Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jX2JlTW3XchnQbt8IttFMh24sAQ.roa
File: jX2JlTW3XchnQbt8IttFMh24sAQ.roa (raw, json)
Hash identifier: 75xNEjMhGOrrMY8PEWTGcgkAeyIY1rdxcVhmBgq3NS8=
Subject key identifier: 8D:7D:89:95:35:B7:5D:C8:67:41:BB:7C:22:DB:45:32:1D:B8:B0:04
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94E069F75A0A1DBF185013AD7339116
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jX2JlTW3XchnQbt8IttFMh24sAQ.roa
Signing time: Tue 02 Jan 2024 08:33:03 +0000
ROA not before: Tue 02 Jan 2024 08:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 85.204.78.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:06:9f:75:a0:a1:db:f1:85:01:3a:d7:33:91:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d7d899535b75dc86741bb7c22db45321db8b004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:ec:6a:43:73:2b:32:ff:ce:30:f4:cf:f7:
36:68:75:9e:73:7c:c2:45:d4:cf:a9:01:b0:e5:b3:
1f:86:92:54:fd:c5:f1:5d:2e:db:76:fc:bc:7c:a7:
ad:a4:ae:8f:84:0c:13:f9:e7:85:3b:04:ea:f8:46:
68:69:d9:90:c2:ea:54:af:7c:d3:55:00:ca:03:61:
07:7a:0f:14:16:b1:e4:aa:aa:4b:01:3b:b4:21:2d:
d8:29:73:67:4c:bc:28:5c:9d:85:39:13:c7:d8:6b:
59:51:bb:4f:e3:d0:f1:f3:40:77:aa:91:34:b1:2b:
bb:3a:ab:c7:a0:b8:ee:8f:a4:08:d7:1b:be:78:66:
66:3c:39:4b:e8:b3:9d:24:08:10:d1:f6:2a:44:8a:
a9:11:53:10:68:d6:1d:47:df:de:e9:ac:87:d2:c5:
0c:49:a5:32:47:cd:66:dd:76:cc:80:64:70:23:df:
28:6a:b2:54:5c:0d:aa:6e:68:cc:0d:f2:38:2e:02:
56:7c:28:63:45:3f:93:d8:eb:8f:5b:95:0e:c7:74:
b1:e8:fb:fb:40:92:c3:b4:e9:a8:4e:ba:21:2b:cd:
19:91:d0:ab:93:88:65:c7:f8:f2:81:ed:31:11:ea:
4f:35:47:19:b9:9c:c3:1b:c3:e3:70:d1:bd:5c:8d:
b3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7D:89:95:35:B7:5D:C8:67:41:BB:7C:22:DB:45:32:1D:B8:B0:04
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/jX2JlTW3XchnQbt8IttFMh24sAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
93.113.202.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:b4:34:36:6c:ca:ee:f8:09:3d:b7:99:13:c3:90:25:1b:11:
9c:33:dd:bc:45:c1:ac:b3:02:5c:89:c2:4a:8a:7c:46:8d:d8:
fc:08:1c:4f:60:ab:83:12:9c:b1:84:d9:64:9b:de:b2:f7:bd:
62:5e:6f:ae:ac:24:ae:60:52:3e:21:a4:d2:2e:98:4a:aa:f3:
99:73:93:de:c1:85:9a:b3:8c:f3:fe:ae:64:e9:f7:24:dc:c8:
8d:59:74:09:d9:35:63:9c:10:09:d1:ae:22:f1:ee:f7:c2:b9:
a1:1c:b8:4c:e3:76:aa:74:55:07:66:77:7f:f3:a4:28:f7:a9:
14:97:f9:13:7f:17:de:c2:66:68:82:4b:c0:07:54:50:f8:39:
ee:df:ca:45:b7:be:c5:2c:07:e4:18:6a:6a:1a:51:30:22:72:
06:0b:c1:f2:12:f4:d8:66:cd:6c:4c:f7:76:93:8a:26:d5:58:
37:e4:2e:a3:fd:29:7e:0f:af:2f:4c:91:2a:e9:94:7e:b1:4a:
9e:7f:38:8f:36:19:2d:6f:24:4e:f8:e5:53:14:f3:68:20:ad:
4e:f6:92:55:37:48:00:b3:24:af:2e:55:5a:fa:70:1c:8a:12:
ac:d5:c5:82:72:93:a4:50:ce:aa:3d:d3:1a:34:f5:77:0f:02:
c3:65:78:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTgafdaCh2/GFATrXM5EWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdkODk5NTM1Yjc1ZGM4Njc0MWJiN2MyMmRiNDUzMjFkYjhiMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe7sakNzKzL/zjD0z/c2aHWec3zC
RdTPqQGw5bMfhpJU/cXxXS7bdvy8fKetpK6PhAwT+eeFOwTq+EZoadmQwupUr3zT
VQDKA2EHeg8UFrHkqqpLATu0IS3YKXNnTLwoXJ2FORPH2GtZUbtP49Dx80B3qpE0
sSu7OqvHoLjuj6QI1xu+eGZmPDlL6LOdJAgQ0fYqRIqpEVMQaNYdR9/e6ayH0sUM
SaUyR81m3XbMgGRwI98oarJUXA2qbmjMDfI4LgJWfChjRT+T2OuPW5UOx3Sx6Pv7
QJLDtOmoTrohK80ZkdCrk4hlx/jyge0xEepPNUcZuZzDG8PjcNG9XI2zPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI19iZU1t13IZ0G7fCLbRTIduLAEMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvalgySmxUVzNYY2huUWJ0OEl0dEZNaDI0c0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcxOAwQA
XXHKMA0GCSqGSIb3DQEBCwUAA4IBAQDPtDQ2bMru+Ak9t5kTw5AlGxGcM928RcGs
swJcicJKinxGjdj8CBxPYKuDEpyxhNlkm96y971iXm+urCSuYFI+IaTSLphKqvOZ
c5PewYWas4zz/q5k6fck3MiNWXQJ2TVjnBAJ0a4i8e73wrmhHLhM43aqdFUHZnd/
86Qo96kUl/kTfxfewmZogkvAB1RQ+Dnu38pFt77FLAfkGGpqGlEwInIGC8HyEvTY
Zs1sTPd2k4om1Vg35C6j/Sl+D68vTJEq6ZR+sUqefziPNhktbyRO+OVTFPNoIK1O
9pJVN0gAsySvLlVa+nAcihKs1cWCcpOkUM6qPdMaNPV3DwLDZXhm
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:58 2024 by rpki-client on console-fra.rpki-client.org