Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/yMaNIDe6n3AJceXrRwJ4aO6SF7s.roa
File: yMaNIDe6n3AJceXrRwJ4aO6SF7s.roa (raw, json)
Hash identifier: EeGsMBp6GwF1BqzK/ZPXNRsOcd0I7rV2jEgYPEX633Y=
Subject key identifier: C8:C6:8D:20:37:BA:9F:70:09:71:E5:EB:47:02:78:68:EE:92:17:BB
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0190DC76BBFE0F9166420C0B6D5ABB757623
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/yMaNIDe6n3AJceXrRwJ4aO6SF7s.roa
Signing time: Mon 22 Jul 2024 22:01:27 +0000
ROA not before: Mon 22 Jul 2024 22:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.240.0/23 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.132.0/24 maxlen: 24
195.178.133.0/24 maxlen: 24
195.178.134.0/24 maxlen: 24
195.178.135.0/24 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.146.0/24 maxlen: 24
195.178.147.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
212.111.207.0/24 maxlen: 24
212.111.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:dc:76:bb:fe:0f:91:66:42:0c:0b:6d:5a:bb:75:76:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jul 22 22:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8c68d2037ba9f700971e5eb47027868ee9217bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:72:9f:42:e0:75:b3:36:6d:1f:f0:ed:03:
1f:b7:df:4c:c7:76:c1:66:66:a4:8c:0a:e5:2c:b8:
29:22:10:09:7e:32:b4:37:1b:8f:0d:d8:4a:a7:14:
34:88:55:c7:47:94:2f:44:77:cc:86:62:1c:23:71:
ef:59:cd:5b:3e:2a:f9:00:22:ea:f1:d1:23:d6:25:
10:c9:f2:b3:cc:d8:47:d9:93:1f:73:86:2c:c0:0b:
88:de:db:b5:9c:f5:9e:e1:03:6b:3e:3a:40:b0:4e:
ca:49:b7:c2:a3:7b:8a:ac:28:f3:48:52:ee:a0:3d:
7a:34:cf:2d:3f:62:b3:18:76:b9:48:4c:69:96:c2:
c7:b3:be:89:b3:cd:71:e6:1f:47:05:3f:00:a9:30:
82:8d:70:42:e2:b0:f9:d8:1d:39:5a:c4:0d:f9:29:
0c:8b:80:b2:7f:49:f4:f3:f9:00:9d:ac:d5:6b:db:
ef:ea:ac:7e:c9:4b:a4:ad:4a:17:70:e4:c3:c9:98:
ed:0c:ca:92:9c:cc:b8:43:d3:c7:f8:99:c1:4b:ac:
0d:34:a8:b3:23:30:4f:cb:9a:16:3b:cc:65:45:1d:
93:16:d0:a0:fd:73:fe:9c:ac:68:4a:3a:2a:e1:ba:
2f:d8:16:db:34:72:50:16:39:49:66:29:4e:a1:51:
d2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C6:8D:20:37:BA:9F:70:09:71:E5:EB:47:02:78:68:EE:92:17:BB
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/yMaNIDe6n3AJceXrRwJ4aO6SF7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.240.0/23
185.143.56.0/22
195.178.132.0/22
195.178.144.0/22
195.178.152.0/22
212.111.207.0/24
212.111.216.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ba:ec:87:87:63:51:bd:08:81:04:49:cd:c5:f5:bd:b7:0e:
c6:46:bf:fa:fc:b8:48:b0:cb:fc:d2:3a:26:ca:69:9e:31:c1:
aa:70:bb:0a:2d:84:4e:6d:c0:ca:af:72:fb:fc:e9:e0:b9:dd:
2a:82:2c:de:63:9d:c9:0d:9c:17:c7:6a:94:6b:7a:ea:fd:84:
2d:73:1a:ac:d6:c4:67:52:e1:db:f8:29:5f:77:ca:64:fa:95:
12:3c:85:3d:a4:85:ac:ea:1c:7c:35:16:12:df:68:ad:36:94:
a1:d0:e6:38:51:9f:38:eb:81:c5:5b:9e:b9:4f:c2:ff:cd:ad:
5e:0b:12:9b:c1:9d:49:78:1b:a7:2d:e6:35:b4:aa:ce:b1:54:
fe:0d:98:dc:85:ed:82:fa:eb:04:5b:a2:2e:02:bd:60:d0:f9:
b1:ad:25:ed:cb:4b:68:83:9e:59:ed:63:6d:af:ea:ae:96:2c:
6b:bf:7a:66:65:c4:75:6d:89:ee:21:78:d9:a4:55:f2:e3:a4:
8c:14:b2:ae:ff:60:7d:ce:15:ad:85:cb:23:1b:05:0e:5f:d7:
b3:92:6e:d3:98:8c:06:83:85:8d:4e:c8:44:27:be:3b:b6:b8:
c4:b9:23:3c:da:6e:05:51:35:2e:50:9a:65:05:ae:d9:2b:e9:
15:d8:70:4b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZDcdrv+D5FmQgwLbVq7dXYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwNzIyMjIwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM2OGQyMDM3YmE5ZjcwMDk3MWU1ZWI0NzAyNzg2OGVlOTIxN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloZyn0LgdbM2bR/w7QMft99Mx3bB
ZmakjArlLLgpIhAJfjK0NxuPDdhKpxQ0iFXHR5QvRHfMhmIcI3HvWc1bPir5ACLq
8dEj1iUQyfKzzNhH2ZMfc4YswAuI3tu1nPWe4QNrPjpAsE7KSbfCo3uKrCjzSFLu
oD16NM8tP2KzGHa5SExplsLHs76Js81x5h9HBT8AqTCCjXBC4rD52B05WsQN+SkM
i4Cyf0n08/kAnazVa9vv6qx+yUukrUoXcOTDyZjtDMqSnMy4Q9PH+JnBS6wNNKiz
IzBPy5oWO8xlRR2TFtCg/XP+nKxoSjoq4bov2BbbNHJQFjlJZilOoVHSaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMjGjSA3up9wCXHl60cCeGjukhe7MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEveU1hTklEZTZuM0FKY2VYclJ3SjRhTzZTRjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTS/wAwQC
uY84AwQCw7KEAwQCw7KQAwQCw7KYAwQA1G/PAwQA1G/YMA0GCSqGSIb3DQEBCwUA
A4IBAQAduuyHh2NRvQiBBEnNxfW9tw7GRr/6/LhIsMv80jomymmeMcGqcLsKLYRO
bcDKr3L7/Ongud0qgizeY53JDZwXx2qUa3rq/YQtcxqs1sRnUuHb+Clfd8pk+pUS
PIU9pIWs6hx8NRYS32itNpSh0OY4UZ8464HFW565T8L/za1eCxKbwZ1JeBunLeY1
tKrOsVT+DZjche2C+usEW6IuAr1g0PmxrSXty0tog55Z7WNtr+qulixrv3pmZcR1
bYnuIXjZpFXy46SMFLKu/2B9zhWthcsjGwUOX9ezkm7TmIwGg4WNTshEJ747trjE
uSM82m4FUTUuUJplBa7ZK+kV2HBL
-----END CERTIFICATE-----
Generated at Sat Sep 7 20:53:49 2024 by rpki-client on console-fra.rpki-client.org