Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa
File: jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa (raw, json)
Hash identifier: tmRgLgrl+/5S+YJf5sXC+tp2iaM9jnDGNJY2RBurEFA=
Subject key identifier: 8D:E6:F6:10:9F:FA:21:13:1E:C1:D6:85:93:74:4D:60:99:71:4D:C6
Certificate issuer: /CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
Certificate serial: 018CC801B2FFA64C61AB7987C97EEE4071FB
Authority key identifier: 2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39232
IP address blocks: 78.111.48.0/21 maxlen: 21
78.111.48.0/20 maxlen: 20
185.81.82.0/23 maxlen: 23
185.81.80.0/22 maxlen: 22
185.81.80.0/23 maxlen: 23
78.111.56.0/21 maxlen: 21
2a03:7740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b2:ff:a6:4c:61:ab:79:87:c9:7e:ee:40:71:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8de6f6109ffa21131ec1d68593744d6099714dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d0:55:33:ba:32:21:cc:b3:80:e1:22:96:e4:
23:8d:ad:c6:e8:a9:2c:15:02:da:76:d2:96:ca:12:
75:73:35:83:a3:ae:59:2b:52:c1:83:76:37:15:11:
ff:a0:19:c8:2c:57:ba:7f:e8:8b:dc:bf:77:5a:90:
71:48:b5:c0:a7:e3:e3:b8:5c:a1:65:51:a9:0e:7c:
fe:81:b8:30:be:38:63:9e:65:c2:b2:18:d8:01:28:
94:92:25:a0:ee:42:45:64:ae:56:4b:94:9f:50:66:
28:7f:02:03:a7:74:fd:6b:78:05:84:55:19:c4:03:
71:69:6c:66:d9:65:af:40:5c:e3:bf:a2:5b:0d:81:
6a:16:41:14:74:12:2f:6e:37:77:be:c1:73:5e:9e:
33:a3:bd:f2:84:82:d2:d5:b9:07:1a:ac:9b:42:3f:
5c:c5:ca:0f:a8:4a:5e:ea:04:aa:b3:1c:01:0f:e8:
0f:19:5c:39:9b:bd:d8:9e:10:9d:2a:fa:36:43:01:
03:ae:ea:a8:c3:a1:d6:fa:53:1d:fb:95:fc:8c:f3:
71:66:c4:02:66:a2:e9:6e:40:fa:81:61:f5:d4:18:
64:a5:2d:9d:b5:5b:f6:d9:80:10:aa:88:d7:6e:3d:
d8:09:f4:68:24:2b:24:20:fc:29:45:02:71:04:14:
9f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E6:F6:10:9F:FA:21:13:1E:C1:D6:85:93:74:4D:60:99:71:4D:C6
X509v3 Authority Key Identifier:
keyid:2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.48.0/20
185.81.80.0/22
IPv6:
2a03:7740::/32
Signature Algorithm: sha256WithRSAEncryption
a0:be:ea:b2:59:e2:47:cd:f6:f2:34:32:7b:61:36:9e:cb:be:
e4:01:07:35:03:09:38:3a:cd:21:73:2b:a5:c1:38:a0:87:bf:
3c:b8:3d:db:01:c4:52:15:62:5f:25:fe:32:94:8c:60:4c:19:
30:99:a3:e6:2e:22:b0:7c:f6:69:e7:b1:3b:37:d8:85:a9:16:
9e:8f:8a:d1:c5:20:93:eb:98:f4:8c:84:3c:0c:5c:80:a6:57:
be:13:a5:fe:08:15:44:96:a8:89:77:c5:0d:87:62:e2:da:e9:
98:f0:c6:d0:89:0f:00:f6:68:52:99:f6:4c:6e:2c:c6:bc:7d:
62:3e:db:97:3b:01:0d:6c:14:44:11:47:a8:f5:75:bc:6c:56:
3d:f1:53:41:f8:98:a0:95:87:05:5f:d9:1e:c3:07:5c:ae:62:
89:7c:87:3f:5f:90:dd:9f:ad:38:7a:56:bd:96:8c:19:2c:ce:
55:f8:d5:d6:47:86:53:8e:e3:83:7a:aa:24:1e:73:73:ec:e7:
f1:dc:c7:a1:52:5d:5b:d5:ed:96:05:e9:86:0c:72:ce:bd:ca:
e2:87:12:04:58:a5:1a:ef:77:c4:bb:f7:0f:96:50:d4:34:40:
94:f8:58:b0:cd:72:c2:16:a7:fa:7b:a9:c2:e6:19:f0:25:db:
99:be:e4:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAbL/pkxhq3mHyX7uQHH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI3Yzg3Y2JiZmMyNjFhMjc0ZTljYjFiMDk1MDI2YTgw
YzYxMzYwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU2ZjYxMDlmZmEyMTEzMWVjMWQ2ODU5Mzc0NGQ2MDk5NzE0ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNBVM7oyIcyzgOEiluQjja3G6Kks
FQLadtKWyhJ1czWDo65ZK1LBg3Y3FRH/oBnILFe6f+iL3L93WpBxSLXAp+PjuFyh
ZVGpDnz+gbgwvjhjnmXCshjYASiUkiWg7kJFZK5WS5SfUGYofwIDp3T9a3gFhFUZ
xANxaWxm2WWvQFzjv6JbDYFqFkEUdBIvbjd3vsFzXp4zo73yhILS1bkHGqybQj9c
xcoPqEpe6gSqsxwBD+gPGVw5m73YnhCdKvo2QwEDruqow6HW+lMd+5X8jPNxZsQC
ZqLpbkD6gWH11BhkpS2dtVv22YAQqojXbj3YCfRoJCskIPwpRQJxBBSfHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI3m9hCf+iETHsHWhZN0TWCZcU3GMB8GA1UdIwQY
MBaAFC6CfIfLv8JhonTpyxsJUCaoDGE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWIt
MjRmYTEwOTY1ZTg1LzEvamViMkVKXzZJUk1ld2RhRmszUk5ZSmx4VGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWItMjRmYTEwOTY1ZTg1
LzEvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm8wAwQC
uVFQMA0EAgACMAcDBQAqA3dAMA0GCSqGSIb3DQEBCwUAA4IBAQCgvuqyWeJHzfby
NDJ7YTaey77kAQc1Awk4Os0hcyulwTigh788uD3bAcRSFWJfJf4ylIxgTBkwmaPm
LiKwfPZp57E7N9iFqRaej4rRxSCT65j0jIQ8DFyAple+E6X+CBVElqiJd8UNh2Li
2umY8MbQiQ8A9mhSmfZMbizGvH1iPtuXOwENbBREEUeo9XW8bFY98VNB+JiglYcF
X9kewwdcrmKJfIc/X5Ddn604ela9lowZLM5V+NXWR4ZTjuODeqokHnNz7Ofx3Meh
Ul1b1e2WBemGDHLOvcrihxIEWKUa73fEu/cPllDUNECU+FiwzXLCFqf6e6nC5hnw
JduZvuQa
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:04:30 2024 by rpki-client on console-ams.rpki-client.org