Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/NjhlFr0RVXaaYiNQ-r70AgmROVU.roa
File: NjhlFr0RVXaaYiNQ-r70AgmROVU.roa (raw, json)
Hash identifier: guslHmUaHHQwTBqHZpD1VcYAoZwr/KKF/hZWN/3RPHE=
Subject key identifier: 36:38:65:16:BD:11:55:76:9A:62:23:50:FA:BE:F4:02:09:91:39:55
Certificate issuer: /CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Certificate serial: 018CE83D1C673A799B397108AF16F5139198
Authority key identifier: 1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/NjhlFr0RVXaaYiNQ-r70AgmROVU.roa
Signing time: Mon 08 Jan 2024 08:42:48 +0000
ROA not before: Mon 08 Jan 2024 08:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8788
IP address blocks: 193.138.87.0/24 maxlen: 24
212.26.128.0/19 maxlen: 19
178.211.96.0/19 maxlen: 20
178.211.112.0/20 maxlen: 20
212.80.32.0/19 maxlen: 20
194.32.109.0/24 maxlen: 24
194.32.110.0/24 maxlen: 24
194.32.108.0/24 maxlen: 24
194.32.108.0/23 maxlen: 23
212.26.140.0/24 maxlen: 24
2a00:e780::/32 maxlen: 32
2a00:e780:a0::/48 maxlen: 48
2a00:e780:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.mft
rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:3d:1c:67:3a:79:9b:39:71:08:af:16:f5:13:91:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Validity
Not Before: Jan 8 08:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36386516bd1155769a622350fabef40209913955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:c5:d4:66:b0:4f:51:00:e7:88:84:29:30:
86:6f:00:cd:f2:6b:31:68:9e:e2:52:56:f3:4f:e7:
d9:60:b0:ca:06:7a:54:09:22:2b:75:ae:4a:de:71:
50:d3:4a:ac:5f:4b:51:11:29:77:0f:4b:5a:fe:ed:
d9:02:48:ac:38:e1:6e:16:12:b7:df:16:df:88:64:
91:5e:67:1c:85:45:ec:96:bf:19:fe:ef:f0:6a:4a:
03:67:2a:77:76:2e:48:bf:c8:1b:d2:32:8c:ba:3b:
de:80:df:7c:aa:b6:df:66:68:4a:1a:84:1a:84:0c:
53:63:20:e9:45:96:35:2e:da:12:9a:05:8b:06:09:
72:d4:4b:c5:6c:dc:9a:16:30:d9:77:be:5e:5b:f9:
84:d1:e1:60:f3:1d:8c:66:c2:43:04:ce:22:b6:9c:
00:31:e0:de:7d:c7:21:92:0c:d4:fa:e1:ac:5c:58:
07:c7:f2:43:56:ec:59:d2:64:5a:9c:bb:12:ac:17:
1a:6a:7a:a4:2b:61:55:1f:ae:aa:6d:aa:55:4e:bb:
25:8f:d7:1f:88:d2:58:cc:80:ec:cf:aa:46:45:9d:
6a:b1:71:d7:ed:ee:06:c7:10:e2:de:81:7e:30:54:
38:ac:16:d0:ac:78:25:c8:15:1b:08:e6:13:42:9e:
2e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:38:65:16:BD:11:55:76:9A:62:23:50:FA:BE:F4:02:09:91:39:55
X509v3 Authority Key Identifier:
keyid:1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/NjhlFr0RVXaaYiNQ-r70AgmROVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.96.0/19
193.138.87.0/24
194.32.108.0-194.32.110.255
212.26.128.0/19
212.80.32.0/19
IPv6:
2a00:e780::/32
Signature Algorithm: sha256WithRSAEncryption
2e:6f:28:80:5e:b0:c9:88:37:76:7f:6b:89:3f:f9:6a:b4:d7:
69:7d:29:65:00:a1:7f:e7:ac:c0:d3:87:90:74:5c:65:c9:13:
bc:a5:93:7a:ab:23:a5:37:56:07:25:6a:d2:0d:75:20:64:5a:
a7:ad:22:13:04:77:8f:f7:e4:67:38:a4:80:6d:fa:97:f1:3a:
ab:57:7a:ed:9b:f6:c8:4a:16:e1:20:71:7a:e7:b7:8a:af:b7:
ca:60:38:72:ec:e0:0a:e1:91:c0:01:9f:5e:8f:f1:f4:0d:ba:
45:a7:8f:03:2f:0f:56:f3:98:dd:2d:f1:6c:93:3c:cf:47:7b:
9e:9f:ca:39:21:5c:e8:4e:34:a6:7f:f4:83:dc:7e:c2:ae:01:
b5:33:21:cc:7f:a8:ad:0e:61:40:18:7b:49:57:7f:b6:7e:11:
79:b4:d1:c4:7d:9d:b5:f4:7a:07:b3:78:17:75:7a:82:66:a2:
86:78:5a:4b:45:c5:b2:ec:b9:83:f4:51:4f:78:87:79:e2:52:
70:5e:5d:bd:53:06:10:89:dc:07:41:4c:06:9d:8c:f0:47:9e:
e3:ed:90:f2:17:1b:c4:b9:b4:b2:a2:3b:23:13:9e:8e:09:54:
d0:71:f5:6c:a5:b2:d0:d7:95:4e:5a:a5:e9:28:8a:a1:12:bb:
01:37:dd:e1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzoPRxnOnmbOXEIrxb1E5GYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTE5YzkyZTk2Njc3ZjVmOTZmNjhmMWNhMGFhZDlmYTMx
MWViNDUwHhcNMjQwMTA4MDg0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM4NjUxNmJkMTE1NTc2OWE2MjIzNTBmYWJlZjQwMjA5OTEzOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+fF1GawT1EA54iEKTCGbwDN8msx
aJ7iUlbzT+fZYLDKBnpUCSIrda5K3nFQ00qsX0tRESl3D0ta/u3ZAkisOOFuFhK3
3xbfiGSRXmcchUXslr8Z/u/wakoDZyp3di5Iv8gb0jKMujvegN98qrbfZmhKGoQa
hAxTYyDpRZY1LtoSmgWLBgly1EvFbNyaFjDZd75eW/mE0eFg8x2MZsJDBM4itpwA
MeDefcchkgzU+uGsXFgHx/JDVuxZ0mRanLsSrBcaanqkK2FVH66qbapVTrslj9cf
iNJYzIDsz6pGRZ1qsXHX7e4GxxDi3oF+MFQ4rBbQrHglyBUbCOYTQp4u0QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDY4ZRa9EVV2mmIjUPq+9AIJkTlVMB8GA1UdIwQY
MBaAFBqhnJLpZnf1+W9o8coKrZ+jEetFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMt
NGFkMGFiZWMyNzVlLzEvTmpobEZyMFJWWGFhWWlOUS1yNzBBZ21ST1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMtNGFkMGFiZWMyNzVl
LzEvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFstNgAwQA
wYpXMAwDBALCIGwDBADCIG4DBAXUGoADBAXUUCAwDQQCAAIwBwMFACoA54AwDQYJ
KoZIhvcNAQELBQADggEBAC5vKIBesMmIN3Z/a4k/+Wq012l9KWUAoX/nrMDTh5B0
XGXJE7ylk3qrI6U3VgclatINdSBkWqetIhMEd4/35Gc4pIBt+pfxOqtXeu2b9shK
FuEgcXrnt4qvt8pgOHLs4ArhkcABn16P8fQNukWnjwMvD1bzmN0t8WyTPM9He56f
yjkhXOhONKZ/9IPcfsKuAbUzIcx/qK0OYUAYe0lXf7Z+EXm00cR9nbX0egezeBd1
eoJmooZ4WktFxbLsuYP0UU94h3niUnBeXb1TBhCJ3AdBTAadjPBHnuPtkPIXG8S5
tLKiOyMTno4JVNBx9WylstDXlU5apekoiqESuwE33eE=
-----END CERTIFICATE-----
Generated at Sat May 11 21:03:30 2024 by rpki-client on console-fra.rpki-client.org