Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/jOC5aLG5L1E_SCRoUhewjhYB7vE.roa
File: jOC5aLG5L1E_SCRoUhewjhYB7vE.roa (raw, json)
Hash identifier: j/XjDcqCUAnOM+mwHe77cIlVzx/ZGIGVWrtzojJpEjg=
Subject key identifier: 8C:E0:B9:68:B1:B9:2F:51:3F:48:24:68:52:17:B0:8E:16:01:EE:F1
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 018CC64B6C90D2CF9B5E4FB09317CC153438
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/jOC5aLG5L1E_SCRoUhewjhYB7vE.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50266
IP address blocks: 82.172.0.0/17 maxlen: 17
143.178.0.0/17 maxlen: 24
87.210.0.0/16 maxlen: 24
95.98.0.0/15 maxlen: 24
94.157.0.0/16 maxlen: 24
62.250.128.0/17 maxlen: 24
87.208.0.0/16 maxlen: 24
81.59.0.0/17 maxlen: 17
87.209.0.0/16 maxlen: 24
143.177.0.0/16 maxlen: 24
31.20.0.0/16 maxlen: 24
87.212.0.0/16 maxlen: 24
31.184.64.0/18 maxlen: 24
85.223.0.0/17 maxlen: 24
62.250.0.0/17 maxlen: 24
143.178.128.0/17 maxlen: 24
31.21.0.0/16 maxlen: 24
143.179.0.0/16 maxlen: 16
95.99.0.0/16 maxlen: 16
92.254.0.0/17 maxlen: 24
188.88.0.0/14 maxlen: 24
31.187.128.0/17 maxlen: 24
82.174.0.0/16 maxlen: 24
62.166.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6c:90:d2:cf:9b:5e:4f:b0:93:17:cc:15:34:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ce0b968b1b92f513f4824685217b08e1601eef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6d:a9:61:30:07:e4:a2:9c:e3:d7:b2:be:b8:
db:f1:41:e5:66:19:ab:44:4d:cb:7a:b6:76:c2:3d:
b6:fa:d0:9b:68:37:ab:71:cf:c1:36:58:d8:81:0f:
59:f0:1d:7d:e1:11:36:bc:00:1e:4c:36:36:89:5b:
c8:d9:89:84:08:7d:2f:ba:d4:53:5f:69:d4:33:8f:
da:cd:64:12:50:35:07:fd:b1:40:ee:f5:24:57:ea:
e5:7e:1b:fc:2a:e5:38:69:5f:e9:81:96:8a:92:61:
56:5a:20:aa:21:b3:90:1f:88:d3:f7:17:53:d3:53:
c3:54:f2:bf:a1:56:1c:ef:e5:ea:7c:dc:ad:a0:f2:
de:fb:d2:cf:cb:73:cc:28:2c:c6:6c:69:a6:4d:a7:
a8:25:ad:4f:1a:24:e5:5e:15:68:5b:a2:b7:07:da:
3d:b1:92:05:6d:04:91:14:bd:47:4e:f1:47:8c:25:
f0:81:01:6c:f1:bb:c2:5c:b4:fe:3c:f6:a9:ca:f2:
96:a2:30:98:3d:09:33:d0:20:19:5e:c6:1a:49:00:
1c:5a:9b:ce:22:6b:9c:21:9c:41:fc:17:30:af:db:
4f:be:b0:91:63:24:0f:be:79:20:55:65:55:39:24:
34:22:e2:9e:d0:29:5a:f6:fb:28:48:7b:47:9b:63:
b8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E0:B9:68:B1:B9:2F:51:3F:48:24:68:52:17:B0:8E:16:01:EE:F1
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/jOC5aLG5L1E_SCRoUhewjhYB7vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.184.64.0/18
31.187.128.0/17
62.166.128.0/17
62.250.0.0/16
81.59.0.0/17
82.172.0.0/17
82.174.0.0/16
85.223.0.0/17
87.208.0.0-87.210.255.255
87.212.0.0/16
92.254.0.0/17
94.157.0.0/16
95.98.0.0/15
143.177.0.0-143.179.255.255
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
63:ea:d9:b6:e4:a2:26:34:4d:23:76:7c:bf:87:c0:77:e8:a8:
ca:42:c5:9d:75:96:0a:6c:ea:86:23:8b:10:2e:f8:6a:8b:d1:
5d:e1:bb:a1:60:50:44:11:f9:ef:67:b1:d0:a8:b0:ec:32:9d:
88:f9:63:42:b8:08:3f:7f:36:aa:d7:d4:d1:d1:7a:70:07:c3:
b0:5e:04:2a:a2:11:20:72:59:88:52:87:5e:4e:58:29:8a:f3:
f9:11:0b:75:c0:27:e4:a0:16:03:c8:c6:cb:1e:74:32:79:d4:
c2:8e:b2:2b:eb:03:30:13:8e:07:1d:8b:d0:63:b5:24:87:fe:
56:ce:b8:fd:87:c2:53:d0:31:d2:27:59:00:71:18:13:68:75:
f8:bc:3a:7a:3c:83:43:13:fb:9b:6c:e8:7d:af:89:a6:cb:f8:
d0:14:74:97:b1:70:a3:23:6e:d4:a3:1b:f0:74:27:98:a2:58:
1d:7d:63:30:63:4d:d8:1b:6c:49:0f:23:b2:25:c9:72:ad:0c:
db:7f:74:dc:e8:bd:3a:4f:6a:6b:f3:bd:e2:5f:19:74:98:75:
2e:ec:f1:25:a4:f3:e8:10:cb:7a:ca:b4:27:7f:6c:ca:fc:49:
80:08:21:08:69:e5:f9:e4:ad:b9:5f:40:f6:45:13:2b:8e:ad:
ae:7d:79:50
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYzGS2yQ0s+bXk+wkxfMFTQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2UwYjk2OGIxYjkyZjUxM2Y0ODI0Njg1MjE3YjA4ZTE2MDFlZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7m2pYTAH5KKc49eyvrjb8UHlZhmr
RE3LerZ2wj22+tCbaDercc/BNljYgQ9Z8B194RE2vAAeTDY2iVvI2YmECH0vutRT
X2nUM4/azWQSUDUH/bFA7vUkV+rlfhv8KuU4aV/pgZaKkmFWWiCqIbOQH4jT9xdT
01PDVPK/oVYc7+XqfNytoPLe+9LPy3PMKCzGbGmmTaeoJa1PGiTlXhVoW6K3B9o9
sZIFbQSRFL1HTvFHjCXwgQFs8bvCXLT+PPapyvKWojCYPQkz0CAZXsYaSQAcWpvO
ImucIZxB/Bcwr9tPvrCRYyQPvnkgVWVVOSQ0IuKe0Cla9vsoSHtHm2O4xwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFIzguWixuS9RP0gkaFIXsI4WAe7xMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvak9DNWFMRzVMMUVfU0NSb1VoZXdqaFlCN3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBrBAIAATBlAwMBHxQDBAYf
uEADBAcfu4ADBAc+poADAwA++gMEB1E7AAMEB1KsAAMDAFKuAwQHVd8AMAoDAwRX
0AMDAFfSAwMAV9QDBAdc/gADAwBenQMDAV9iMAoDAwCPsQMDAo+wAwMCvFgwDQYJ
KoZIhvcNAQELBQADggEBAGPq2bbkoiY0TSN2fL+HwHfoqMpCxZ11lgps6oYjixAu
+GqL0V3hu6FgUEQR+e9nsdCosOwynYj5Y0K4CD9/NqrX1NHRenAHw7BeBCqiESBy
WYhSh15OWCmK8/kRC3XAJ+SgFgPIxssedDJ51MKOsivrAzATjgcdi9BjtSSH/lbO
uP2HwlPQMdInWQBxGBNodfi8Ono8g0MT+5ts6H2viabL+NAUdJexcKMjbtSjG/B0
J5iiWB19YzBjTdgbbEkPI7IlyXKtDNt/dNzovTpPamvzveJfGXSYdS7s8SWk8+gQ
y3rKtCd/bMr8SYAIIQhp5fnkrblfQPZFEyuOra59eVA=
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:20:10 2024 by rpki-client on console-fra.rpki-client.org