Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/cPBBL3VgyK-uzOK4q4Nlp1IYLOI.roa
File: cPBBL3VgyK-uzOK4q4Nlp1IYLOI.roa (raw, json)
Hash identifier: X9K+Wt8Sjqf/at0PZsDJh3E3xtwGr4SgqWpcInxkdpg=
Subject key identifier: 70:F0:41:2F:75:60:C8:AF:AE:CC:E2:B8:AB:83:65:A7:52:18:2C:E2
Certificate issuer: /CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Certificate serial: 018CCA2B3B92372DB32BE0C439109228878A
Authority key identifier: 33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/cPBBL3VgyK-uzOK4q4Nlp1IYLOI.roa
Signing time: Tue 02 Jan 2024 12:34:40 +0000
ROA not before: Tue 02 Jan 2024 12:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200342
IP address blocks: 194.39.203.0/24 maxlen: 24
194.39.200.0/24 maxlen: 24
194.39.200.0/22 maxlen: 22
194.39.202.0/24 maxlen: 24
194.39.201.0/24 maxlen: 24
2a0c:f0c0::/31 maxlen: 31
2a0c:f0c2::/31 maxlen: 31
2a0c:f0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3b:92:37:2d:b3:2b:e0:c4:39:10:92:28:87:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Validity
Not Before: Jan 2 12:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70f0412f7560c8afaecce2b8ab8365a752182ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:51:9e:d5:1b:86:cc:89:bc:d6:40:4e:e6:
78:82:57:b8:14:fa:cc:9b:ee:9f:0c:74:78:01:38:
5d:eb:de:97:52:1d:66:f3:7b:c7:b6:c8:82:48:85:
5b:3f:18:97:98:8b:eb:af:5f:98:7b:82:b4:ed:40:
7a:93:cf:1a:bc:c5:af:81:68:58:a3:be:a6:fc:f5:
a9:bd:0f:8d:3c:a6:24:ec:4d:8e:f3:27:78:e5:a5:
6b:18:26:30:52:6a:68:05:8d:3d:df:8e:a6:df:2f:
96:73:6e:72:76:bd:aa:0b:d1:2d:e8:73:3f:57:1d:
70:48:5a:d9:d3:7f:82:7c:16:5a:b4:8d:2c:e3:91:
f6:db:8d:07:c1:9a:2c:e2:81:b6:4d:4e:9c:df:9c:
22:40:5f:76:c9:14:a0:53:8e:e5:39:c8:2e:9e:43:
f1:72:c1:50:c6:65:2f:0e:49:38:a0:e4:9c:93:29:
1c:36:87:9d:89:dd:1c:d2:9c:f6:4a:e6:36:6a:67:
b6:5f:67:ef:54:ef:9b:fd:a1:fe:fe:c9:d6:ec:b4:
2c:46:b2:f2:6b:c9:fd:64:b7:a9:91:d6:a1:62:99:
3c:38:df:b1:06:74:39:42:bd:6b:df:21:d1:65:1f:
eb:7a:c7:6f:64:eb:a2:c5:3f:30:ce:70:56:9d:8f:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F0:41:2F:75:60:C8:AF:AE:CC:E2:B8:AB:83:65:A7:52:18:2C:E2
X509v3 Authority Key Identifier:
keyid:33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/cPBBL3VgyK-uzOK4q4Nlp1IYLOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.200.0/22
IPv6:
2a0c:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:32:14:28:d2:b7:6f:2f:65:c9:9f:51:d0:ef:8c:e1:10:42:
34:f5:4d:ce:c3:d2:df:ff:25:d8:7f:1d:c3:cd:83:a3:20:9c:
85:84:81:92:62:6e:c4:60:dd:11:39:5b:1c:43:75:04:d1:58:
2e:f7:d7:20:a7:45:b0:62:32:31:e2:f0:9c:73:11:7f:93:5b:
74:f7:a7:b5:48:d0:46:24:ac:11:18:c6:b2:78:e2:5d:90:ca:
f6:f9:f3:1b:f7:a6:bb:63:90:26:ec:5f:3f:5b:f3:4f:51:a1:
12:98:ac:f9:73:68:36:0f:86:a8:89:85:0b:06:3a:10:08:59:
e0:5a:e1:d5:3a:6a:f6:67:ed:53:f8:69:9d:31:b6:bf:c4:41:
da:73:b2:5a:41:a5:ee:d6:9a:15:ba:f7:e3:63:52:5d:81:94:
c9:eb:05:ea:99:b7:84:e6:37:ef:7c:07:dc:be:88:4c:8b:6e:
0a:a1:28:9e:98:17:04:b9:fb:1b:12:af:b4:10:1f:85:67:4a:
d2:5b:c1:01:d1:e5:17:c3:75:3c:f8:40:80:5a:08:74:9a:5f:
c1:f2:87:68:89:db:04:09:2a:aa:7f:58:06:fc:c5:77:76:30:
b3:47:2b:6d:38:cb:5b:1d:40:50:56:a1:d7:f1:83:27:2a:31:
9e:8f:87:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKzuSNy2zK+DEORCSKIeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZTI3OGJhMjgyNjFhMmQxZTU1M2RiZWY2ZGY4NDA5YTIx
YzFhZWYwHhcNMjQwMTAyMTIzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGYwNDEyZjc1NjBjOGFmYWVjY2UyYjhhYjgzNjVhNzUyMTgyY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDtRntUbhsyJvNZATuZ4gle4FPrM
m+6fDHR4AThd696XUh1m83vHtsiCSIVbPxiXmIvrr1+Ye4K07UB6k88avMWvgWhY
o76m/PWpvQ+NPKYk7E2O8yd45aVrGCYwUmpoBY09346m3y+Wc25ydr2qC9Et6HM/
Vx1wSFrZ03+CfBZatI0s45H2240HwZos4oG2TU6c35wiQF92yRSgU47lOcgunkPx
csFQxmUvDkk4oOSckykcNoedid0c0pz2SuY2ame2X2fvVO+b/aH+/snW7LQsRrLy
a8n9ZLepkdahYpk8ON+xBnQ5Qr1r3yHRZR/resdvZOuixT8wznBWnY8wcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHDwQS91YMivrsziuKuDZadSGCziMB8GA1UdIwQY
MBaAFDPieLooJhotHlU9vvbfhAmiHBrvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEt
MjJlYTNhZDVkZTVjLzEvY1BCQkwzVmd5Sy11ek9LNHE0TmxwMUlZTE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEtMjJlYTNhZDVkZTVj
LzEvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwifIMA0E
AgACMAcDBQMqDPDAMA0GCSqGSIb3DQEBCwUAA4IBAQBcMhQo0rdvL2XJn1HQ74zh
EEI09U3Ow9Lf/yXYfx3DzYOjIJyFhIGSYm7EYN0ROVscQ3UE0Vgu99cgp0WwYjIx
4vCccxF/k1t096e1SNBGJKwRGMayeOJdkMr2+fMb96a7Y5Am7F8/W/NPUaESmKz5
c2g2D4aoiYULBjoQCFngWuHVOmr2Z+1T+GmdMba/xEHac7JaQaXu1poVuvfjY1Jd
gZTJ6wXqmbeE5jfvfAfcvohMi24KoSiemBcEufsbEq+0EB+FZ0rSW8EB0eUXw3U8
+ECAWgh0ml/B8odoidsECSqqf1gG/MV3djCzRyttOMtbHUBQVqHX8YMnKjGej4eV
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:06:54 2024 by rpki-client on console-fra.rpki-client.org