Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/Pyk399Xz0rAasffMfldhfQgcMus.roa
File: Pyk399Xz0rAasffMfldhfQgcMus.roa (raw, json)
Hash identifier: 7DJc2u4jeLYSpH86O972xYJtONSDKSbxvcohVVUhqWU=
Subject key identifier: 3F:29:37:F7:D5:F3:D2:B0:1A:B1:F7:CC:7E:57:61:7D:08:1C:32:EB
Certificate issuer: /CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Certificate serial: 018FE339CF3A0C1B74BCB71BDBAAB0877C87
Authority key identifier: 7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/Pyk399Xz0rAasffMfldhfQgcMus.roa
Signing time: Tue 04 Jun 2024 12:29:27 +0000
ROA not before: Tue 04 Jun 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8823
IP address blocks: 94.154.2.0/24 maxlen: 24
185.240.72.0/22 maxlen: 22
193.35.80.0/22 maxlen: 22
2a07:2680::/29 maxlen: 29
2a0c:7580::/29 maxlen: 29
2a0d:6140::/29 maxlen: 29
2a0d:6140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:39:cf:3a:0c:1b:74:bc:b7:1b:db:aa:b0:87:7c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Validity
Not Before: Jun 4 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f2937f7d5f3d2b01ab1f7cc7e57617d081c32eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d7:2b:9c:ff:db:ff:d1:79:4e:52:1c:3f:6b:
17:cd:f9:03:ef:c1:f6:2c:26:83:6d:f2:83:57:cd:
3a:f3:a4:72:02:5c:65:79:2f:bd:44:20:ba:9e:65:
3b:21:e0:b0:e2:6d:26:91:43:4e:b2:fd:49:d7:85:
ea:bc:9e:bd:4f:c1:98:b6:e7:d8:db:c4:4b:0d:13:
0b:d3:99:5f:15:20:fa:12:ec:ee:6e:59:ee:2b:34:
43:62:f3:f3:0d:ec:e2:ac:97:11:b7:61:69:e6:8c:
a8:5e:af:c8:d2:47:fe:4e:16:62:31:7b:e8:b5:a1:
ac:d8:5d:77:cf:50:95:12:58:63:13:2a:b7:d4:68:
8a:c5:e8:6b:98:78:e8:be:35:7f:6d:7c:da:97:20:
f1:0f:3d:1b:ec:3d:26:9a:4c:07:75:be:e6:80:53:
ef:1d:37:46:2c:07:f6:73:ad:cc:19:8f:7e:1e:62:
9d:21:ca:c6:9d:d5:b7:f2:37:3d:31:e2:df:51:56:
56:79:93:6b:80:54:6a:3a:3c:e1:67:74:99:78:82:
ea:c0:d4:a9:38:87:a7:85:76:02:ea:0a:a5:a0:6c:
3f:e9:d5:ab:aa:cd:57:5c:ad:c1:1a:8d:82:47:dc:
92:1c:65:5e:ba:72:1d:75:4b:4b:fe:84:19:d8:ed:
54:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:29:37:F7:D5:F3:D2:B0:1A:B1:F7:CC:7E:57:61:7D:08:1C:32:EB
X509v3 Authority Key Identifier:
keyid:7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/Pyk399Xz0rAasffMfldhfQgcMus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.2.0/24
185.240.72.0/22
193.35.80.0/22
IPv6:
2a07:2680::/29
2a0c:7580::/29
2a0d:6140::/29
Signature Algorithm: sha256WithRSAEncryption
39:75:c0:60:e4:10:52:37:cb:1e:76:04:f0:45:c5:a1:88:7b:
bb:16:93:74:f9:81:9f:5a:a1:89:a8:57:e2:3e:fe:cd:8a:37:
d2:6d:69:fe:65:e0:8e:18:ad:76:0d:e7:9a:97:63:b5:b0:62:
26:2f:e7:92:df:33:a4:d0:5c:8d:c2:63:8a:a9:ee:0a:00:22:
a3:81:c3:8f:1d:9d:7d:d8:17:5e:b1:30:3e:ef:7d:c5:e6:82:
43:9b:33:91:7e:e1:2b:63:7b:4f:ed:dc:ee:ab:c7:5f:d7:ce:
fd:32:96:62:77:dd:7a:70:09:90:75:bc:8b:0e:f0:7f:30:68:
d9:49:a1:91:e4:03:1e:d6:fa:de:72:a0:f7:63:57:31:6e:9f:
c6:97:e6:3c:02:6a:99:53:8f:20:73:be:a4:e4:7b:20:cf:59:
3c:2d:0b:4c:26:3f:fb:72:ab:63:0e:15:64:d9:14:d6:ac:72:
e0:9f:ac:ea:f4:0c:7d:9a:7e:dc:e2:0c:05:0b:b2:f6:e5:85:
ae:b6:6a:ae:a6:25:e2:bd:c1:de:fd:c1:72:ac:82:8c:88:41:
3b:57:db:69:8c:02:ba:9f:4c:e7:1e:0e:2c:75:6f:84:61:c6:
6e:49:99:42:1f:ce:e9:85:40:ca:21:68:b5:c9:a0:8d:20:e3:
7b:e8:ef:6b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY/jOc86DBt0vLcb26qwh3yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTZlOWQ1N2VmZGFjZDNmN2JjN2U5ODQ5NmI3MTlmYWRj
NWFlNDgwHhcNMjQwNjA0MTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI5MzdmN2Q1ZjNkMmIwMWFiMWY3Y2M3ZTU3NjE3ZDA4MWMzMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NcrnP/b/9F5TlIcP2sXzfkD78H2
LCaDbfKDV80686RyAlxleS+9RCC6nmU7IeCw4m0mkUNOsv1J14XqvJ69T8GYtufY
28RLDRML05lfFSD6EuzublnuKzRDYvPzDezirJcRt2Fp5oyoXq/I0kf+ThZiMXvo
taGs2F13z1CVElhjEyq31GiKxehrmHjovjV/bXzalyDxDz0b7D0mmkwHdb7mgFPv
HTdGLAf2c63MGY9+HmKdIcrGndW38jc9MeLfUVZWeZNrgFRqOjzhZ3SZeILqwNSp
OIenhXYC6gqloGw/6dWrqs1XXK3BGo2CR9ySHGVeunIddUtL/oQZ2O1UaQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFD8pN/fV89KwGrH3zH5XYX0IHDLrMB8GA1UdIwQY
MBaAFHwW6dV+/azT97x+mElrcZ+txa5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2Et
YjhhMjMyZWZmMmY2LzEvUHlrMzk5WHowckFhc2ZmTWZsZGhmUWdjTXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2EtYjhhMjMyZWZmMmY2
LzEvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAXpoCAwQC
ufBIAwQCwSNQMBsEAgACMBUDBQMqByaAAwUDKgx1gAMFAyoNYUAwDQYJKoZIhvcN
AQELBQADggEBADl1wGDkEFI3yx52BPBFxaGIe7sWk3T5gZ9aoYmoV+I+/s2KN9Jt
af5l4I4YrXYN55qXY7WwYiYv55LfM6TQXI3CY4qp7goAIqOBw48dnX3YF16xMD7v
fcXmgkObM5F+4Stje0/t3O6rx1/Xzv0ylmJ33XpwCZB1vIsO8H8waNlJoZHkAx7W
+t5yoPdjVzFun8aX5jwCaplTjyBzvqTkeyDPWTwtC0wmP/tyq2MOFWTZFNascuCf
rOr0DH2aftziDAULsvblha62aq6mJeK9wd79wXKsgoyIQTtX22mMArqfTOceDix1
b4Rhxm5JmUIfzumFQMohaLXJoI0g43vo72s=
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:10:28 2024 by rpki-client on console-fra.rpki-client.org