Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/jaQPjkY_0OsrXXy3JzkCs4d3LvQ.roa
File: jaQPjkY_0OsrXXy3JzkCs4d3LvQ.roa (raw, json)
Hash identifier: BOLjbbAdP9O66rLKYrdVzs7LHgM+l0DseCsQZZH9Jcw=
Subject key identifier: 8D:A4:0F:8E:46:3F:D0:EB:2B:5D:7C:B7:27:39:02:B3:87:77:2E:F4
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 018EEC9EAE323561DE54F125643BAAA046FA
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/jaQPjkY_0OsrXXy3JzkCs4d3LvQ.roa
Signing time: Wed 17 Apr 2024 15:13:25 +0000
ROA not before: Wed 17 Apr 2024 15:13:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28787
IP address blocks: 37.61.0.0/17 maxlen: 17
37.61.56.0/21 maxlen: 21
37.61.77.0/24 maxlen: 24
37.61.78.0/24 maxlen: 24
37.61.79.0/24 maxlen: 24
37.61.112.0/22 maxlen: 22
37.61.116.0/22 maxlen: 22
37.61.120.0/22 maxlen: 22
37.61.124.0/22 maxlen: 22
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
188.253.208.0/22 maxlen: 22
188.253.212.0/22 maxlen: 22
188.253.216.0/22 maxlen: 22
188.253.220.0/22 maxlen: 22
188.253.224.0/21 maxlen: 21
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
194.135.154.0/23 maxlen: 23
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:9e:ae:32:35:61:de:54:f1:25:64:3b:aa:a0:46:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Apr 17 15:13:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da40f8e463fd0eb2b5d7cb7273902b387772ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5e:e1:d1:17:cb:44:bf:08:c1:d3:bd:91:79:
3e:29:2f:43:d8:cd:12:78:64:92:86:cd:7d:fc:98:
5d:76:05:17:81:88:78:67:9e:56:87:0d:e2:1f:9b:
56:3a:54:bb:a7:e9:c7:d3:4b:fd:be:62:f1:9b:6e:
90:7c:96:48:cf:98:95:32:1a:b6:d3:d1:90:8c:cb:
2e:e8:aa:35:c6:71:6f:35:0e:2f:9d:33:3d:aa:d2:
7c:b4:8a:6a:42:fe:94:31:e9:fb:85:b3:d6:49:ae:
70:ba:a1:cb:61:55:69:aa:8d:ad:8b:92:a2:b0:8c:
a6:88:13:b2:e9:94:2e:4e:fc:1f:80:e6:b9:fd:72:
b4:40:60:67:24:22:9d:c4:6d:45:ad:9a:72:c2:7f:
f5:70:80:0a:69:71:c4:d9:c0:ea:5f:56:2b:4d:84:
7b:be:91:51:12:85:16:be:02:d9:16:c0:7c:dd:1a:
bd:a8:5b:8d:f3:84:95:e6:71:08:79:a1:cb:9b:7d:
30:c0:04:e5:3a:46:5a:4d:f3:3d:e5:a6:be:87:e0:
f8:02:68:f4:95:4c:45:23:7b:db:97:53:f0:2a:1d:
85:05:5c:66:d1:ef:8d:02:4d:1f:5a:e4:3e:41:da:
e3:6a:ec:4f:fc:1e:32:49:82:9e:70:c6:04:bb:4f:
86:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A4:0F:8E:46:3F:D0:EB:2B:5D:7C:B7:27:39:02:B3:87:77:2E:F4
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/jaQPjkY_0OsrXXy3JzkCs4d3LvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.208.0-188.253.239.255
188.253.254.0/23
194.135.154.0/23
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
54:b0:85:72:87:7b:c0:05:ab:32:a8:e9:33:8d:9a:03:f2:4f:
dd:eb:ef:52:63:e2:6c:fc:8a:97:0f:14:1b:4d:e7:79:72:41:
50:35:f4:f9:20:69:f1:36:50:bc:1b:bb:d3:7e:16:21:d9:cc:
22:4a:52:09:c2:af:e6:8c:7a:2d:90:2d:d8:02:60:3e:eb:8d:
fb:df:70:17:2a:5c:55:bd:a2:df:5a:a7:ed:ec:e5:12:8a:31:
f5:80:0b:0e:2d:dd:1e:5a:9e:01:51:5e:53:b6:91:22:36:7c:
d6:e6:44:bc:ac:f5:50:ab:34:39:a9:63:54:fa:3d:09:69:a4:
bf:84:24:9a:a6:34:be:9a:e8:99:0b:d5:42:5a:29:03:4c:d8:
41:4c:1c:00:f2:17:31:9d:5e:94:48:7d:d6:31:ca:d4:a1:74:
a4:48:d2:b7:ee:7f:e9:90:1c:07:7d:56:2a:33:09:23:23:68:
80:c3:9a:65:55:26:8d:16:40:8e:67:ab:f3:db:b7:49:48:e2:
7a:28:30:5e:94:a2:24:cc:16:b6:18:b9:81:a0:a3:7e:c7:2f:
10:3a:29:c9:6a:c3:23:01:18:6d:43:9b:bd:7e:53:b9:11:23:
83:36:71:e9:27:02:dc:60:c2:32:74:9b:a9:25:be:7c:96:37:
aa:d2:22:bd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY7snq4yNWHeVPElZDuqoEb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjQwNDE3MTUxMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE0MGY4ZTQ2M2ZkMGViMmI1ZDdjYjcyNzM5MDJiMzg3NzcyZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF7h0RfLRL8IwdO9kXk+KS9D2M0S
eGSShs19/JhddgUXgYh4Z55Whw3iH5tWOlS7p+nH00v9vmLxm26QfJZIz5iVMhq2
09GQjMsu6Ko1xnFvNQ4vnTM9qtJ8tIpqQv6UMen7hbPWSa5wuqHLYVVpqo2ti5Ki
sIymiBOy6ZQuTvwfgOa5/XK0QGBnJCKdxG1FrZpywn/1cIAKaXHE2cDqX1YrTYR7
vpFREoUWvgLZFsB83Rq9qFuN84SV5nEIeaHLm30wwATlOkZaTfM95aa+h+D4Amj0
lUxFI3vbl1PwKh2FBVxm0e+NAk0fWuQ+QdrjauxP/B4ySYKecMYEu0+GIwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFI2kD45GP9DrK118tyc5ArOHdy70MB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvamFRUGprWV8wT3NyWFh5M0p6a0NzNGQzTHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AMAwDBAS8/dADBAS8/eADBAG8/f4DBAHCh5owDAMEAcKH
pgMEAMKHrgMEAsKHsAMEBdWaAAMEBNlAEDANBgkqhkiG9w0BAQsFAAOCAQEAVLCF
cod7wAWrMqjpM42aA/JP3evvUmPibPyKlw8UG03neXJBUDX0+SBp8TZQvBu7034W
IdnMIkpSCcKv5ox6LZAt2AJgPuuN+99wFypcVb2i31qn7ezlEoox9YALDi3dHlqe
AVFeU7aRIjZ81uZEvKz1UKs0OaljVPo9CWmkv4QkmqY0vpromQvVQlopA0zYQUwc
APIXMZ1elEh91jHK1KF0pEjSt+5/6ZAcB31WKjMJIyNogMOaZVUmjRZAjmer89u3
SUjieigwXpSiJMwWthi5gaCjfscvEDopyWrDIwEYbUObvX5TuREjgzZx6ScC3GDC
MnSbqSW+fJY3qtIivQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:04:13 2024 by rpki-client on console-fra.rpki-client.org