Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/x9rEdrLc3ja0gsU8VhVEaSoWXuM.roa
File: x9rEdrLc3ja0gsU8VhVEaSoWXuM.roa (raw, json)
Hash identifier: ykjHooMmGrK+phkMBbr45ZU6WFjIfzJg8KsYfQu0aGc=
Subject key identifier: C7:DA:C4:76:B2:DC:DE:36:B4:82:C5:3C:56:15:44:69:2A:16:5E:E3
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 018F9AC46BE38133D9346E4C602F0130D0A8
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/x9rEdrLc3ja0gsU8VhVEaSoWXuM.roa
Signing time: Tue 21 May 2024 10:48:34 +0000
ROA not before: Tue 21 May 2024 10:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 94.143.230.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.mft
rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:c4:6b:e3:81:33:d9:34:6e:4c:60:2f:01:30:d0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: May 21 10:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7dac476b2dcde36b482c53c561544692a165ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ab:5b:30:fb:72:ba:b1:2a:b9:5f:90:4a:32:
6f:cf:e3:d6:f5:bb:2a:47:1e:b6:72:7b:86:44:31:
4e:c8:26:a6:7f:72:eb:13:31:bd:3e:2a:c5:dc:47:
d4:0e:71:ed:7b:f0:c3:f7:b7:59:a8:c7:a9:f2:ac:
f9:ca:99:c6:31:30:ab:c9:b9:8a:fb:b4:62:63:eb:
24:42:3b:24:dc:80:1a:03:3f:72:fb:0f:b2:ac:f0:
28:94:98:99:08:b9:20:36:9f:02:44:b4:ed:63:c5:
63:85:92:4c:6a:07:eb:e0:41:db:b1:42:84:42:c5:
15:01:02:e8:3d:49:56:ca:7f:58:6b:f6:8b:3d:ba:
b4:85:d7:46:11:e0:74:26:ca:c2:95:95:62:4d:85:
52:65:69:15:4d:66:2f:85:d5:bc:4b:e7:11:4e:61:
b9:d1:80:8c:af:f2:c0:00:53:d4:98:35:d3:2b:d3:
ab:59:b4:d4:36:e6:16:58:4a:19:63:33:ba:45:27:
0c:73:59:25:62:97:b0:3d:f1:c4:06:ef:2e:74:d1:
7e:0a:06:a8:cb:3d:3e:c9:06:dd:7f:d4:bf:c1:30:
bd:74:3a:0c:36:33:87:b3:a3:0c:5f:30:d7:94:a3:
ea:3a:72:e8:19:41:7a:4f:fe:9d:cc:87:ea:76:39:
39:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DA:C4:76:B2:DC:DE:36:B4:82:C5:3C:56:15:44:69:2A:16:5E:E3
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/x9rEdrLc3ja0gsU8VhVEaSoWXuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.230.0/24
146.19.111.0/24
176.118.38.0/24
176.126.98.0/24
194.110.251.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b0:0f:de:0c:55:fd:69:b7:15:c5:81:9e:9e:cd:c7:9f:80:
80:08:4c:89:8c:24:d5:55:dd:7f:ab:37:e0:86:04:a1:de:d7:
37:96:57:8d:53:fd:ae:24:da:9b:ee:80:89:b7:c7:36:17:da:
e6:c1:1c:9e:46:55:af:28:57:90:5e:de:59:63:4a:c6:2a:a7:
09:49:25:5a:74:a0:ee:2b:08:e0:43:d9:8a:31:18:fe:52:a8:
94:79:fc:ad:85:92:99:2c:21:af:05:0e:28:27:64:4c:47:c4:
6d:8b:f1:99:f8:c2:16:56:0f:76:7b:02:39:97:c0:6d:bb:43:
39:f9:ec:91:a5:87:1f:74:d0:e6:2b:eb:09:ed:0b:c4:35:d6:
74:15:a9:be:a4:07:ea:a2:96:ec:08:c0:90:89:4a:b5:de:17:
f0:ab:7e:84:79:34:63:fe:55:0c:71:c2:e3:c2:54:8e:ef:10:
df:d1:c8:6b:35:a1:2f:9e:6c:2f:44:c5:50:38:c8:0e:38:f7:
c1:d8:00:58:76:ec:b4:17:a7:92:67:9d:bb:8e:4d:4d:23:ae:
8e:05:fe:a1:73:be:e4:8a:f0:11:b0:36:b1:6a:21:2a:28:5b:
ec:35:ac:bc:38:68:98:98:84:a6:1e:c3:67:44:14:c2:d3:ea:
aa:38:6d:71
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+axGvjgTPZNG5MYC8BMNCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwNTIxMTA0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RhYzQ3NmIyZGNkZTM2YjQ4MmM1M2M1NjE1NDQ2OTJhMTY1ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyatbMPtyurEquV+QSjJvz+PW9bsq
Rx62cnuGRDFOyCamf3LrEzG9PirF3EfUDnHte/DD97dZqMep8qz5ypnGMTCrybmK
+7RiY+skQjsk3IAaAz9y+w+yrPAolJiZCLkgNp8CRLTtY8VjhZJMagfr4EHbsUKE
QsUVAQLoPUlWyn9Ya/aLPbq0hddGEeB0JsrClZViTYVSZWkVTWYvhdW8S+cRTmG5
0YCMr/LAAFPUmDXTK9OrWbTUNuYWWEoZYzO6RScMc1klYpewPfHEBu8udNF+Cgao
yz0+yQbdf9S/wTC9dDoMNjOHs6MMXzDXlKPqOnLoGUF6T/6dzIfqdjk5gQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMfaxHay3N42tILFPFYVRGkqFl7jMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEveDlyRWRyTGMzamEwZ3NVOFZoVkVhU29XWHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXo/mAwQA
khNvAwQAsHYmAwQAsH5iAwQAwm77MA0GCSqGSIb3DQEBCwUAA4IBAQCVsA/eDFX9
abcVxYGens3Hn4CACEyJjCTVVd1/qzfghgSh3tc3lleNU/2uJNqb7oCJt8c2F9rm
wRyeRlWvKFeQXt5ZY0rGKqcJSSVadKDuKwjgQ9mKMRj+UqiUefythZKZLCGvBQ4o
J2RMR8Rti/GZ+MIWVg92ewI5l8Btu0M5+eyRpYcfdNDmK+sJ7QvENdZ0Fam+pAfq
opbsCMCQiUq13hfwq36EeTRj/lUMccLjwlSO7xDf0chrNaEvnmwvRMVQOMgOOPfB
2ABYduy0F6eSZ527jk1NI66OBf6hc77kivARsDaxaiEqKFvsNay8OGiYmISmHsNn
RBTC0+qqOG1x
-----END CERTIFICATE-----
Generated at Fri Jun 21 19:10:59 2024 by rpki-client on console-fra.rpki-client.org