Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/jIi_Ru3IefpbXGryBWgXZbGXk20.roa
File: jIi_Ru3IefpbXGryBWgXZbGXk20.roa (raw, json)
Hash identifier: nV1gn4fzr2q8Gp2YD3x2gKPIxa4piRup1xjqPBYefDM=
Subject key identifier: 8C:88:BF:46:ED:C8:79:FA:5B:5C:6A:F2:05:68:17:65:B1:97:93:6D
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938CA433811DCDB355FC73B9558577
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/jIi_Ru3IefpbXGryBWgXZbGXk20.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24785
IP address blocks: 213.207.3.0/24 maxlen: 24
213.207.4.0/24 maxlen: 24
213.207.0.0/24 maxlen: 24
213.207.8.0/24 maxlen: 24
213.207.9.0/24 maxlen: 24
213.207.11.0/24 maxlen: 24
213.207.7.0/24 maxlen: 24
213.207.12.0/24 maxlen: 24
217.170.0.0/24 maxlen: 24
217.170.0.0/19 maxlen: 19
213.207.15.0/24 maxlen: 24
213.207.16.0/24 maxlen: 24
213.207.17.0/24 maxlen: 24
217.170.9.0/24 maxlen: 24
217.170.10.0/24 maxlen: 24
217.170.11.0/24 maxlen: 24
213.207.18.0/24 maxlen: 24
213.207.19.0/24 maxlen: 24
217.170.22.0/24 maxlen: 24
217.170.23.0/24 maxlen: 24
217.170.18.0/24 maxlen: 24
217.170.19.0/24 maxlen: 24
217.170.20.0/24 maxlen: 24
2a02:10::/29 maxlen: 29
2a02:10:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8c:a4:33:81:1d:cd:b3:55:fc:73:b9:55:85:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c88bf46edc879fa5b5c6af205681765b197936d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f9:90:fa:4a:5f:dc:b6:13:2c:54:6c:81:a1:
74:92:a8:0d:39:4d:98:c9:52:61:ab:8c:00:50:27:
d9:bc:79:90:21:31:d7:8a:33:50:49:20:9c:b0:c7:
a7:bb:5f:a4:38:73:22:f0:b9:ff:ce:eb:46:6f:f2:
12:45:4c:63:1e:28:64:c5:a8:ba:d0:be:b0:26:30:
bb:bf:e4:51:b5:c4:10:5b:2a:b5:d5:75:e7:7b:2a:
49:3f:db:46:dc:91:3c:11:1e:95:91:04:5d:5e:94:
d9:21:e7:11:f8:69:31:12:5d:39:5d:7b:ce:b2:54:
a5:bb:18:42:c1:4a:2c:0b:08:13:5d:85:4b:d7:ab:
b4:41:fd:05:3e:69:03:7f:34:76:7d:fe:b4:06:3e:
c3:dd:aa:0e:44:4a:77:c8:cf:e4:ce:49:b9:9d:25:
3a:39:53:9f:3b:bc:4d:0d:e6:c3:65:80:d4:3c:04:
86:ff:25:e3:a9:02:53:f2:3e:39:30:15:03:8a:62:
6a:eb:ac:e0:d0:be:97:fa:9f:da:3b:d6:e8:76:e3:
13:b7:80:57:25:c4:84:71:7c:eb:38:3e:ec:95:12:
a6:cd:29:c0:b2:63:2e:d3:05:80:12:cd:88:b2:85:
63:3c:f1:0b:ef:48:a2:20:fb:4e:b6:bb:83:d2:11:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:88:BF:46:ED:C8:79:FA:5B:5C:6A:F2:05:68:17:65:B1:97:93:6D
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/jIi_Ru3IefpbXGryBWgXZbGXk20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.207.0.0/24
213.207.3.0-213.207.4.255
213.207.7.0-213.207.9.255
213.207.11.0-213.207.12.255
213.207.15.0-213.207.19.255
217.170.0.0/19
IPv6:
2a02:10::/29
Signature Algorithm: sha256WithRSAEncryption
07:63:40:26:e1:95:c0:f3:95:5c:45:29:54:bd:8b:0c:bf:bf:
9b:17:8f:3e:64:24:fd:21:7d:47:68:5c:b3:06:02:43:b2:91:
da:cf:a7:50:46:04:aa:fe:d8:5d:11:f0:a5:fa:14:b5:1c:c1:
f3:8a:8f:93:28:13:4c:b4:80:e6:e1:dc:d6:ce:02:db:74:55:
e1:d7:b0:91:7c:c1:53:de:b5:c1:75:32:69:c1:9c:f2:65:9a:
bc:53:83:07:e8:f6:9d:18:60:9d:ae:2b:8b:9e:d9:bc:86:5e:
4f:16:d9:23:da:02:22:3c:71:e6:2c:b6:1f:a4:72:9c:7a:7c:
d3:7f:0a:4f:d0:ba:21:b8:3a:05:0e:67:20:db:c4:06:56:8e:
f0:bf:a6:aa:87:7d:e3:4e:e6:f3:78:a7:63:76:4b:b3:be:e4:
e4:04:02:05:17:8a:bc:64:5d:a6:b3:8e:2e:f9:f0:44:f6:b3:
1d:ce:91:da:bd:2b:99:8f:2e:aa:76:d6:5a:03:fb:e8:f5:9c:
97:b4:07:47:b5:19:0e:f3:ab:86:ac:4e:82:e3:f5:ea:62:ea:
be:b6:7b:de:5a:d5:37:8f:7a:30:09:62:ae:fe:83:22:02:ca:
91:10:00:dd:f2:5e:53:c2:c9:1a:5d:bd:df:5f:7b:ce:8b:37:
6a:84:87:df
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzEk4ykM4EdzbNV/HO5VYV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg4YmY0NmVkYzg3OWZhNWI1YzZhZjIwNTY4MTc2NWIxOTc5MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPmQ+kpf3LYTLFRsgaF0kqgNOU2Y
yVJhq4wAUCfZvHmQITHXijNQSSCcsMenu1+kOHMi8Ln/zutGb/ISRUxjHihkxai6
0L6wJjC7v+RRtcQQWyq11XXneypJP9tG3JE8ER6VkQRdXpTZIecR+GkxEl05XXvO
slSluxhCwUosCwgTXYVL16u0Qf0FPmkDfzR2ff60Bj7D3aoOREp3yM/kzkm5nSU6
OVOfO7xNDebDZYDUPASG/yXjqQJT8j45MBUDimJq66zg0L6X+p/aO9boduMTt4BX
JcSEcXzrOD7slRKmzSnAsmMu0wWAEs2IsoVjPPEL70iiIPtOtruD0hGE1QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFIyIv0btyHn6W1xq8gVoF2Wxl5NtMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvaklpX1J1M0llZnBiWEdyeUJXZ1haYkdYazIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQA1c8AMAwD
BADVzwMDBADVzwQwDAMEANXPBwMEAdXPCDAMAwQA1c8LAwQA1c8MMAwDBADVzw8D
BALVzxADBAXZqgAwDQQCAAIwBwMFAyoCABAwDQYJKoZIhvcNAQELBQADggEBAAdj
QCbhlcDzlVxFKVS9iwy/v5sXjz5kJP0hfUdoXLMGAkOykdrPp1BGBKr+2F0R8KX6
FLUcwfOKj5MoE0y0gObh3NbOAtt0VeHXsJF8wVPetcF1MmnBnPJlmrxTgwfo9p0Y
YJ2uK4ue2byGXk8W2SPaAiI8ceYsth+kcpx6fNN/Ck/QuiG4OgUOZyDbxAZWjvC/
pqqHfeNO5vN4p2N2S7O+5OQEAgUXirxkXaazji758ET2sx3Okdq9K5mPLqp21loD
++j1nJe0B0e1GQ7zq4asToLj9epi6r62e95a1TePejAJYq7+gyICypEQAN3yXlPC
yRpdvd9fe86LN2qEh98=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:13 2024 by rpki-client on console-fra.rpki-client.org