Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jKrMkwfp85W6Crt6MR6LYfTzAOs.roa
File: jKrMkwfp85W6Crt6MR6LYfTzAOs.roa (raw, json)
Hash identifier: RW6k5BOKK7MkKUac/6UvRI+7ZzxMzv2pw90OM1dMfPw=
Subject key identifier: 8C:AA:CC:93:07:E9:F3:95:BA:0A:BB:7A:31:1E:8B:61:F4:F3:00:EB
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 018CC794F8F0A56FBC1A3591408B42770503
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jKrMkwfp85W6Crt6MR6LYfTzAOs.roa
Signing time: Tue 02 Jan 2024 00:31:18 +0000
ROA not before: Tue 02 Jan 2024 00:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42303
IP address blocks: 185.55.8.0/22 maxlen: 22
5.35.184.0/21 maxlen: 21
46.182.200.0/24 maxlen: 24
46.182.204.0/24 maxlen: 24
46.182.203.0/24 maxlen: 24
46.182.202.0/24 maxlen: 24
46.182.201.0/24 maxlen: 24
46.182.206.0/24 maxlen: 24
46.182.205.0/24 maxlen: 24
151.236.200.0/21 maxlen: 24
193.149.178.0/24 maxlen: 24
77.72.96.0/21 maxlen: 21
94.127.32.0/21 maxlen: 21
185.153.212.0/22 maxlen: 24
2a02:470::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f8:f0:a5:6f:bc:1a:35:91:40:8b:42:77:05:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Jan 2 00:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8caacc9307e9f395ba0abb7a311e8b61f4f300eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ba:c6:e2:a3:71:c1:c1:93:a2:2f:30:73:10:
74:8d:3c:4f:6e:0f:31:81:a0:f0:6a:fb:b4:02:ff:
c6:5f:38:0f:11:d8:3e:51:17:40:d4:c5:a3:40:e7:
30:b6:77:01:ef:35:a9:7a:cf:f7:09:8d:9b:57:df:
5a:81:dd:01:5d:e8:b8:d1:52:23:2a:a8:83:e1:65:
e0:56:e8:85:8c:97:5e:ec:75:1a:3a:c5:37:6b:b7:
cc:46:7a:bb:97:c6:b4:c1:a5:18:32:b2:e0:a8:a6:
7b:f9:e5:f5:a3:1f:7c:6b:83:10:ff:f2:67:c8:94:
2f:84:7c:8f:fe:f8:66:be:08:1f:b0:f3:5d:90:02:
00:81:0d:75:d3:cc:df:da:9b:15:7e:e2:0c:88:49:
a2:fb:6b:c6:a6:ee:21:d5:7c:47:ca:65:83:fe:06:
42:5f:c8:69:b7:10:cb:74:49:31:ec:41:18:4b:27:
5a:8f:97:b7:e7:d9:4f:c7:a6:a5:83:88:92:7e:59:
05:7f:85:f8:2a:7a:15:63:83:6f:74:b6:84:cc:80:
e6:1a:e1:3b:31:0a:8a:d0:89:94:21:5c:ae:01:93:
ec:c4:a8:eb:8d:4c:b0:9a:6d:15:4a:01:4c:d5:e0:
0c:15:1d:a3:d5:26:3d:67:c6:34:91:5f:7c:cf:fe:
2b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AA:CC:93:07:E9:F3:95:BA:0A:BB:7A:31:1E:8B:61:F4:F3:00:EB
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jKrMkwfp85W6Crt6MR6LYfTzAOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.184.0/21
46.182.200.0-46.182.206.255
77.72.96.0/21
94.127.32.0/21
151.236.200.0/21
185.55.8.0/22
185.153.212.0/22
193.149.178.0/24
IPv6:
2a02:470::/32
Signature Algorithm: sha256WithRSAEncryption
85:3d:22:4a:3f:7d:83:08:32:2a:a6:9c:b9:65:2c:88:f9:28:
5a:b4:4d:1d:55:3a:ba:dd:7a:97:26:11:d3:16:8f:7a:f9:4e:
60:c6:aa:6d:30:32:e8:88:e5:50:71:a2:b8:e8:0a:5e:47:35:
33:0a:d1:be:a5:0f:a7:bd:44:de:ef:64:2c:3f:26:00:d5:f5:
de:1b:5b:db:46:0c:b3:cb:ee:f9:d7:ed:54:ef:32:6c:bd:1c:
22:e9:77:3d:a6:d9:1a:2d:4c:8d:e4:4f:af:89:82:7e:8e:84:
6e:af:0e:92:13:ee:0a:a2:0d:10:bc:fa:5f:bc:0f:63:51:97:
0c:42:d3:cf:01:64:ea:ac:ce:5b:12:3d:98:87:40:df:07:5b:
3a:31:82:47:c0:21:e7:3c:4c:94:c9:d8:3c:56:dd:19:c8:7c:
e8:b6:77:30:4f:ec:26:e4:ca:2f:22:1f:44:92:df:cf:39:d5:
3e:dc:ba:fa:dc:19:34:d1:f2:7a:d9:37:22:d8:ff:59:aa:90:
e0:28:14:89:7a:53:17:14:32:e9:71:aa:c4:59:68:82:8d:f8:
0c:6e:77:f9:cb:90:61:f8:04:87:ae:42:ad:6b:cc:13:2a:7d:
3c:ca:40:d8:d4:0d:da:6b:ec:de:05:fa:80:75:56:84:d6:6a:
cc:5f:8b:9e
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzHlPjwpW+8GjWRQItCdwUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwMTAyMDAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2FhY2M5MzA3ZTlmMzk1YmEwYWJiN2EzMTFlOGI2MWY0ZjMwMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rrG4qNxwcGToi8wcxB0jTxPbg8x
gaDwavu0Av/GXzgPEdg+URdA1MWjQOcwtncB7zWpes/3CY2bV99agd0BXei40VIj
KqiD4WXgVuiFjJde7HUaOsU3a7fMRnq7l8a0waUYMrLgqKZ7+eX1ox98a4MQ//Jn
yJQvhHyP/vhmvggfsPNdkAIAgQ1108zf2psVfuIMiEmi+2vGpu4h1XxHymWD/gZC
X8hptxDLdEkx7EEYSydaj5e359lPx6alg4iSflkFf4X4KnoVY4NvdLaEzIDmGuE7
MQqK0ImUIVyuAZPsxKjrjUywmm0VSgFM1eAMFR2j1SY9Z8Y0kV98z/4rUwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIyqzJMH6fOVugq7ejEei2H08wDrMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvaktyTWt3ZnA4NVc2Q3J0Nk1SNkxZZlR6QU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDBSO4MAwD
BAMutsgDBAAuts4DBANNSGADBANefyADBAOX7MgDBAK5NwgDBAK5mdQDBADBlbIw
DQQCAAIwBwMFACoCBHAwDQYJKoZIhvcNAQELBQADggEBAIU9Iko/fYMIMiqmnLll
LIj5KFq0TR1VOrrdepcmEdMWj3r5TmDGqm0wMuiI5VBxorjoCl5HNTMK0b6lD6e9
RN7vZCw/JgDV9d4bW9tGDLPL7vnX7VTvMmy9HCLpdz2m2RotTI3kT6+Jgn6OhG6v
DpIT7gqiDRC8+l+8D2NRlwxC088BZOqszlsSPZiHQN8HWzoxgkfAIec8TJTJ2DxW
3RnIfOi2dzBP7Cbkyi8iH0SS38851T7cuvrcGTTR8nrZNyLY/1mqkOAoFIl6UxcU
MulxqsRZaIKN+Axud/nLkGH4BIeuQq1rzBMqfTzKQNjUDdpr7N4F+oB1VoTWasxf
i54=
-----END CERTIFICATE-----
Generated at Tue May 21 10:31:50 2024 by rpki-client on console-ams.rpki-client.org