Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/_JgFMpmqs5dOKHO3ZPavceV351Y.roa
File: _JgFMpmqs5dOKHO3ZPavceV351Y.roa (raw, json)
Hash identifier: ZuEkz+6ouJ/pebp7wlnGIC8sdIKhcNrm8ct+8I8vRwQ=
Subject key identifier: FC:98:05:32:99:AA:B3:97:4E:28:73:B7:64:F6:AF:71:E5:77:E7:56
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 018CC8015CBFBEA39F13BC8FA43FA462E119
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/_JgFMpmqs5dOKHO3ZPavceV351Y.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206087
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
185.221.43.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2a09:f00:ff::/48 maxlen: 48
2a09:f00:a::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5c:bf:be:a3:9f:13:bc:8f:a4:3f:a4:62:e1:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc98053299aab3974e2873b764f6af71e577e756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:65:04:7c:29:cc:87:d3:8f:54:4e:37:ea:
a1:39:b9:b6:bd:44:f0:ba:7c:58:bb:64:d6:09:97:
be:73:ad:46:35:41:45:b3:5d:12:64:05:e4:d4:06:
89:db:93:cd:c3:4c:82:63:73:0d:29:b0:44:d2:59:
25:36:5b:a6:94:f9:09:6e:f3:a7:3f:61:30:69:9a:
da:b3:f9:70:c0:f8:1b:aa:7a:e6:fd:9b:62:40:34:
ef:e1:a2:4b:05:dd:5e:18:7b:b4:98:19:2c:8f:a5:
7d:28:75:8a:93:e1:68:5d:48:eb:dd:a3:fd:f5:47:
17:2b:60:a8:ee:7e:dc:f7:45:d9:0f:08:a1:d3:b9:
97:1f:14:6e:82:65:e6:0c:b7:b6:aa:ea:df:a2:d2:
84:7b:42:2b:94:9a:0e:c2:4b:5e:a5:50:4d:24:bd:
f3:ce:dc:2a:a7:f8:72:fb:2c:51:7a:49:6c:ee:cf:
95:b5:a9:05:ec:bf:7d:c8:d1:49:68:ab:a6:d6:38:
4f:00:13:5b:27:12:ea:85:ea:9c:26:02:7b:50:1c:
74:ea:b7:96:08:d1:68:dd:d4:c5:78:f2:d7:b8:c8:
17:1f:88:d5:1e:c7:2e:6d:bf:7a:b7:cc:6e:e9:b7:
84:47:8e:17:e7:cc:47:90:e0:21:ce:99:7a:d8:eb:
65:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:98:05:32:99:AA:B3:97:4E:28:73:B7:64:F6:AF:71:E5:77:E7:56
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/_JgFMpmqs5dOKHO3ZPavceV351Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/23
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
2a09:f00:ff::/48
Signature Algorithm: sha256WithRSAEncryption
be:12:99:a0:3c:25:5d:a3:f3:38:5a:b4:96:38:45:97:bf:fc:
b4:9a:72:bd:07:ea:5b:a3:d9:cf:67:a5:9e:85:58:0d:29:61:
96:11:2f:87:1f:fa:28:a0:f7:b7:f2:02:41:31:dc:1b:c1:c7:
49:77:0b:7e:f0:1a:b5:6c:7f:6f:6f:2b:ff:36:a4:77:fc:75:
6e:49:ce:79:46:b6:35:a3:0b:29:90:2c:44:dc:86:4a:37:6e:
6f:ec:6f:0f:be:46:1b:c1:73:83:8c:b1:cf:a1:e4:d1:cd:e3:
4b:e5:84:5e:49:2d:39:9f:b0:bd:5f:f1:fc:e5:9c:a1:fd:76:
79:da:3e:4a:6f:62:22:92:03:21:0a:19:6d:ef:c8:15:c8:f2:
a1:3a:37:3a:47:c8:db:68:de:ed:29:fe:32:80:61:c5:49:e1:
e4:af:0d:94:05:72:ab:4f:ce:9b:eb:57:20:44:b1:a2:9b:27:
2c:42:90:45:49:d7:ad:3d:f8:6b:34:60:dd:e3:e0:eb:c3:3f:
42:82:42:b7:d8:a3:75:79:75:e8:7e:5d:3c:b6:20:18:4e:2f:
f1:41:a0:af:03:e5:72:c8:eb:72:ae:a3:af:29:7c:a2:fc:79:
81:77:99:0f:8d:04:ff:d4:7b:25:c6:b2:ca:14:65:0f:21:d1:
c3:e6:05:70
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIAVy/vqOfE7yPpD+kYuEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjU2ZjllZTE4ZmRiZmFmMzBhMGRhNTc5ODJlMjcyNzNk
YmNiNDIwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk4MDUzMjk5YWFiMzk3NGUyODczYjc2NGY2YWY3MWU1NzdlNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gtlBHwpzIfTj1RON+qhObm2vUTw
unxYu2TWCZe+c61GNUFFs10SZAXk1AaJ25PNw0yCY3MNKbBE0lklNlumlPkJbvOn
P2EwaZras/lwwPgbqnrm/ZtiQDTv4aJLBd1eGHu0mBksj6V9KHWKk+FoXUjr3aP9
9UcXK2Co7n7c90XZDwih07mXHxRugmXmDLe2qurfotKEe0IrlJoOwktepVBNJL3z
ztwqp/hy+yxRekls7s+VtakF7L99yNFJaKum1jhPABNbJxLqheqcJgJ7UBx06reW
CNFo3dTFePLXuMgXH4jVHscubb96t8xu6beER44X58xHkOAhzpl62Otl5wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPyYBTKZqrOXTihzt2T2r3Hld+dWMB8GA1UdIwQY
MBaAFOi1b57hj9v68woNpXmC4nJz28tCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYt
NzM1NWIyMDQzZTU0LzEvX0pnRk1wbXFzNWRPS0hPM1pQYXZjZVYzNTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYtNzM1NWIyMDQzZTU0
LzEvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAud0oAwQB
ud0qAwQAw+orMCEEAgACMBsDBwAgAQZ8BpADBwEqCQ8AAAoDBwAqCQ8AAP8wDQYJ
KoZIhvcNAQELBQADggEBAL4SmaA8JV2j8zhatJY4RZe//LSacr0H6luj2c9npZ6F
WA0pYZYRL4cf+iig97fyAkEx3BvBx0l3C37wGrVsf29vK/82pHf8dW5JznlGtjWj
CymQLETchko3bm/sbw++RhvBc4OMsc+h5NHN40vlhF5JLTmfsL1f8fzlnKH9dnna
PkpvYiKSAyEKGW3vyBXI8qE6NzpHyNto3u0p/jKAYcVJ4eSvDZQFcqtPzpvrVyBE
saKbJyxCkEVJ1609+Gs0YN3j4OvDP0KCQrfYo3V5deh+XTy2IBhOL/FBoK8D5XLI
63Kuo68pfKL8eYF3mQ+NBP/UeyXGssoUZQ8h0cPmBXA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:21:36 2024 by rpki-client on console-ams.rpki-client.org