Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/jlSXRAhVUXZAInCHYMFql-MvPP4.roa
File: jlSXRAhVUXZAInCHYMFql-MvPP4.roa (raw, json)
Hash identifier: /Yhm/BD1ZDKFP4UhvYnItGt+tvB0eMqKDyBbW2ZEE3w=
Subject key identifier: 8E:54:97:44:08:55:51:76:40:22:70:87:60:C1:6A:97:E3:2F:3C:FE
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018CC64AFD9921BBD8162694F4017D6E11FC
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/jlSXRAhVUXZAInCHYMFql-MvPP4.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 193.56.168.0/22 maxlen: 24
91.92.18.0/23 maxlen: 24
45.152.184.0/22 maxlen: 24
45.129.48.0/22 maxlen: 24
185.107.84.0/22 maxlen: 24
185.61.144.0/22 maxlen: 24
109.70.16.0/21 maxlen: 24
45.11.148.0/22 maxlen: 24
45.85.176.0/22 maxlen: 24
80.240.176.0/20 maxlen: 24
185.163.60.0/22 maxlen: 24
185.203.180.0/22 maxlen: 24
45.90.224.0/22 maxlen: 24
5.252.60.0/22 maxlen: 24
188.92.64.0/21 maxlen: 24
5.252.88.0/22 maxlen: 24
45.65.104.0/21 maxlen: 24
185.13.180.0/22 maxlen: 24
95.214.44.0/22 maxlen: 24
2.59.68.0/22 maxlen: 24
2.59.72.0/22 maxlen: 24
193.8.116.0/22 maxlen: 24
185.229.176.0/22 maxlen: 24
128.127.16.0/21 maxlen: 24
185.189.20.0/22 maxlen: 24
185.253.36.0/22 maxlen: 24
212.104.240.0/20 maxlen: 24
185.128.140.0/22 maxlen: 24
194.182.112.0/20 maxlen: 24
2a06:4280::/29 maxlen: 48
2a02:cfc0::/29 maxlen: 48
2a02:79e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fd:99:21:bb:d8:16:26:94:f4:01:7d:6e:11:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e549744085551764022708760c16a97e32f3cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:af:30:dc:48:93:77:8c:e3:32:9b:12:1d:ea:
77:a0:1c:aa:f8:f5:5c:89:73:66:9b:4a:4a:60:f1:
62:f0:9b:bd:4d:0b:68:61:9c:c2:9f:10:46:21:55:
94:3f:05:cd:61:db:d8:da:8d:86:6b:bb:92:ed:9a:
3d:aa:31:7f:91:b1:c7:9b:04:c9:98:8f:38:71:75:
4b:c2:fa:8b:4d:24:c6:e4:b4:cb:cf:9b:94:e8:c5:
ec:a6:c1:e8:86:e9:ce:e3:1b:9a:33:d8:bc:e9:9f:
c1:0a:d9:2a:a8:ae:5a:04:79:d3:6e:d0:24:00:9b:
85:8b:68:9d:3d:93:7e:bd:e2:c6:3f:5a:33:b4:a1:
25:ff:26:a4:df:8f:4b:24:d7:f7:a8:f3:1e:81:6f:
bf:60:e9:c4:e1:1e:ef:7b:d6:31:8b:e1:70:58:ca:
0a:8e:15:b0:5a:23:fa:90:0d:8d:66:cb:d0:e8:bb:
0e:1f:81:b3:cd:b6:54:10:2b:70:92:1e:c6:ca:a9:
5a:0b:2b:f3:ce:b0:3c:8e:a9:43:89:89:39:1f:77:
f9:31:e4:18:13:91:ec:23:01:3a:f2:60:29:af:c4:
54:78:8c:1f:61:71:5d:f4:68:eb:91:7b:a1:16:c3:
16:7c:1d:0e:dc:2c:f8:66:f9:4d:0e:12:be:ec:fd:
31:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:54:97:44:08:55:51:76:40:22:70:87:60:C1:6A:97:E3:2F:3C:FE
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/jlSXRAhVUXZAInCHYMFql-MvPP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.189.20.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
a2:88:7e:30:47:39:95:73:57:1f:28:49:80:d9:34:98:b0:e0:
35:1c:94:a6:c2:3c:7c:b3:70:71:99:f2:7d:83:96:f6:c1:ac:
e8:14:f1:a1:73:df:3f:db:84:fc:5c:e6:0b:15:52:fb:77:e8:
22:6d:f1:ac:4d:cb:85:46:99:84:05:dc:60:4e:9d:29:4f:2c:
82:37:99:2d:f5:d6:a7:e5:19:96:56:5e:28:55:a2:04:07:d4:
19:eb:41:a8:7c:ba:1c:e5:46:a1:11:e9:41:0e:e4:1d:25:6d:
af:d7:1c:8a:d6:4f:66:e3:d0:35:4d:d7:35:16:03:22:ab:f5:
0f:37:7a:3a:e1:6c:fd:27:b1:66:fd:71:39:52:7b:6c:c7:48:
00:c1:78:3f:95:0d:e9:03:8a:ec:29:bc:8b:13:54:e3:bb:c7:
e0:84:73:fb:ab:5c:96:3d:1b:57:a7:f2:67:ab:92:82:49:31:
07:1e:90:2c:87:78:a1:cc:18:3d:a0:f9:35:93:8a:39:09:e4:
9e:a4:67:a9:f0:aa:90:c4:c2:31:26:67:8a:23:d0:5e:35:9b:
2a:c1:ac:4f:b8:2f:4f:31:da:de:f1:74:be:ef:91:aa:3d:4a:
c0:ee:7b:f7:f1:d6:ed:3c:7b:0f:f8:af:46:fb:28:d8:55:39:
e4:cc:8c:c8
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYzGSv2ZIbvYFiaU9AF9bhH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTU0OTc0NDA4NTU1MTc2NDAyMjcwODc2MGMxNmE5N2UzMmYzY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla8w3EiTd4zjMpsSHep3oByq+PVc
iXNmm0pKYPFi8Ju9TQtoYZzCnxBGIVWUPwXNYdvY2o2Ga7uS7Zo9qjF/kbHHmwTJ
mI84cXVLwvqLTSTG5LTLz5uU6MXspsHohunO4xuaM9i86Z/BCtkqqK5aBHnTbtAk
AJuFi2idPZN+veLGP1oztKEl/yak349LJNf3qPMegW+/YOnE4R7ve9Yxi+FwWMoK
jhWwWiP6kA2NZsvQ6LsOH4GzzbZUECtwkh7GyqlaCyvzzrA8jqlDiYk5H3f5MeQY
E5HsIwE68mApr8RUeIwfYXFd9GjrkXuhFsMWfB0O3Cz4ZvlNDhK+7P0xOQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFI5Ul0QIVVF2QCJwh2DBapfjLzz+MB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvamxTWFJBaFZVWFpBSW5DSFlNRnFsLU12UFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbAwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArm9FAMEArnLtAMEArnlsAMEArn9JAME
A7xcQAMEAsEIdAMEAsE4qAMEBMK2cAMEBNRo8DAbBAIAAjAVAwUAKgJ54AMFAyoC
z8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQCiiH4wRzmVc1cfKEmA2TSYsOA1
HJSmwjx8s3BxmfJ9g5b2wazoFPGhc98/24T8XOYLFVL7d+gibfGsTcuFRpmEBdxg
Tp0pTyyCN5kt9dan5RmWVl4oVaIEB9QZ60GofLoc5UahEelBDuQdJW2v1xyK1k9m
49A1Tdc1FgMiq/UPN3o64Wz9J7Fm/XE5Untsx0gAwXg/lQ3pA4rsKbyLE1Tju8fg
hHP7q1yWPRtXp/Jnq5KCSTEHHpAsh3ihzBg9oPk1k4o5CeSepGep8KqQxMIxJmeK
I9BeNZsqwaxPuC9PMdre8XS+75GqPUrA7nv38dbtPHsP+K9G+yjYVTnkzIzI
-----END CERTIFICATE-----
Generated at Wed May 15 18:27:44 2024 by rpki-client on console-fra.rpki-client.org