Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/0iJOHpJ_VlD9742GoqFt9wqCZA8.roa
File: 0iJOHpJ_VlD9742GoqFt9wqCZA8.roa (raw, json)
Hash identifier: sTNyWR913d0IEWzO/0bKgo3E5kWYhETNSJkhoNtVgos=
Subject key identifier: D2:22:4E:1E:92:7F:56:50:FD:EF:8D:86:A2:A1:6D:F7:0A:82:64:0F
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9C3030DF1FD5E533F3ACCAC35E0E567
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/0iJOHpJ_VlD9742GoqFt9wqCZA8.roa
Signing time: Mon 08 Jan 2024 15:48:40 +0000
ROA not before: Mon 08 Jan 2024 15:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49857
IP address blocks: 87.229.101.0/24 maxlen: 24
87.229.119.0/24 maxlen: 24
178.238.216.0/24 maxlen: 24
178.238.217.0/24 maxlen: 24
2a02:730:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:c3:03:0d:f1:fd:5e:53:3f:3a:cc:ac:35:e0:e5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2224e1e927f5650fdef8d86a2a16df70a82640f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:79:ea:65:5e:8a:01:68:85:cc:28:50:32:e0:
36:96:91:73:24:cf:46:94:31:09:b6:32:32:de:0d:
64:e2:16:46:ff:84:fa:6d:2b:d6:81:42:8a:af:cf:
13:b1:33:19:0a:ac:2f:70:db:1d:2c:1d:a8:fa:d4:
cd:2f:0a:be:4d:0e:a6:eb:c9:9e:14:43:5f:14:fc:
a2:2e:f0:ce:6c:77:8b:94:09:b1:fb:2a:6e:ce:aa:
a4:41:f2:e9:27:39:07:40:6f:3b:b6:24:ae:7b:72:
b1:8e:54:f1:1a:5c:ee:fd:6e:2d:9f:39:2b:f7:ef:
c7:47:1c:97:b1:cc:48:de:e0:b1:da:34:18:6a:fb:
db:34:7e:89:6f:f6:8b:be:1f:86:eb:11:d4:ef:db:
53:1e:cd:64:99:25:fb:19:da:0c:b1:ab:72:26:62:
48:ce:a8:0d:31:03:aa:fb:1a:df:27:1c:e0:d5:67:
c5:92:9f:10:df:b9:48:3f:66:9e:e1:1b:c7:65:b3:
e3:03:77:ee:c8:6e:7c:d5:f1:0f:19:30:67:ac:4e:
06:f4:f1:15:ef:08:83:6b:32:3d:1d:5b:23:d2:b5:
c8:45:67:02:6f:71:ed:18:5f:1f:c6:7c:97:b0:f4:
82:27:d0:03:28:ce:a7:29:c9:5f:bb:54:7b:6c:dc:
0d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:22:4E:1E:92:7F:56:50:FD:EF:8D:86:A2:A1:6D:F7:0A:82:64:0F
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/0iJOHpJ_VlD9742GoqFt9wqCZA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.101.0/24
87.229.119.0/24
178.238.216.0/23
IPv6:
2a02:730:5000::/48
Signature Algorithm: sha256WithRSAEncryption
43:1a:c0:c0:58:52:10:3a:0f:d6:aa:6f:80:a8:50:74:a5:40:
8a:f2:a7:b0:42:6c:73:16:8f:c0:4a:ce:5f:26:3c:c1:2a:1a:
5c:55:31:88:a5:9a:83:64:eb:5f:0d:08:2e:d7:bd:c5:2e:57:
9d:dd:7b:e5:05:59:5b:c3:12:93:2a:f2:0d:7f:16:a6:a4:d2:
5c:bf:50:6c:5f:73:fe:d2:30:be:e9:5d:c1:ca:2f:4b:9f:a7:
fd:9c:78:c9:19:12:c4:36:07:12:40:bd:f1:39:c5:e9:db:eb:
04:8e:42:b4:97:b7:df:0b:0d:90:a5:20:92:e0:e2:e3:2b:e7:
3e:cf:58:a7:b6:b8:6b:f9:d1:b1:1e:5e:f5:1e:e0:e7:7e:2a:
8b:12:80:8c:d8:68:37:d6:3d:60:01:22:8c:bb:0e:16:db:50:
62:de:64:25:65:43:c8:8c:ec:56:da:53:f7:18:72:74:e3:8f:
e8:0e:20:78:72:02:4e:78:d4:6b:b7:16:80:28:1e:f8:8c:b5:
f3:55:3c:22:7b:14:9b:ae:68:9f:ba:b4:ba:0a:1d:87:f6:a9:
9b:33:2f:8d:2f:a0:fb:10:04:a0:8c:a1:e6:c8:b4:cb:74:c6:
15:28:dd:53:52:c9:bd:7b:05:9e:63:39:4c:10:c5:b4:99:b8:
28:da:1e:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzpwwMN8f1eUz86zKw14OVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTU0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIyNGUxZTkyN2Y1NjUwZmRlZjhkODZhMmExNmRmNzBhODI2NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3nqZV6KAWiFzChQMuA2lpFzJM9G
lDEJtjIy3g1k4hZG/4T6bSvWgUKKr88TsTMZCqwvcNsdLB2o+tTNLwq+TQ6m68me
FENfFPyiLvDObHeLlAmx+ypuzqqkQfLpJzkHQG87tiSue3KxjlTxGlzu/W4tnzkr
9+/HRxyXscxI3uCx2jQYavvbNH6Jb/aLvh+G6xHU79tTHs1kmSX7GdoMsatyJmJI
zqgNMQOq+xrfJxzg1WfFkp8Q37lIP2ae4RvHZbPjA3fuyG581fEPGTBnrE4G9PEV
7wiDazI9HVsj0rXIRWcCb3HtGF8fxnyXsPSCJ9ADKM6nKclfu1R7bNwNEQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNIiTh6Sf1ZQ/e+NhqKhbfcKgmQPMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvMGlKT0hwSl9WbEQ5NzQyR29xRnQ5d3FDWkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAV+VlAwQA
V+V3AwQBsu7YMA8EAgACMAkDBwAqAgcwUAAwDQYJKoZIhvcNAQELBQADggEBAEMa
wMBYUhA6D9aqb4CoUHSlQIryp7BCbHMWj8BKzl8mPMEqGlxVMYilmoNk618NCC7X
vcUuV53de+UFWVvDEpMq8g1/Fqak0ly/UGxfc/7SML7pXcHKL0ufp/2ceMkZEsQ2
BxJAvfE5xenb6wSOQrSXt98LDZClIJLg4uMr5z7PWKe2uGv50bEeXvUe4Od+KosS
gIzYaDfWPWABIoy7DhbbUGLeZCVlQ8iM7FbaU/cYcnTjj+gOIHhyAk541Gu3FoAo
HviMtfNVPCJ7FJuuaJ+6tLoKHYf2qZszL40voPsQBKCMoebItMt0xhUo3VNSyb17
BZ5jOUwQxbSZuCjaHpw=
-----END CERTIFICATE-----
Generated at Sun Jun 2 17:12:36 2024 by rpki-client on console-fra.rpki-client.org