Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/t9Ri819u5dI86ui2GJXJh_Sj8Uo.roa
File: t9Ri819u5dI86ui2GJXJh_Sj8Uo.roa (raw, json)
Hash identifier: LlnaM2eewPrfzYvN/+w1IdiJb5UVY65ehSkSI+PqaWk=
Subject key identifier: B7:D4:62:F3:5F:6E:E5:D2:3C:EA:E8:B6:18:95:C9:87:F4:A3:F1:4A
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 018CC56E676E3A049DCD9789A6006642E931
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/t9Ri819u5dI86ui2GJXJh_Sj8Uo.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34683
IP address blocks: 195.137.228.0/23 maxlen: 23
212.24.192.0/19 maxlen: 19
212.24.193.0/24 maxlen: 24
185.69.216.0/22 maxlen: 22
87.254.96.0/19 maxlen: 19
2001:1698::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:67:6e:3a:04:9d:cd:97:89:a6:00:66:42:e9:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d462f35f6ee5d23ceae8b61895c987f4a3f14a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:45:a1:18:08:8e:91:6e:84:c4:ea:d8:6c:
4b:21:d6:5a:26:53:44:ec:b3:be:3f:cb:65:1a:65:
e0:91:ec:6a:c4:eb:8d:af:01:2a:45:5a:31:23:c3:
15:d1:e9:59:42:5b:38:5b:cf:63:bd:10:92:81:f4:
36:58:64:83:15:06:b5:28:3b:b3:e3:e0:aa:ca:e7:
1d:83:a5:eb:e5:c0:31:01:f0:8b:07:2c:8d:82:ef:
a5:58:2a:b8:7e:53:ea:34:81:8c:74:e2:0f:49:dc:
0c:7c:14:46:e4:3c:70:72:bc:f8:12:4e:19:e8:1f:
0d:64:e6:9b:78:43:af:42:f6:f8:01:c0:13:ac:5b:
6d:74:4e:96:f9:0a:4b:21:24:da:15:e1:ad:3c:42:
39:39:68:89:1b:68:4b:b1:4a:dc:59:eb:31:d8:42:
aa:ba:99:07:3f:97:6f:bc:1f:70:34:48:f7:cb:6e:
f9:9d:d2:16:44:eb:ca:68:d2:62:ef:0e:23:c9:80:
60:0f:4e:ed:4f:c5:6f:94:fa:f6:f5:39:45:ec:ef:
66:73:db:40:0b:9d:bc:76:41:fc:8f:85:34:cf:e4:
fd:71:0a:05:e7:d2:80:23:14:4b:10:bf:16:d4:fc:
0e:6e:58:64:04:98:f7:db:96:7e:93:6b:f5:13:b6:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D4:62:F3:5F:6E:E5:D2:3C:EA:E8:B6:18:95:C9:87:F4:A3:F1:4A
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/t9Ri819u5dI86ui2GJXJh_Sj8Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
IPv6:
2001:1698::/32
Signature Algorithm: sha256WithRSAEncryption
15:61:88:da:23:cf:87:00:cd:f2:ac:00:ba:57:4b:3a:12:ce:
4a:99:df:8e:a1:30:82:ed:ac:e1:1a:11:8d:01:d8:b3:d2:86:
b7:5d:07:e9:17:00:09:57:f4:74:71:e5:65:54:a0:9c:c0:82:
b6:f0:da:43:41:e4:a5:84:c9:d8:74:0e:25:74:1d:fe:4c:63:
eb:3a:9a:89:1b:f8:2f:ca:91:ca:c1:15:f5:96:02:86:59:3a:
3d:5e:67:82:3b:74:1b:86:56:c3:5a:13:87:c7:04:a6:25:b1:
0a:db:ba:53:fe:52:f1:fa:9d:04:d5:29:45:e6:16:53:54:52:
20:7e:be:96:f7:4d:df:5d:5f:ed:25:e3:e7:4f:e3:fb:5c:7b:
35:bf:a0:40:f8:9a:68:4c:c5:0a:b3:11:48:05:a9:8f:1c:4f:
0d:a3:53:44:6f:2f:91:9c:66:90:90:90:83:89:de:eb:42:2a:
88:90:c7:33:fa:3f:67:20:4a:b9:09:1a:14:d5:0b:bf:2b:49:
aa:fe:ae:91:94:46:1f:67:ab:ca:b7:2b:58:db:f9:3d:a9:ee:
08:65:85:7d:da:d5:7c:b9:1f:da:51:2c:d0:6d:21:a9:c2:33:
0d:30:e8:3a:cf:ce:37:68:96:62:e7:42:35:7b:94:3d:52:80:
9e:a1:43:a8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbmduOgSdzZeJpgBmQukxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzc4NDNmMDc1MjIyNDQ1OWU2MDM0NTY5YTIxN2M4YjYx
MTU2NGIwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q0NjJmMzVmNmVlNWQyM2NlYWU4YjYxODk1Yzk4N2Y0YTNmMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k9FoRgIjpFuhMTq2GxLIdZaJlNE
7LO+P8tlGmXgkexqxOuNrwEqRVoxI8MV0elZQls4W89jvRCSgfQ2WGSDFQa1KDuz
4+Cqyucdg6Xr5cAxAfCLByyNgu+lWCq4flPqNIGMdOIPSdwMfBRG5Dxwcrz4Ek4Z
6B8NZOabeEOvQvb4AcATrFttdE6W+QpLISTaFeGtPEI5OWiJG2hLsUrcWesx2EKq
upkHP5dvvB9wNEj3y275ndIWROvKaNJi7w4jyYBgD07tT8VvlPr29TlF7O9mc9tA
C528dkH8j4U0z+T9cQoF59KAIxRLEL8W1PwOblhkBJj325Z+k2v1E7azeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLfUYvNfbuXSPOrothiVyYf0o/FKMB8GA1UdIwQY
MBaAFMo3hD8HUiJEWeYDRWmiF8i2EVZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUt
OGZlNzg0ZTMxZTVkLzEvdDlSaTgxOXU1ZEk4NnVpMkdKWEpoX1NqOFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUtOGZlNzg0ZTMxZTVk
LzEveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFV/5gAwQC
uUXYAwQBw4nkAwQF1BjAMA0EAgACMAcDBQAgARaYMA0GCSqGSIb3DQEBCwUAA4IB
AQAVYYjaI8+HAM3yrAC6V0s6Es5Kmd+OoTCC7azhGhGNAdiz0oa3XQfpFwAJV/R0
ceVlVKCcwIK28NpDQeSlhMnYdA4ldB3+TGPrOpqJG/gvypHKwRX1lgKGWTo9XmeC
O3QbhlbDWhOHxwSmJbEK27pT/lLx+p0E1SlF5hZTVFIgfr6W903fXV/tJePnT+P7
XHs1v6BA+JpoTMUKsxFIBamPHE8No1NEby+RnGaQkJCDid7rQiqIkMcz+j9nIEq5
CRoU1Qu/K0mq/q6RlEYfZ6vKtytY2/k9qe4IZYV92tV8uR/aUSzQbSGpwjMNMOg6
z843aJZi50I1e5Q9UoCeoUOo
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:47:34 2024 by rpki-client on console-fra.rpki-client.org