Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa
File: JVaUPj2kAQKXmD9UNLwuG5P38zo.roa (raw, json)
Hash identifier: kBl2owt3QJUkDZPd8lBDKagAv8sQATC7wsbIbYsG3/c=
Subject key identifier: 25:56:94:3E:3D:A4:01:02:97:98:3F:54:34:BC:2E:1B:93:F7:F3:3A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018F291BDC965A693FDBA7DF51D8360E5139
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa
Signing time: Mon 29 Apr 2024 09:07:22 +0000
ROA not before: Mon 29 Apr 2024 09:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.95.0/24 maxlen: 24
79.175.96.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:1b:dc:96:5a:69:3f:db:a7:df:51:d8:36:0e:51:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 29 09:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2556943e3da4010297983f5434bc2e1b93f7f33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c5:d4:82:a6:ee:e1:0d:1c:43:51:8f:ea:65:
88:f2:08:f9:8d:74:28:bc:91:ea:38:28:fa:f1:45:
b1:4e:0b:2c:a0:51:3f:23:93:4b:83:4f:a0:39:43:
2e:10:ee:26:51:7c:c3:c3:14:6e:f5:76:3b:8e:1c:
a0:a0:f4:2b:22:e7:e7:07:54:d9:19:65:42:89:76:
92:38:52:59:c6:60:77:b1:5d:41:30:08:a5:b6:60:
17:b8:a2:02:96:89:47:f4:0e:f3:d9:b9:ba:d1:13:
39:0b:ff:03:9c:29:73:a6:a6:de:b0:38:0c:4b:48:
15:56:0d:e2:47:6c:48:57:f3:64:16:a7:3b:4f:bd:
51:97:c3:78:04:7b:16:92:eb:25:70:dd:75:a5:75:
f8:09:54:cd:cb:ee:27:9f:ce:5b:c3:de:3e:7c:d9:
0d:d9:49:56:ba:d7:0c:d8:22:0d:b9:ff:6d:f0:5d:
43:ff:b8:70:1b:24:12:40:4d:04:06:c9:9c:6f:f8:
6e:db:7f:c9:4d:bd:a7:ac:8d:b4:ed:20:59:e0:e3:
d0:64:b1:72:37:cc:b4:3a:bc:52:37:68:77:36:ad:
82:71:be:60:fd:0e:cb:72:10:03:37:38:33:44:b7:
b9:2a:d4:0d:96:68:ff:6a:64:27:98:79:a5:5d:e8:
f9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:56:94:3E:3D:A4:01:02:97:98:3F:54:34:BC:2E:1B:93:F7:F3:3A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/JVaUPj2kAQKXmD9UNLwuG5P38zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.95.0-79.175.96.255
109.121.0.0/19
109.121.33.0/24
109.121.36.0-109.121.43.255
109.121.45.0/24
109.121.47.0/24
109.233.184.0/23
178.253.237.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:14:b4:fc:b3:f4:42:d0:41:0a:6f:4a:fc:16:cb:b6:84:af:
84:a9:c7:fd:09:a3:d7:91:00:f8:bd:66:a5:90:ba:da:96:16:
18:c1:21:c6:c5:1a:93:ed:a2:dd:87:3c:e4:fe:59:8c:cd:b9:
ab:40:50:be:d3:41:a5:f8:6e:69:2f:8c:68:c8:4b:54:00:90:
83:fc:b9:a7:4e:db:0c:90:75:15:68:e9:3a:db:e8:6b:8a:74:
16:e2:07:5a:36:10:9d:69:7e:12:6f:c8:f0:16:df:da:8d:84:
4f:f9:53:3f:f7:cd:98:72:f9:64:f1:00:7a:cc:55:8d:ab:72:
39:3d:7d:5e:eb:6a:a1:63:c6:79:9f:51:b0:f7:d3:ba:8b:93:
28:98:ff:94:ec:7e:c7:3f:c1:8b:c6:25:3f:28:88:3c:92:43:
16:df:07:2e:04:4b:66:c7:52:f7:5f:9e:9f:f8:b1:50:8e:97:
09:a1:c2:9f:2c:b8:d2:73:30:ed:38:95:a9:f1:aa:71:5f:8c:
af:d4:9c:ae:24:c2:f4:d1:8f:58:45:5b:c1:96:78:95:2a:6e:
5f:58:20:f0:f2:c0:9f:ab:8f:9d:bb:fb:d1:c1:02:16:30:92:
7d:c9:b3:ba:3c:e7:f9:d0:3c:67:66:54:8d:88:5b:de:7b:e2:
8f:59:14:e9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY8pG9yWWmk/26ffUdg2DlE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNDI5MDkwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTU2OTQzZTNkYTQwMTAyOTc5ODNmNTQzNGJjMmUxYjkzZjdmMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sXUgqbu4Q0cQ1GP6mWI8gj5jXQo
vJHqOCj68UWxTgssoFE/I5NLg0+gOUMuEO4mUXzDwxRu9XY7jhygoPQrIufnB1TZ
GWVCiXaSOFJZxmB3sV1BMAiltmAXuKIClolH9A7z2bm60RM5C/8DnClzpqbesDgM
S0gVVg3iR2xIV/NkFqc7T71Rl8N4BHsWkuslcN11pXX4CVTNy+4nn85bw94+fNkN
2UlWutcM2CINuf9t8F1D/7hwGyQSQE0EBsmcb/hu23/JTb2nrI207SBZ4OPQZLFy
N8y0OrxSN2h3Nq2Ccb5g/Q7LchADNzgzRLe5KtQNlmj/amQnmHmlXej5oQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCVWlD49pAECl5g/VDS8LhuT9/M6MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvSlZhVVBqMmtBUUtYbUQ5VU5Md3VHNVAzOHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBABPr18D
BABPr2ADBAVteQADBABteSEwDAMEAm15JAMEAm15KAMEAG15LQMEAG15LwMEAW3p
uAMEALL97QMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOCAQEAKxS0/LP0QtBB
Cm9K/BbLtoSvhKnH/Qmj15EA+L1mpZC62pYWGMEhxsUak+2i3Yc85P5ZjM25q0BQ
vtNBpfhuaS+MaMhLVACQg/y5p07bDJB1FWjpOtvoa4p0FuIHWjYQnWl+Em/I8Bbf
2o2ET/lTP/fNmHL5ZPEAesxVjatyOT19XutqoWPGeZ9RsPfTuouTKJj/lOx+xz/B
i8YlPyiIPJJDFt8HLgRLZsdS91+en/ixUI6XCaHCnyy40nMw7TiVqfGqcV+Mr9Sc
riTC9NGPWEVbwZZ4lSpuX1gg8PLAn6uPnbv70cECFjCSfcmzujzn+dA8Z2ZUjYhb
3nvij1kU6Q==
-----END CERTIFICATE-----
Generated at Sat May 18 15:41:38 2024 by rpki-client on console-fra.rpki-client.org