Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/x3J_JCSJsXEjbN5DwV8U0lj_C_w.roa
File: x3J_JCSJsXEjbN5DwV8U0lj_C_w.roa (raw, json)
Hash identifier: yD+sHfhiUJLr03Jh3O5bJ9ni3JeGiwET3sSdSdiNNEM=
Subject key identifier: C7:72:7F:24:24:89:B1:71:23:6C:DE:43:C1:5F:14:D2:58:FF:0B:FC
Certificate issuer: /CN=fe076c4eb82198289b13ff528593907d3214d648
Certificate serial: 018D5A5162EEE755777397E8111B164811B2
Authority key identifier: FE:07:6C:4E:B8:21:98:28:9B:13:FF:52:85:93:90:7D:32:14:D6:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gdsTrghmCibE_9ShZOQfTIU1kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/x3J_JCSJsXEjbN5DwV8U0lj_C_w.roa
Signing time: Tue 30 Jan 2024 12:21:39 +0000
ROA not before: Tue 30 Jan 2024 12:21:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211871
IP address blocks: 78.111.111.0/24 maxlen: 24
185.139.5.0/24 maxlen: 24
217.195.207.0/24 maxlen: 24
2a12:94c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/_gdsTrghmCibE_9ShZOQfTIU1kg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/_gdsTrghmCibE_9ShZOQfTIU1kg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_gdsTrghmCibE_9ShZOQfTIU1kg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:51:62:ee:e7:55:77:73:97:e8:11:1b:16:48:11:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe076c4eb82198289b13ff528593907d3214d648
Validity
Not Before: Jan 30 12:21:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7727f242489b171236cde43c15f14d258ff0bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:28:fa:f4:bd:af:52:dd:cc:0e:fa:bc:0b:9b:
be:98:0c:13:6e:6f:0f:93:00:fe:a5:4d:cf:09:fc:
f7:2c:65:3d:f8:3a:ae:f2:6b:11:4c:4c:28:4d:29:
e3:3c:44:d6:c7:b6:a1:ee:d1:7a:3c:12:01:dd:1b:
16:26:c1:38:da:5f:01:e4:62:30:d5:c9:e9:8d:f6:
da:7e:eb:9a:c2:ff:19:1a:95:e1:e1:2b:14:e8:17:
02:86:d3:b1:35:d7:49:ea:43:fd:3d:91:e7:de:24:
43:93:b3:54:15:09:44:74:d2:03:55:71:1d:36:94:
86:7e:0d:5d:ce:e9:f2:6a:cd:d9:07:f3:7d:76:a4:
5c:34:4a:c3:bd:b3:9c:92:b8:85:da:20:19:19:da:
f4:cc:4f:25:49:4c:cb:25:9f:5a:a0:be:a9:f8:10:
19:d0:ca:de:78:5f:e5:30:6a:a9:4d:6d:3b:bd:02:
04:ce:e8:b5:24:b4:50:ee:fa:f8:c2:39:5a:9d:e2:
c6:78:6a:c4:88:0a:58:6f:29:9c:cf:83:40:f4:8e:
9c:a0:4d:a4:2c:9a:ce:05:bd:37:e3:4b:21:cc:02:
1b:eb:16:a5:a2:47:f3:f6:d5:9c:3a:89:46:90:1d:
24:df:ce:d3:7d:61:8c:14:44:cc:71:36:c6:ca:38:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:72:7F:24:24:89:B1:71:23:6C:DE:43:C1:5F:14:D2:58:FF:0B:FC
X509v3 Authority Key Identifier:
keyid:FE:07:6C:4E:B8:21:98:28:9B:13:FF:52:85:93:90:7D:32:14:D6:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gdsTrghmCibE_9ShZOQfTIU1kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/x3J_JCSJsXEjbN5DwV8U0lj_C_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e47b7d-360a-4a41-b76b-367a411f9ec6/1/_gdsTrghmCibE_9ShZOQfTIU1kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.111.0/24
185.139.5.0/24
217.195.207.0/24
IPv6:
2a12:94c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:ba:7c:02:2b:1e:6e:09:ef:89:19:69:61:46:58:6b:e0:d3:
94:ff:a9:2c:5b:9c:f9:0f:c9:1d:54:44:de:6c:af:1b:70:0b:
d7:76:08:df:79:88:fe:7c:c3:09:18:c9:cb:e5:bc:6b:5f:db:
4a:9c:53:74:c5:01:d6:0b:c6:9e:29:c2:ae:db:c7:31:88:68:
a4:69:2e:ac:b7:0d:e7:51:75:3a:b7:2d:e4:be:8c:58:00:b7:
40:de:71:6b:77:3c:3c:9f:8f:a7:99:72:d8:80:4a:93:02:01:
14:bb:bc:5a:dc:33:ac:ad:0a:81:6b:33:85:b3:ba:48:9b:df:
9a:c0:30:75:27:da:55:8d:4d:e5:05:f4:f8:3d:57:3e:1a:c6:
40:e8:55:83:aa:05:5f:1b:d6:95:6e:38:37:05:7c:2a:d6:9a:
50:e6:67:66:00:df:cc:f4:ab:b1:54:40:75:1f:36:10:c2:0f:
1f:38:c9:69:7e:0c:5e:fc:7e:5c:ba:10:c3:08:93:2a:9e:18:
20:c3:5e:aa:dd:c1:86:28:33:ea:f7:81:6e:b2:4b:09:81:5b:
fe:82:f8:72:70:cd:9f:a3:ae:a1:97:58:e5:ef:9e:d5:64:4b:
e7:fb:f5:7b:26:4b:fa:a5:55:30:67:00:bd:1c:0f:cd:46:87:
fc:e4:a3:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1aUWLu51V3c5foERsWSBGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMDc2YzRlYjgyMTk4Mjg5YjEzZmY1Mjg1OTM5MDdkMzIx
NGQ2NDgwHhcNMjQwMTMwMTIyMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzcyN2YyNDI0ODliMTcxMjM2Y2RlNDNjMTVmMTRkMjU4ZmYwYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSj69L2vUt3MDvq8C5u+mAwTbm8P
kwD+pU3PCfz3LGU9+Dqu8msRTEwoTSnjPETWx7ah7tF6PBIB3RsWJsE42l8B5GIw
1cnpjfbafuuawv8ZGpXh4SsU6BcChtOxNddJ6kP9PZHn3iRDk7NUFQlEdNIDVXEd
NpSGfg1dzunyas3ZB/N9dqRcNErDvbOckriF2iAZGdr0zE8lSUzLJZ9aoL6p+BAZ
0MreeF/lMGqpTW07vQIEzui1JLRQ7vr4wjlaneLGeGrEiApYbymcz4NA9I6coE2k
LJrOBb0340shzAIb6xalokfz9tWcOolGkB0k387TfWGMFETMcTbGyji9lQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMdyfyQkibFxI2zeQ8FfFNJY/wv8MB8GA1UdIwQY
MBaAFP4HbE64IZgomxP/UoWTkH0yFNZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2dkc1RyZ2htQ2liRV85U2haT1FmVElVMWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lNDdiN2QtMzYwYS00YTQxLWI3NmIt
MzY3YTQxMWY5ZWM2LzEveDNKX0pDU0pzWEVqYk41RHdWOFUwbGpfQ193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lNDdiN2QtMzYwYS00YTQxLWI3NmItMzY3YTQxMWY5ZWM2
LzEvX2dkc1RyZ2htQ2liRV85U2haT1FmVElVMWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQATm9vAwQA
uYsFAwQA2cPPMA0EAgACMAcDBQMqEpTAMA0GCSqGSIb3DQEBCwUAA4IBAQBJunwC
Kx5uCe+JGWlhRlhr4NOU/6ksW5z5D8kdVETebK8bcAvXdgjfeYj+fMMJGMnL5bxr
X9tKnFN0xQHWC8aeKcKu28cxiGikaS6stw3nUXU6ty3kvoxYALdA3nFrdzw8n4+n
mXLYgEqTAgEUu7xa3DOsrQqBazOFs7pIm9+awDB1J9pVjU3lBfT4PVc+GsZA6FWD
qgVfG9aVbjg3BXwq1ppQ5mdmAN/M9KuxVEB1HzYQwg8fOMlpfgxe/H5cuhDDCJMq
nhggw16q3cGGKDPq94FusksJgVv+gvhycM2fo66hl1jl757VZEvn+/V7Jkv6pVUw
ZwC9HA/NRof85KPj
-----END CERTIFICATE-----
Generated at Wed May 22 07:08:44 2024 by rpki-client on console-fra.rpki-client.org