Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/nX12Kt4EDofoKTznrk_9eJiNBUM.roa
File: nX12Kt4EDofoKTznrk_9eJiNBUM.roa (raw, json)
Hash identifier: NNL+6AzVGUBGreIW83X9AcPS2hGpF4tw11dnrI80ea8=
Subject key identifier: 9D:7D:76:2A:DE:04:0E:87:E8:29:3C:E7:AE:4F:FD:78:98:8D:05:43
Certificate issuer: /CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Certificate serial: 018FE339CFA3D18EB306D29C07DC7B51E179
Authority key identifier: 7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/nX12Kt4EDofoKTznrk_9eJiNBUM.roa
Signing time: Tue 04 Jun 2024 12:29:27 +0000
ROA not before: Tue 04 Jun 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197909
IP address blocks: 94.154.2.0/24 maxlen: 24
185.240.72.0/22 maxlen: 22
193.35.80.0/22 maxlen: 22
2a07:2680::/29 maxlen: 29
2a0c:7580::/29 maxlen: 29
2a0d:6140::/29 maxlen: 29
2a0d:6140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:39:cf:a3:d1:8e:b3:06:d2:9c:07:dc:7b:51:e1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Validity
Not Before: Jun 4 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d7d762ade040e87e8293ce7ae4ffd78988d0543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:99:04:9a:ef:bc:46:65:0e:e6:26:54:de:58:
26:96:2c:79:8e:e5:08:a2:20:71:ed:78:51:eb:ba:
94:b9:2c:d7:ea:9e:41:6c:e7:85:69:b8:d5:d2:5c:
fc:24:14:31:11:d0:8a:35:8f:0e:3e:8e:b3:bb:47:
58:47:81:93:82:ed:58:89:1f:19:d2:28:1e:40:42:
88:7f:2d:7a:48:d8:4b:0b:c9:aa:1a:f5:5a:52:55:
3c:ef:d7:7c:f7:18:38:05:69:c8:a3:82:71:e3:19:
2d:9f:06:b2:09:52:86:e0:dc:0b:d4:98:70:8d:3f:
6c:34:61:dd:12:44:c9:f0:80:8b:40:bf:43:cf:02:
73:83:7d:8d:8d:7f:d7:f8:85:86:5c:99:72:c7:59:
60:43:87:c9:58:4f:84:c1:7d:e5:ce:8e:18:06:d6:
ea:78:f9:6c:83:8e:85:59:55:ab:7b:d0:2a:13:23:
36:15:0c:2c:fd:93:7c:52:6a:4e:d3:7b:60:a4:82:
26:c5:b9:de:f9:32:d7:c4:2e:29:97:b7:fc:1a:8b:
03:c7:b8:9d:35:68:cc:7a:86:3e:f6:7d:e6:65:c0:
e8:ea:58:ba:4f:5d:f4:46:56:26:ed:64:72:11:a8:
9d:97:5c:84:78:96:cf:8e:98:35:76:13:d5:ae:c7:
b9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7D:76:2A:DE:04:0E:87:E8:29:3C:E7:AE:4F:FD:78:98:8D:05:43
X509v3 Authority Key Identifier:
keyid:7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/nX12Kt4EDofoKTznrk_9eJiNBUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.2.0/24
185.240.72.0/22
193.35.80.0/22
IPv6:
2a07:2680::/29
2a0c:7580::/29
2a0d:6140::/29
Signature Algorithm: sha256WithRSAEncryption
5e:dc:bf:6a:60:81:b2:d9:eb:c1:32:64:60:01:66:e7:f4:13:
ef:17:e7:ef:36:7c:c0:b7:59:54:a4:2c:ce:e9:4c:d7:db:19:
27:9f:3f:aa:7e:6c:3f:4c:11:ea:bc:e9:60:ef:b5:b0:a3:ab:
84:08:4b:d6:af:76:86:17:02:e8:87:fb:11:bc:20:71:58:b8:
99:1a:89:22:de:b5:59:78:ba:ba:84:07:ed:e0:a5:df:18:c7:
7d:dd:fb:21:46:67:46:ae:be:40:1f:7f:34:75:0e:e3:01:6a:
8d:bc:1e:7b:94:7d:ec:3d:de:1e:b4:dd:27:a7:20:46:32:86:
e0:9b:e0:11:c7:98:52:da:09:6f:c9:11:dc:71:05:14:4d:f3:
04:8c:d8:3e:34:13:70:38:94:fc:4c:b2:11:92:a5:44:28:1f:
3b:6c:d7:3c:50:47:81:e6:46:66:23:85:d9:13:f7:5b:5d:0e:
a0:dd:7f:19:6d:e0:2c:b6:97:68:9a:e7:58:e4:f4:60:b1:1d:
44:ea:8f:78:3d:3a:a3:77:2c:ba:d8:72:ef:4b:dd:94:89:bd:
3c:68:c7:77:20:51:dd:83:45:67:23:84:65:bb:f7:8f:ce:9a:
34:49:0c:6c:0b:b4:a1:a0:b0:15:72:66:74:b9:25:2b:c7:2e:
91:6c:da:0b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY/jOc+j0Y6zBtKcB9x7UeF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTZlOWQ1N2VmZGFjZDNmN2JjN2U5ODQ5NmI3MTlmYWRj
NWFlNDgwHhcNMjQwNjA0MTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdkNzYyYWRlMDQwZTg3ZTgyOTNjZTdhZTRmZmQ3ODk4OGQwNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5kEmu+8RmUO5iZU3lgmlix5juUI
oiBx7XhR67qUuSzX6p5BbOeFabjV0lz8JBQxEdCKNY8OPo6zu0dYR4GTgu1YiR8Z
0igeQEKIfy16SNhLC8mqGvVaUlU879d89xg4BWnIo4Jx4xktnwayCVKG4NwL1Jhw
jT9sNGHdEkTJ8ICLQL9DzwJzg32NjX/X+IWGXJlyx1lgQ4fJWE+EwX3lzo4YBtbq
ePlsg46FWVWre9AqEyM2FQws/ZN8UmpO03tgpIImxbne+TLXxC4pl7f8GosDx7id
NWjMeoY+9n3mZcDo6li6T130RlYm7WRyEaidl1yEeJbPjpg1dhPVrse5twIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJ19direBA6H6Ck8565P/XiYjQVDMB8GA1UdIwQY
MBaAFHwW6dV+/azT97x+mElrcZ+txa5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2Et
YjhhMjMyZWZmMmY2LzEvblgxMkt0NEVEb2ZvS1R6bnJrXzllSmlOQlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2EtYjhhMjMyZWZmMmY2
LzEvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAXpoCAwQC
ufBIAwQCwSNQMBsEAgACMBUDBQMqByaAAwUDKgx1gAMFAyoNYUAwDQYJKoZIhvcN
AQELBQADggEBAF7cv2pggbLZ68EyZGABZuf0E+8X5+82fMC3WVSkLM7pTNfbGSef
P6p+bD9MEeq86WDvtbCjq4QIS9avdoYXAuiH+xG8IHFYuJkaiSLetVl4urqEB+3g
pd8Yx33d+yFGZ0auvkAffzR1DuMBao28HnuUfew93h603SenIEYyhuCb4BHHmFLa
CW/JEdxxBRRN8wSM2D40E3A4lPxMshGSpUQoHzts1zxQR4HmRmYjhdkT91tdDqDd
fxlt4Cy2l2ia51jk9GCxHUTqj3g9OqN3LLrYcu9L3ZSJvTxox3cgUd2DRWcjhGW7
94/OmjRJDGwLtKGgsBVyZnS5JSvHLpFs2gs=
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:39:48 2024 by rpki-client on console-fra.rpki-client.org