001:4090::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:54:b1:03:90:c0:72:61:ad:ac:40:e5:f6:79:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f79b521cefd6ff679b2a282cd0a65e614044580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:db:1a:0c:ee:86:18:5c:43:f0:03:3a:0f:
1a:99:4b:24:89:df:bd:b3:e3:8b:30:13:a1:5c:ae:
c1:da:40:63:8b:ec:cc:08:92:86:65:4f:27:60:bd:
ad:0c:d0:ac:dd:b3:6c:a2:53:21:f9:84:80:fb:1c:
41:b8:6f:08:b4:aa:1c:df:7a:1c:71:b1:be:c7:67:
94:3c:13:5a:47:d7:1d:a1:7f:60:91:6e:71:c0:c2:
22:e3:3c:6f:ee:58:d2:31:3b:7a:24:96:40:ea:89:
33:da:81:07:a8:e3:9c:a9:cb:22:e7:89:d0:c5:16:
eb:af:48:f7:66:07:7e:0e:f0:8c:4b:20:74:a1:ed:
f7:79:8f:cb:81:dd:46:f1:f5:7c:35:71:24:e3:3d:
88:21:ea:73:12:e1:d6:30:ff:a6:05:e3:17:60:4e:
9d:e0:82:4a:d7:36:01:0f:0c:85:cb:7b:a5:c2:aa:
71:98:34:be:44:ad:61:1c:5f:aa:ad:da:71:53:46:
78:3b:e2:c2:25:d2:c4:5a:2b:c1:8f:ce:06:bf:e7:
66:46:52:65:87:57:34:74:7a:c9:a9:e0:2d:3c:b1:
12:35:7c:dd:8c:3b:76:d2:38:e0:b5:da:b8:cf:ca:
6b:9a:4d:b4:a0:66:77:26:38:2b:fc:88:e0:45:5b:
70:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:79:B5:21:CE:FD:6F:F6:79:B2:A2:82:CD:0A:65:E6:14:04:45:80
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/j3m1Ic79b_Z5sqKCzQpl5hQERYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
4f:23:5f:d0:d8:1d:74:b4:9e:e7:4a:1c:cc:09:be:59:95:ca:
09:ce:a0:d3:ed:28:83:71:02:b8:f3:59:32:62:a8:71:98:b1:
1f:de:0f:58:87:8c:dc:f5:4a:2a:e5:78:22:f5:da:4f:3c:68:
9d:51:79:08:92:46:33:9a:f6:6e:d9:83:b2:2a:60:51:6c:5c:
e3:6f:44:8a:46:7d:c3:8d:99:73:64:54:76:7a:2f:e2:b6:b7:
18:7e:97:8a:84:70:92:6d:92:8a:6f:7c:4b:38:09:56:21:5e:
34:41:da:33:f4:df:66:f4:d3:13:d3:fa:a6:21:b5:fa:2e:ce:
ea:2e:f7:09:7d:a4:76:ce:d1:e4:e0:5e:94:75:de:b7:43:c0:
1e:1f:6e:7f:3c:8d:7f:b6:69:d5:8a:4b:de:24:5c:c5:da:4d:
34:86:ff:82:60:be:8d:c2:3b:09:05:f2:08:75:83:41:d7:15:
fe:ad:e4:ed:65:3a:a4:43:3d:26:65:6c:6f:78:c2:14:e4:71:
a1:bf:43:c3:36:81:27:41:b0:57:ea:3a:00:46:d7:ac:54:52:
d8:a5:49:8a:45:83:51:31:88:a0:10:76:59:90:59:c7:69:e9:
51:37:c8:07:c1:87:c5:5e:eb:a0:88:42:e4:f1:0a:ec:3a:b9:
c3:bc:e3:8d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzCbVSxA5DAcmGtrEDl9nkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc5YjUyMWNlZmQ2ZmY2NzliMmEyODJjZDBhNjVlNjE0MDQ0NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic/bGgzuhhhcQ/ADOg8amUskid+9
s+OLMBOhXK7B2kBji+zMCJKGZU8nYL2tDNCs3bNsolMh+YSA+xxBuG8ItKoc33oc
cbG+x2eUPBNaR9cdoX9gkW5xwMIi4zxv7ljSMTt6JJZA6okz2oEHqOOcqcsi54nQ
xRbrr0j3Zgd+DvCMSyB0oe33eY/Lgd1G8fV8NXEk4z2IIepzEuHWMP+mBeMXYE6d
4IJK1zYBDwyFy3ulwqpxmDS+RK1hHF+qrdpxU0Z4O+LCJdLEWivBj84Gv+dmRlJl
h1c0dHrJqeAtPLESNXzdjDt20jjgtdq4z8prmk20oGZ3Jjgr/IjgRVtwKQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFI95tSHO/W/2ebKigs0KZeYUBEWAMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvajNtMUljNzliX1o1c3FLQ3pRcGw1aFFFUllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQF
w06gAwMAw7kDAwDUrDAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcNAQEL
BQADggEBAE8jX9DYHXS0nudKHMwJvlmVygnOoNPtKINxArjzWTJiqHGYsR/eD1iH
jNz1SirleCL12k88aJ1ReQiSRjOa9m7Zg7IqYFFsXONvRIpGfcONmXNkVHZ6L+K2
txh+l4qEcJJtkopvfEs4CVYhXjRB2jP032b00xPT+qYhtfouzuou9wl9pHbO0eTg
XpR13rdDwB4fbn88jX+2adWKS94kXMXaTTSG/4Jgvo3COwkF8gh1g0HXFf6t5O1l
OqRDPSZlbG94whTkcaG/Q8M2gSdBsFfqOgBG16xUUtilSYpFg1ExiKAQdlmQWcdp
6VE3yAfBh8Ve66CIQuTxCuw6ucO8440=
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:37:44 2024 by rpki-client on console-fra.rpki-client.org