Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/kjqDzFZu9kKGc4dBFmu0hDMjznQ.roa
File: kjqDzFZu9kKGc4dBFmu0hDMjznQ.roa (raw, json)
Hash identifier: nHKSYhmJsq8afXz/iZJ/c5NJMx81vr2OS1t0gd1zESk=
Subject key identifier: 92:3A:83:CC:56:6E:F6:42:86:73:87:41:16:6B:B4:84:33:23:CE:74
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 018E2DB909737435E42D0FF17975C44F2177
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/kjqDzFZu9kKGc4dBFmu0hDMjznQ.roa
Signing time: Mon 11 Mar 2024 13:34:45 +0000
ROA not before: Mon 11 Mar 2024 13:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47543
IP address blocks: 95.142.100.0/24 maxlen: 24
95.142.101.0/24 maxlen: 24
178.237.35.0/24 maxlen: 24
178.237.36.0/24 maxlen: 24
178.237.37.0/24 maxlen: 24
178.237.38.0/24 maxlen: 24
2a00:1188:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 10:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:b9:09:73:74:35:e4:2d:0f:f1:79:75:c4:4f:21:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Mar 11 13:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923a83cc566ef64286738741166bb4843323ce74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:c3:31:84:49:1e:7b:86:a4:f1:6d:d4:49:
5d:5b:d9:8b:53:0e:cd:36:6d:5c:40:40:5b:f7:ac:
be:da:b9:2c:8b:ed:a2:12:c4:22:bf:39:d2:c4:31:
87:e2:6f:a7:b4:a3:9d:52:c8:46:43:32:24:b4:48:
ab:c7:a0:31:0e:5f:a4:b5:0e:54:24:88:7b:8a:b7:
83:d3:3e:72:7e:8e:47:6c:d9:5a:61:21:a0:b4:42:
9e:b8:8d:d8:87:d4:f1:a2:f3:79:21:1f:5e:a7:c5:
41:88:3b:08:d1:b5:9d:8b:bf:c5:c1:af:d2:d2:aa:
e4:11:aa:70:39:4c:c7:a4:be:40:f4:5e:2a:23:d9:
7b:57:f2:4e:96:d0:45:3b:50:54:18:3c:da:9b:6d:
31:be:6e:f2:d3:30:52:d7:ec:9f:24:6e:f7:26:00:
b8:f1:d9:d9:d0:5d:8a:7c:0d:02:3e:e9:db:30:6a:
84:ae:9e:f0:4f:a6:bb:a7:c3:41:98:1a:bd:30:72:
19:18:d1:e6:5d:f4:ff:68:1f:d4:f5:ef:94:c2:f8:
17:46:32:6e:32:a4:2e:73:c8:16:13:02:71:c5:2a:
4e:6c:9d:ba:0c:d2:35:9d:9c:47:5e:4f:86:3f:51:
cd:00:97:55:26:b1:cd:9c:c6:9c:47:78:c2:06:eb:
5a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3A:83:CC:56:6E:F6:42:86:73:87:41:16:6B:B4:84:33:23:CE:74
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/kjqDzFZu9kKGc4dBFmu0hDMjznQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.100.0/23
178.237.35.0-178.237.38.255
IPv6:
2a00:1188:12::/48
Signature Algorithm: sha256WithRSAEncryption
28:18:80:be:c6:5a:4d:91:a4:7a:b6:b3:47:9f:8b:d7:6e:30:
e6:33:32:0b:59:94:44:0a:21:a7:5a:2e:ad:23:76:03:21:4f:
2c:53:b1:c8:78:5d:58:81:61:94:8f:43:34:c0:7b:2b:b0:64:
22:3c:34:b8:e2:09:63:6e:89:8b:ae:32:d2:bc:a2:79:55:46:
2f:15:75:fa:19:ba:64:7d:9b:ab:24:fb:17:5c:20:60:7b:c8:
f9:61:0b:d9:f6:e6:5c:65:94:43:c1:b2:27:86:eb:82:3d:22:
51:fa:f7:cb:f7:26:03:49:73:36:85:80:97:e0:fa:1e:15:5e:
e2:d1:54:53:15:8c:b1:7b:7e:d7:c5:b2:8e:35:16:8f:c6:e2:
99:ce:1c:45:68:03:6c:30:72:a4:86:b3:42:e3:6f:42:6c:69:
e3:60:4e:a1:91:50:01:b7:0a:62:19:fd:de:b2:06:03:82:f7:
31:c1:24:2c:90:03:2c:a1:03:1a:2e:e1:a2:8f:cb:92:ad:1f:
96:5d:77:71:f9:bf:1f:1f:1b:0c:b9:05:0b:22:6b:b3:67:d6:
3a:b7:27:ab:72:fd:c9:8e:b6:8e:92:36:a4:83:9c:64:db:78:
52:f7:a8:cd:a1:56:16:4d:6a:ca:18:a7:50:30:ef:66:30:9c:
1f:e6:df:5e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY4tuQlzdDXkLQ/xeXXETyF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjQwMzExMTMzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNhODNjYzU2NmVmNjQyODY3Mzg3NDExNjZiYjQ4NDMzMjNjZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqnDMYRJHnuGpPFt1EldW9mLUw7N
Nm1cQEBb96y+2rksi+2iEsQivznSxDGH4m+ntKOdUshGQzIktEirx6AxDl+ktQ5U
JIh7ireD0z5yfo5HbNlaYSGgtEKeuI3Yh9TxovN5IR9ep8VBiDsI0bWdi7/Fwa/S
0qrkEapwOUzHpL5A9F4qI9l7V/JOltBFO1BUGDzam20xvm7y0zBS1+yfJG73JgC4
8dnZ0F2KfA0CPunbMGqErp7wT6a7p8NBmBq9MHIZGNHmXfT/aB/U9e+UwvgXRjJu
MqQuc8gWEwJxxSpObJ26DNI1nZxHXk+GP1HNAJdVJrHNnMacR3jCButaZQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJI6g8xWbvZChnOHQRZrtIQzI850MB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEva2pxRHpGWnU5a0tHYzRkQkZtdTBoRE1qem5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQBX45kMAwD
BACy7SMDBACy7SYwDwQCAAIwCQMHACoAEYgAEjANBgkqhkiG9w0BAQsFAAOCAQEA
KBiAvsZaTZGkerazR5+L124w5jMyC1mURAohp1ourSN2AyFPLFOxyHhdWIFhlI9D
NMB7K7BkIjw0uOIJY26Ji64y0ryieVVGLxV1+hm6ZH2bqyT7F1wgYHvI+WEL2fbm
XGWUQ8GyJ4brgj0iUfr3y/cmA0lzNoWAl+D6HhVe4tFUUxWMsXt+18WyjjUWj8bi
mc4cRWgDbDBypIazQuNvQmxp42BOoZFQAbcKYhn93rIGA4L3McEkLJADLKEDGi7h
oo/Lkq0fll13cfm/Hx8bDLkFCyJrs2fWOrcnq3L9yY62jpI2pIOcZNt4UveozaFW
Fk1qyhinUDDvZjCcH+bfXg==
-----END CERTIFICATE-----
Generated at Tue Jul 2 17:36:08 2024 by rpki-client on console-fra.rpki-client.org