Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/JcLxAlQXxjpefcM_8Ycywh4FAJc.roa
File: JcLxAlQXxjpefcM_8Ycywh4FAJc.roa (raw, json)
Hash identifier: SVfnb29fGhjy1LoOZ1O1nq5kjN+16b3WEPAAq1wKr9Q=
Subject key identifier: 25:C2:F1:02:54:17:C6:3A:5E:7D:C3:3F:F1:87:32:C2:1E:05:00:97
Certificate issuer: /CN=7e5354e1334708f180012bb237a95f9fac7a4e5c
Certificate serial: 018CC64A664A58E581370ADAB935CA8D5F87
Authority key identifier: 7E:53:54:E1:33:47:08:F1:80:01:2B:B2:37:A9:5F:9F:AC:7A:4E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flNU4TNHCPGAASuyN6lfn6x6Tlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/JcLxAlQXxjpefcM_8Ycywh4FAJc.roa
Signing time: Mon 01 Jan 2024 18:30:13 +0000
ROA not before: Mon 01 Jan 2024 18:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207003
IP address blocks: 185.188.30.0/24 maxlen: 24
2a12:d940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/flNU4TNHCPGAASuyN6lfn6x6Tlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/flNU4TNHCPGAASuyN6lfn6x6Tlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/flNU4TNHCPGAASuyN6lfn6x6Tlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:66:4a:58:e5:81:37:0a:da:b9:35:ca:8d:5f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e5354e1334708f180012bb237a95f9fac7a4e5c
Validity
Not Before: Jan 1 18:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25c2f1025417c63a5e7dc33ff18732c21e050097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:09:27:05:80:b9:76:d8:e3:ca:02:65:e5:30:
73:8a:47:fb:9e:4c:6e:60:fd:ad:d7:68:26:ef:ae:
04:e9:50:48:6d:1f:2c:f9:dc:98:58:d5:fe:58:48:
01:04:60:ce:ce:8e:f5:61:31:8b:f8:93:e5:5b:24:
95:ae:41:21:20:c1:f0:38:1e:33:be:88:45:08:f1:
8f:77:fb:7b:d4:32:80:cd:91:50:6f:a1:89:db:e3:
9c:48:86:99:5a:0d:c1:0e:6f:91:6f:8a:48:e8:a1:
24:b3:2b:f3:ee:88:15:16:cb:ce:6d:29:37:91:dd:
f7:91:b1:51:2b:3a:45:0b:f3:07:c7:89:2b:69:a1:
92:5c:ef:4b:84:74:13:23:62:ce:a9:e7:76:0b:f8:
4f:c9:df:a4:5e:02:6b:5e:cf:5c:a0:87:0f:4e:49:
0d:df:1c:9e:1e:44:3a:30:41:fe:e7:92:c6:22:1b:
34:ad:6d:3a:5f:df:54:1d:55:3f:7b:a3:ce:7c:39:
f7:75:df:cb:49:42:82:9b:5b:76:e0:03:7d:a7:03:
61:69:a9:8b:f5:9f:c7:69:97:49:8b:ee:10:2e:48:
d0:c7:4b:85:53:14:d1:f4:cd:3a:79:f4:49:40:3f:
8e:76:4e:48:73:7e:51:50:bd:6f:2f:b8:f7:74:34:
11:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C2:F1:02:54:17:C6:3A:5E:7D:C3:3F:F1:87:32:C2:1E:05:00:97
X509v3 Authority Key Identifier:
keyid:7E:53:54:E1:33:47:08:F1:80:01:2B:B2:37:A9:5F:9F:AC:7A:4E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flNU4TNHCPGAASuyN6lfn6x6Tlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/JcLxAlQXxjpefcM_8Ycywh4FAJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/21443f-e68f-49e6-abc9-6083393cf46e/1/flNU4TNHCPGAASuyN6lfn6x6Tlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.30.0/24
IPv6:
2a12:d940::/29
Signature Algorithm: sha256WithRSAEncryption
30:0d:4b:b3:25:de:e4:d9:92:0b:8a:bb:c9:b8:5b:4a:74:df:
fd:d1:b1:f5:b4:08:17:6e:ae:d7:4d:c4:c7:6b:0d:f0:8e:18:
d4:8f:8f:3d:82:c1:91:09:9f:16:19:b0:a9:51:a4:c6:e5:2e:
35:82:fd:c8:25:a8:00:19:73:cb:6b:3e:99:bf:89:ec:ae:52:
92:4f:ae:36:52:24:30:d2:62:f6:91:ce:d9:23:9e:82:0b:71:
a0:46:9e:26:86:b9:0f:f5:0f:7b:a2:7c:a6:0f:1e:67:fa:26:
cf:06:cf:53:0b:cf:f0:fd:66:37:f9:82:6a:97:89:86:64:79:
54:48:a6:09:59:a1:14:07:43:c2:ca:7e:d4:7e:c1:8c:9c:0e:
a8:7f:99:c2:66:e3:6c:49:0d:e8:59:fe:ec:b2:9e:63:f1:50:
b6:45:97:10:e7:4e:ab:7f:59:95:69:6a:f1:2e:6c:44:c9:d3:
93:6f:3d:67:bc:40:c0:44:fa:13:ed:ce:cb:90:87:13:4d:c1:
16:03:f0:54:7c:8e:93:3d:a7:30:4b:20:3b:b3:8b:18:97:d0:
bc:53:d3:1a:3d:23:78:b4:51:83:2c:07:50:c2:8a:02:f4:f2:
2c:f9:0b:02:a9:8e:13:c7:02:a9:6a:ec:71:28:16:3a:6d:78:
46:c8:ba:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSmZKWOWBNwrauTXKjV+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNTM1NGUxMzM0NzA4ZjE4MDAxMmJiMjM3YTk1ZjlmYWM3
YTRlNWMwHhcNMjQwMTAxMTgzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMyZjEwMjU0MTdjNjNhNWU3ZGMzM2ZmMTg3MzJjMjFlMDUwMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQknBYC5dtjjygJl5TBzikf7nkxu
YP2t12gm764E6VBIbR8s+dyYWNX+WEgBBGDOzo71YTGL+JPlWySVrkEhIMHwOB4z
vohFCPGPd/t71DKAzZFQb6GJ2+OcSIaZWg3BDm+Rb4pI6KEksyvz7ogVFsvObSk3
kd33kbFRKzpFC/MHx4kraaGSXO9LhHQTI2LOqed2C/hPyd+kXgJrXs9coIcPTkkN
3xyeHkQ6MEH+55LGIhs0rW06X99UHVU/e6POfDn3dd/LSUKCm1t24AN9pwNhaamL
9Z/HaZdJi+4QLkjQx0uFUxTR9M06efRJQD+Odk5Ic35RUL1vL7j3dDQR6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCXC8QJUF8Y6Xn3DP/GHMsIeBQCXMB8GA1UdIwQY
MBaAFH5TVOEzRwjxgAErsjepX5+sek5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxOVTRUTkhDUEdBQVN1eU42bGZuNng2VGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMTQ0M2YtZTY4Zi00OWU2LWFiYzkt
NjA4MzM5M2NmNDZlLzEvSmNMeEFsUVh4anBlZmNNXzhZY3l3aDRGQUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMTQ0M2YtZTY4Zi00OWU2LWFiYzktNjA4MzM5M2NmNDZl
LzEvZmxOVTRUTkhDUEdBQVN1eU42bGZuNng2VGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubweMA0E
AgACMAcDBQMqEtlAMA0GCSqGSIb3DQEBCwUAA4IBAQAwDUuzJd7k2ZILirvJuFtK
dN/90bH1tAgXbq7XTcTHaw3wjhjUj489gsGRCZ8WGbCpUaTG5S41gv3IJagAGXPL
az6Zv4nsrlKST642UiQw0mL2kc7ZI56CC3GgRp4mhrkP9Q97onymDx5n+ibPBs9T
C8/w/WY3+YJql4mGZHlUSKYJWaEUB0PCyn7UfsGMnA6of5nCZuNsSQ3oWf7ssp5j
8VC2RZcQ506rf1mVaWrxLmxEydOTbz1nvEDARPoT7c7LkIcTTcEWA/BUfI6TPacw
SyA7s4sYl9C8U9MaPSN4tFGDLAdQwooC9PIs+QsCqY4TxwKpauxxKBY6bXhGyLp3
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:42:55 2024 by rpki-client on console-fra.rpki-client.org