Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/pjNDkIkGxgwB_N3FTBlJp8KzyE4.roa
File: pjNDkIkGxgwB_N3FTBlJp8KzyE4.roa (raw, json)
Hash identifier: aegTzg7mfaIVc0+qJVC3C0WYtnX28HUGzseK44MpYRU=
Subject key identifier: A6:33:43:90:89:06:C6:0C:01:FC:DD:C5:4C:19:49:A7:C2:B3:C8:4E
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 018CC5003828EBF7197C825B07E260123B90
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/pjNDkIkGxgwB_N3FTBlJp8KzyE4.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 185.78.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:38:28:eb:f7:19:7c:82:5b:07:e2:60:12:3b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a63343908906c60c01fcddc54c1949a7c2b3c84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:dc:15:22:00:77:df:2d:5d:29:cd:d1:b6:
2b:ee:9d:d8:48:76:ff:ee:a0:cc:bf:5b:3e:1c:45:
49:08:65:3a:49:88:1b:0a:94:b3:5b:3f:9a:69:e9:
da:9e:11:11:7f:76:4d:00:2e:b8:30:81:39:68:b1:
9e:f1:e4:84:95:e7:61:f8:f5:9a:6b:6d:4a:76:3c:
53:59:4b:3c:5c:ad:91:34:91:f7:94:ab:1f:6c:c3:
69:7a:a0:be:3d:9c:98:49:3e:b9:14:28:09:21:d2:
7d:17:c2:dd:69:31:33:79:75:d0:ed:b9:1a:ad:dc:
18:f0:c7:21:3f:8a:ac:c7:0f:6e:90:7c:05:fc:29:
da:c8:58:8a:28:c6:44:e1:aa:23:36:d5:b0:a2:db:
96:ee:e6:58:ce:69:df:0b:d1:4b:73:9f:2e:98:8b:
d7:b6:f7:f2:5b:e1:cc:5b:1f:b5:d4:f4:f5:c5:5b:
15:74:2c:b9:18:3c:5a:48:3c:91:99:58:5e:4c:01:
f4:24:d3:42:83:88:52:4b:66:22:c7:60:96:c2:e2:
a0:ed:b2:38:ea:75:46:ba:5c:24:a0:95:b0:c7:e2:
1a:df:e9:db:aa:66:21:12:04:a1:2c:77:55:4a:8c:
d9:05:35:9d:e6:3d:6f:9a:4a:85:b1:6d:6b:bf:25:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:33:43:90:89:06:C6:0C:01:FC:DD:C5:4C:19:49:A7:C2:B3:C8:4E
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/pjNDkIkGxgwB_N3FTBlJp8KzyE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.86.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:e0:a2:e2:35:9e:ff:fe:5f:1c:98:6e:59:22:a6:54:54:4b:
c5:63:0d:6e:92:10:86:ef:3c:27:3e:c0:ed:05:ec:20:8f:43:
dc:90:ec:a9:31:6d:14:86:02:dd:72:19:dd:b5:ff:ac:a4:4d:
af:ba:fd:5e:95:ba:de:09:23:4f:6c:ae:9d:38:25:48:b1:49:
d9:db:88:33:b8:97:51:a0:fe:54:a3:60:b6:53:9b:6e:a0:0c:
1a:ef:01:3c:be:94:b9:2f:fd:95:38:2b:b9:6c:57:94:59:31:
a2:48:c6:fb:b4:b9:3c:f2:7c:dd:a7:78:85:8e:08:1b:a0:9c:
a2:4e:c5:55:87:66:1a:a2:10:26:93:88:fd:3b:69:bf:b6:26:
67:3e:51:eb:0d:62:93:89:ea:17:d1:72:e6:63:6e:4e:9f:c3:
15:47:e0:11:a8:8c:64:64:60:e7:9f:4d:60:1b:f0:11:28:fc:
12:57:07:18:5b:df:35:3b:06:e8:70:f0:d8:a9:a2:33:4f:de:
36:66:fe:8f:98:e8:c2:d4:df:bb:69:27:d9:ab:c1:55:a0:25:
60:1a:f6:2d:b2:38:e4:4a:b7:a1:87:28:c9:bc:21:32:ba:13:
cc:e5:6e:c9:fd:0e:9a:d6:dc:4b:f7:7e:3a:45:44:90:1f:ea:
95:00:b6:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFADgo6/cZfIJbB+JgEjuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjMzNDM5MDg5MDZjNjBjMDFmY2RkYzU0YzE5NDlhN2MyYjNjODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9PcFSIAd98tXSnN0bYr7p3YSHb/
7qDMv1s+HEVJCGU6SYgbCpSzWz+aaenanhERf3ZNAC64MIE5aLGe8eSEledh+PWa
a21KdjxTWUs8XK2RNJH3lKsfbMNpeqC+PZyYST65FCgJIdJ9F8LdaTEzeXXQ7bka
rdwY8MchP4qsxw9ukHwF/CnayFiKKMZE4aojNtWwotuW7uZYzmnfC9FLc58umIvX
tvfyW+HMWx+11PT1xVsVdCy5GDxaSDyRmVheTAH0JNNCg4hSS2Yix2CWwuKg7bI4
6nVGulwkoJWwx+Ia3+nbqmYhEgShLHdVSozZBTWd5j1vmkqFsW1rvyUj1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYzQ5CJBsYMAfzdxUwZSafCs8hOMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvcGpORGtJa0d4Z3dCX04zRlRCbEpwOEt6eUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU5WMA0G
CSqGSIb3DQEBCwUAA4IBAQA/4KLiNZ7//l8cmG5ZIqZUVEvFYw1ukhCG7zwnPsDt
Bewgj0PckOypMW0UhgLdchndtf+spE2vuv1elbreCSNPbK6dOCVIsUnZ24gzuJdR
oP5Uo2C2U5tuoAwa7wE8vpS5L/2VOCu5bFeUWTGiSMb7tLk88nzdp3iFjggboJyi
TsVVh2YaohAmk4j9O2m/tiZnPlHrDWKTieoX0XLmY25On8MVR+ARqIxkZGDnn01g
G/ARKPwSVwcYW981OwbocPDYqaIzT942Zv6PmOjC1N+7aSfZq8FVoCVgGvYtsjjk
SrehhyjJvCEyuhPM5W7J/Q6a1txL9346RUSQH+qVALby
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:31:27 2024 by rpki-client on console-fra.rpki-client.org