Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/PU7Cjsp5stBJ1q7DqyCyhgKYgP4.roa
File: PU7Cjsp5stBJ1q7DqyCyhgKYgP4.roa (raw, json)
Hash identifier: lIcLDAziM0ONcWKsRUc2f4GjVrQSAK/c7AUuhpzF+f4=
Subject key identifier: 3D:4E:C2:8E:CA:79:B2:D0:49:D6:AE:C3:AB:20:B2:86:02:98:80:FE
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 018CC8DD96531554AB3E7BA4D6642D1A7302
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/PU7Cjsp5stBJ1q7DqyCyhgKYgP4.roa
Signing time: Tue 02 Jan 2024 06:30:14 +0000
ROA not before: Tue 02 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42187
IP address blocks: 185.33.120.0/22 maxlen: 22
94.127.94.0/24 maxlen: 24
94.127.92.0/24 maxlen: 24
78.41.88.0/22 maxlen: 22
78.41.92.0/22 maxlen: 24
91.190.232.0/22 maxlen: 24
94.127.88.0/22 maxlen: 24
2a01:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 12:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:96:53:15:54:ab:3e:7b:a4:d6:64:2d:1a:73:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: Jan 2 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d4ec28eca79b2d049d6aec3ab20b286029880fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:c7:5f:1e:eb:e0:62:b1:47:ca:5f:84:51:
b6:ec:2d:cd:1f:f1:24:ea:3f:ad:1e:a6:31:01:00:
46:be:63:f5:2a:ea:7c:d6:a2:56:d6:4e:f6:04:59:
96:ea:3c:04:c2:66:07:d6:7e:80:e1:c6:f2:b7:a9:
51:57:c0:b4:6c:95:60:0e:05:7f:25:04:28:da:37:
6b:5d:47:f0:ee:ca:28:f5:b4:a1:56:c8:43:65:19:
ae:65:01:b3:a8:d0:00:f4:5b:d5:f6:c6:20:4f:47:
b7:38:72:fe:d5:03:a9:ff:35:b8:9c:c4:be:58:0a:
06:c5:11:91:75:2b:a1:a7:35:a4:f6:dd:e0:ef:c5:
ae:0f:50:63:c1:28:9f:9c:cc:27:93:46:34:ca:30:
e6:12:06:06:78:db:1f:0a:bc:ac:18:ca:34:d9:8c:
6c:d1:08:d5:d7:36:a0:3a:e4:5f:a3:bf:f3:2e:50:
46:05:26:41:a3:af:26:e6:d5:85:e3:75:84:5f:1e:
c5:66:79:8e:2a:13:47:dd:75:ef:8f:cb:89:6c:13:
de:0c:d9:3f:4f:ba:95:19:7e:e1:7d:a1:bb:ca:36:
75:a3:7e:20:4b:d5:0b:d2:83:63:75:06:f7:09:48:
da:6d:77:a1:d8:de:9c:05:54:c8:cc:24:80:80:c5:
16:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4E:C2:8E:CA:79:B2:D0:49:D6:AE:C3:AB:20:B2:86:02:98:80:FE
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/PU7Cjsp5stBJ1q7DqyCyhgKYgP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.88.0/21
91.190.232.0/22
94.127.88.0-94.127.92.255
94.127.94.0/24
185.33.120.0/22
IPv6:
2a01:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
56:00:fa:26:7a:4e:4c:24:2a:89:aa:5a:f8:87:04:39:a9:95:
b1:58:44:2d:09:3e:04:be:75:89:f4:86:22:42:80:12:b1:a1:
38:fc:a4:77:46:2e:69:89:52:41:bf:2b:6a:56:0c:f6:a0:6a:
99:2a:31:0c:1f:ee:01:f5:14:d6:c5:a6:34:09:93:1e:52:ee:
95:c6:96:12:9b:9e:7a:0f:59:66:d6:c2:93:3e:c5:17:7a:2e:
4c:53:bb:ff:12:57:bb:d8:95:e3:ca:98:bc:59:d0:d3:40:d0:
fa:fd:58:8a:4f:ad:19:55:c0:9e:d8:01:90:67:de:bd:c0:dc:
a9:66:75:43:65:2c:40:00:bf:c6:44:b9:f9:56:ea:a8:4e:62:
2e:18:07:db:06:e9:4d:e3:b7:b6:c1:89:01:a9:ad:37:ea:16:
50:f0:9c:92:d0:6c:6d:9e:4f:cb:9b:e6:54:30:e1:84:1e:e5:
a1:a9:2a:5a:ea:00:05:e0:ad:3c:70:68:d5:32:0d:e6:9b:22:
bd:c0:6a:82:68:49:fd:bb:e0:ee:02:f4:e1:67:cc:cc:47:38:
6f:a7:de:24:21:b2:ab:4e:5f:bd:c7:ce:4c:53:a8:4a:90:e5:
8e:de:cd:b7:13:17:71:f6:85:16:6c:3c:9e:00:a7:9d:a2:38:
11:64:f9:a6
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzI3ZZTFVSrPnuk1mQtGnMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTFmYTVlZmYzNzBiYzM2ZDBlMzkyOTYyNWUzNDE0MDgx
YTIzOTIwHhcNMjQwMTAyMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRlYzI4ZWNhNzliMmQwNDlkNmFlYzNhYjIwYjI4NjAyOTg4MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshjHXx7r4GKxR8pfhFG27C3NH/Ek
6j+tHqYxAQBGvmP1Kup81qJW1k72BFmW6jwEwmYH1n6A4cbyt6lRV8C0bJVgDgV/
JQQo2jdrXUfw7soo9bShVshDZRmuZQGzqNAA9FvV9sYgT0e3OHL+1QOp/zW4nMS+
WAoGxRGRdSuhpzWk9t3g78WuD1BjwSifnMwnk0Y0yjDmEgYGeNsfCrysGMo02Yxs
0QjV1zagOuRfo7/zLlBGBSZBo68m5tWF43WEXx7FZnmOKhNH3XXvj8uJbBPeDNk/
T7qVGX7hfaG7yjZ1o34gS9UL0oNjdQb3CUjabXeh2N6cBVTIzCSAgMUWEwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFD1Owo7KebLQSdauw6sgsoYCmID+MB8GA1UdIwQY
MBaAFPgR+l7/NwvDbQ45KWJeNBQIGiOSMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CSDZYdjgzQzhOdERqa3BZbDQwRkFnYUk1SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIx
LTFjYzUwNTUwMWEwZi8xL1BVN0Nqc3A1c3RCSjFxN0RxeUN5aGdLWWdQNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIxLTFjYzUwNTUwMWEw
Zi8xLzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYDBANOKVgD
BAJbvugwDAMEA15/WAMEAF5/XAMEAF5/XgMEArkheDANBAIAAjAHAwUAKgGfADAN
BgkqhkiG9w0BAQsFAAOCAQEAVgD6JnpOTCQqiapa+IcEOamVsVhELQk+BL51ifSG
IkKAErGhOPykd0YuaYlSQb8ralYM9qBqmSoxDB/uAfUU1sWmNAmTHlLulcaWEpue
eg9ZZtbCkz7FF3ouTFO7/xJXu9iV48qYvFnQ00DQ+v1Yik+tGVXAntgBkGfevcDc
qWZ1Q2UsQAC/xkS5+VbqqE5iLhgH2wbpTeO3tsGJAamtN+oWUPCcktBsbZ5Py5vm
VDDhhB7loakqWuoABeCtPHBo1TIN5psivcBqgmhJ/bvg7gL04WfMzEc4b6feJCGy
q05fvcfOTFOoSpDljt7NtxMXcfaFFmw8ngCnnaI4EWT5pg==
-----END CERTIFICATE-----
Generated at Thu May 30 16:22:38 2024 by rpki-client on console-ams.rpki-client.org