Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/jLl8nETSHsMZza9ZXEpHXGkmhOk.roa
File: jLl8nETSHsMZza9ZXEpHXGkmhOk.roa (raw, json)
Hash identifier: kSxujOVvA85JDX7QwUsLQZjCoBuxoZ93JUw4XKh0T6Y=
Subject key identifier: 8C:B9:7C:9C:44:D2:1E:C3:19:CD:AF:59:5C:4A:47:5C:69:26:84:E9
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 018CC9BCA0F2782F4BCCF8A54DA9C92719F5
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/jLl8nETSHsMZza9ZXEpHXGkmhOk.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 213.109.179.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.176.0/24 maxlen: 24
2a00:de61:300::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a0:f2:78:2f:4b:cc:f8:a5:4d:a9:c9:27:19:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cb97c9c44d21ec319cdaf595c4a475c692684e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ee:32:9a:0a:58:d1:eb:71:ec:99:f2:d4:9f:
1d:66:44:0d:78:d7:88:45:c7:6e:e2:36:a2:df:12:
34:96:46:2f:ef:88:37:af:38:8f:bb:8a:aa:90:b4:
76:6d:57:76:3c:4e:fc:95:c7:e6:5e:05:8c:1d:05:
56:0a:b5:2e:fe:a6:cd:44:58:57:2c:99:01:12:2b:
20:3f:dd:90:ed:13:ff:ca:10:59:98:14:8f:d8:df:
d3:56:ea:2e:5d:24:82:b7:96:e8:2d:ca:66:92:3c:
3a:4d:d2:3a:f4:02:af:6e:7b:49:f3:a3:01:31:24:
c0:ca:ce:98:cf:4b:47:84:22:90:55:11:1f:14:2c:
52:f6:db:56:dc:9e:b8:ae:9e:8f:80:49:fd:c6:7d:
ad:ed:6a:34:cc:33:8d:d0:d8:66:76:aa:6c:6b:f3:
c4:cf:5a:90:41:81:c5:71:52:e1:bf:8f:54:b2:02:
89:23:03:86:60:10:21:89:ae:59:3d:55:ce:4f:d1:
a5:71:05:b6:cd:0e:cc:5c:4b:ac:f8:7f:1f:b0:1c:
0e:35:b0:12:bd:eb:e6:2b:2f:56:38:98:f9:23:c4:
3f:2d:1f:b2:47:49:74:34:c6:5c:61:7b:37:02:3f:
30:8e:1c:1f:41:29:f0:13:a4:62:38:c7:1d:01:74:
a9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B9:7C:9C:44:D2:1E:C3:19:CD:AF:59:5C:4A:47:5C:69:26:84:E9
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/jLl8nETSHsMZza9ZXEpHXGkmhOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
67:a5:c7:9e:ff:98:64:08:74:ad:ed:e8:40:6a:92:c6:09:d3:
7c:1c:85:fa:61:01:34:ba:51:98:59:6f:ca:3c:e0:81:c8:a1:
eb:62:c9:52:56:93:57:d0:ee:88:11:f1:1d:02:1f:38:2a:bc:
93:54:05:27:10:72:ca:4c:f9:f2:70:55:84:5a:94:b4:2c:f5:
43:e3:be:56:6f:45:e8:19:98:ed:dd:e3:95:0d:7d:ae:1f:9b:
e1:d3:12:4d:38:8a:d7:9d:6e:3a:3a:21:21:03:2c:99:c1:77:
8c:93:b4:42:83:cd:88:79:79:ed:52:ec:95:8f:3b:84:40:51:
dc:77:ee:31:67:05:9f:21:80:ed:57:fa:46:e8:e8:9b:e5:2a:
17:d7:e4:66:0e:50:7f:27:12:c1:05:e1:6e:46:47:6c:cf:54:
11:49:80:07:bd:5d:1c:45:1a:d8:d2:97:72:85:d0:38:0e:63:
ba:2c:73:26:dc:61:5a:4e:e6:d6:ea:7a:de:a9:63:0d:60:8c:
06:ca:49:97:03:23:54:31:73:5a:53:6e:af:5b:6a:e0:68:24:
b5:11:d1:4d:e8:d4:a3:67:3c:77:03:30:a2:76:d9:71:3f:d2:
34:75:90:36:b8:4f:57:4e:c6:62:d4:4f:13:64:2b:b6:4d:a7:
26:9b:53:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvKDyeC9LzPilTanJJxn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjRhMWY3Y2E0MGI1ODExNmU2YmM4MzhlMDYyZjljNzEy
MjI4YTQwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I5N2M5YzQ0ZDIxZWMzMTljZGFmNTk1YzRhNDc1YzY5MjY4NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+4ymgpY0etx7Jny1J8dZkQNeNeI
Rcdu4jai3xI0lkYv74g3rziPu4qqkLR2bVd2PE78lcfmXgWMHQVWCrUu/qbNRFhX
LJkBEisgP92Q7RP/yhBZmBSP2N/TVuouXSSCt5boLcpmkjw6TdI69AKvbntJ86MB
MSTAys6Yz0tHhCKQVREfFCxS9ttW3J64rp6PgEn9xn2t7Wo0zDON0Nhmdqpsa/PE
z1qQQYHFcVLhv49UsgKJIwOGYBAhia5ZPVXOT9GlcQW2zQ7MXEus+H8fsBwONbAS
vevmKy9WOJj5I8Q/LR+yR0l0NMZcYXs3Aj8wjhwfQSnwE6RiOMcdAXSpiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIy5fJxE0h7DGc2vWVxKR1xpJoTpMB8GA1UdIwQY
MBaAFPpkoffKQLWBFua8g44GL5xxIiikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tU2g5OHBBdFlFVzVyeURqZ1l2bkhFaUtLUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVm
LTViODNkMGU5NjAxMi8xL2pMbDhuRVRTSHNNWnphOVpYRXBIWEdrbWhPay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVmLTViODNkMGU5NjAx
Mi8xLzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBALVbbAw
DgQCAAIwCAMGAioA3mEAMA0GCSqGSIb3DQEBCwUAA4IBAQBnpcee/5hkCHSt7ehA
apLGCdN8HIX6YQE0ulGYWW/KPOCByKHrYslSVpNX0O6IEfEdAh84KryTVAUnEHLK
TPnycFWEWpS0LPVD475Wb0XoGZjt3eOVDX2uH5vh0xJNOIrXnW46OiEhAyyZwXeM
k7RCg82IeXntUuyVjzuEQFHcd+4xZwWfIYDtV/pG6Oib5SoX1+RmDlB/JxLBBeFu
Rkdsz1QRSYAHvV0cRRrY0pdyhdA4DmO6LHMm3GFaTubW6nreqWMNYIwGykmXAyNU
MXNaU26vW2rgaCS1EdFN6NSjZzx3AzCidtlxP9I0dZA2uE9XTsZi1E8TZCu2Tacm
m1Ng
-----END CERTIFICATE-----
Generated at Fri May 3 02:15:11 2024 by rpki-client on console-fra.rpki-client.org