Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/40cJKp1GS5dbr7SdP3Zbev6JmeY.roa
File: 40cJKp1GS5dbr7SdP3Zbev6JmeY.roa (raw, json)
Hash identifier: 61/ko+8N7a8c9CNpATaxhZcxgPcvxlUKKJ8fzALh25Q=
Subject key identifier: E3:47:09:2A:9D:46:4B:97:5B:AF:B4:9D:3F:76:5B:7A:FE:89:99:E6
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B2A17C50576A5FB6EAAF73BF2DC7DF
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/40cJKp1GS5dbr7SdP3Zbev6JmeY.roa
Signing time: Thu 02 Jan 2025 01:47:54 +0000
ROA not before: Thu 02 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199614
IP address blocks: 213.18.244.0/24 maxlen: 24
213.18.246.0/24 maxlen: 24
213.18.247.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
217.180.52.0/24 maxlen: 24
217.180.53.0/24 maxlen: 24
217.180.54.0/24 maxlen: 24
217.180.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a1:7c:50:57:6a:5f:b6:ea:af:73:bf:2d:c7:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e347092a9d464b975bafb49d3f765b7afe8999e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:a5:bd:22:6b:d6:ad:8a:a6:75:79:3c:1a:
ca:5a:cf:c7:2c:12:59:12:5f:31:73:95:b4:92:6e:
e6:81:d6:50:c5:38:8b:f5:16:c0:78:a0:d4:77:12:
e5:25:94:73:82:41:94:55:88:b9:8e:25:b2:fe:8b:
39:b3:79:1e:27:6a:87:9d:aa:86:2a:e8:e0:1b:9c:
73:a2:bf:9f:c8:52:32:96:ca:89:76:dd:1f:ea:64:
9c:36:34:7a:af:c1:30:a8:3f:2a:db:24:aa:5d:fa:
24:5c:96:a3:5b:f1:39:8d:2c:74:56:09:71:3d:0e:
24:de:f6:bd:0f:eb:71:ef:61:99:82:70:63:9f:01:
dd:9d:01:76:e2:42:f9:b5:85:63:39:fc:07:fc:ae:
39:df:16:4d:95:14:07:1a:17:f2:f5:cf:e1:1d:70:
e6:4a:0c:de:03:46:b2:aa:7e:fc:d0:e6:63:1a:69:
98:5d:e7:92:fb:64:28:59:ad:17:3e:a3:31:02:3d:
5b:6b:f0:73:00:b3:49:f9:41:60:33:5d:61:ac:f2:
0c:01:d2:92:14:e4:65:ae:e4:1d:15:58:ab:c3:d8:
ba:8e:a7:15:a6:50:12:04:1c:df:3e:79:a6:ad:09:
33:d9:8d:4d:cd:4c:4c:23:6e:c1:53:a2:7c:eb:ae:
5d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:09:2A:9D:46:4B:97:5B:AF:B4:9D:3F:76:5B:7A:FE:89:99:E6
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/40cJKp1GS5dbr7SdP3Zbev6JmeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.244.0/24
213.18.246.0/23
217.177.74.0/24
217.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
88:0d:52:af:37:4c:1b:17:50:38:1e:f6:58:8e:8a:9c:4a:1c:
81:1f:f6:3b:72:b3:c6:96:f4:40:ee:c0:fe:9e:a7:c3:3c:2a:
a4:70:06:93:2d:e9:38:5a:2d:ed:74:d1:82:e6:7d:d5:c2:8e:
b1:c9:bf:44:ac:59:0f:6e:41:73:fe:36:67:f0:c1:11:28:6e:
51:d0:27:55:40:45:ce:2a:de:f9:c9:18:42:be:56:0d:e1:5e:
ec:bf:ee:40:3a:5f:5c:d0:a9:c3:41:93:27:6d:ba:1b:d5:5f:
ce:17:1c:d4:90:28:2b:fa:97:66:13:fb:7a:48:a2:7e:14:bf:
8e:9d:e2:40:79:6f:d7:a4:14:e0:70:81:ea:da:d4:73:e3:ff:
ec:db:a9:25:26:b4:20:e4:9a:40:c0:ef:ec:ce:91:8a:94:46:
b1:ad:47:94:85:f2:a6:a9:d0:70:31:c7:48:84:09:95:54:ed:
6e:8b:da:27:41:42:db:19:4b:a8:bc:b8:b9:f3:7e:f2:4a:31:
c0:62:c5:37:84:de:1f:0a:9d:6d:47:73:26:37:b9:35:18:be:
5c:75:c1:de:53:8a:79:8e:c1:cf:82:3d:1e:2d:fb:58:ba:94:
73:e5:82:c0:c6:fe:f4:bd:06:36:2e:b2:3d:15:4c:a5:26:10:
c9:1e:38:86
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksqF8UFdqX7bqr3O/LcffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ3MDkyYTlkNDY0Yjk3NWJhZmI0OWQzZjc2NWI3YWZlODk5OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfKlvSJr1q2KpnV5PBrKWs/HLBJZ
El8xc5W0km7mgdZQxTiL9RbAeKDUdxLlJZRzgkGUVYi5jiWy/os5s3keJ2qHnaqG
KujgG5xzor+fyFIylsqJdt0f6mScNjR6r8EwqD8q2ySqXfokXJajW/E5jSx0Vglx
PQ4k3va9D+tx72GZgnBjnwHdnQF24kL5tYVjOfwH/K453xZNlRQHGhfy9c/hHXDm
SgzeA0ayqn780OZjGmmYXeeS+2QoWa0XPqMxAj1ba/BzALNJ+UFgM11hrPIMAdKS
FORlruQdFVirw9i6jqcVplASBBzfPnmmrQkz2Y1NzUxMI27BU6J8665dAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFONHCSqdRkuXW6+0nT92W3r+iZnmMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNDBjSktwMUdTNWRicjdTZFAzWmJldjZKbWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1RL0AwQB
1RL2AwQA2bFKAwQC2bQ0MA0GCSqGSIb3DQEBCwUAA4IBAQCIDVKvN0wbF1A4HvZY
joqcShyBH/Y7crPGlvRA7sD+nqfDPCqkcAaTLek4Wi3tdNGC5n3Vwo6xyb9ErFkP
bkFz/jZn8MERKG5R0CdVQEXOKt75yRhCvlYN4V7sv+5AOl9c0KnDQZMnbbob1V/O
FxzUkCgr+pdmE/t6SKJ+FL+OneJAeW/XpBTgcIHq2tRz4//s26klJrQg5JpAwO/s
zpGKlEaxrUeUhfKmqdBwMcdIhAmVVO1ui9onQULbGUuovLi5837ySjHAYsU3hN4f
Cp1tR3MmN7k1GL5cdcHeU4p5jsHPgj0eLftYupRz5YLAxv70vQY2LrI9FUylJhDJ
HjiG
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:54:50 2025 by rpki-client