Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/sj02OVb6GppEKEINuWDg1lRcxSo.roa
File: sj02OVb6GppEKEINuWDg1lRcxSo.roa (raw, json)
Hash identifier: IZoPlXM0T13KUx/EAXZuOPhonraWEYr5Gs77jsOk1oQ=
Subject key identifier: B2:3D:36:39:56:FA:1A:9A:44:28:42:0D:B9:60:E0:D6:54:5C:C5:2A
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC18475A4F484B7C0110257E4EE75B
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/sj02OVb6GppEKEINuWDg1lRcxSo.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8562
IP address blocks: 217.76.160.0/20 maxlen: 20
193.154.144.0/20 maxlen: 20
90.152.128.0/17 maxlen: 17
84.20.184.0/22 maxlen: 22
176.66.64.0/18 maxlen: 18
2001:890:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:18:47:5a:4f:48:4b:7c:01:10:25:7e:4e:e7:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b23d363956fa1a9a4428420db960e0d6545cc52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e3:de:14:26:4e:48:5f:fb:5a:c1:ad:a6:57:
61:e2:61:af:52:38:6e:fe:bb:d2:e3:7e:2a:b4:1a:
d1:92:24:fd:39:28:88:a5:a5:c4:79:29:3e:98:e5:
06:fc:c1:b0:4f:cb:a5:a9:f4:0e:9d:83:e5:bd:ce:
49:b1:bf:d0:31:fd:9a:89:87:c5:7d:05:21:ff:e3:
06:3c:8c:ec:c2:8d:08:93:c6:70:a7:76:fc:f6:8a:
e4:2e:fc:6e:30:21:5b:16:a5:cc:8e:be:3b:75:f0:
6d:27:4d:04:87:89:65:47:93:19:2a:34:f7:83:eb:
b8:be:bf:58:60:50:c1:7f:56:e3:33:73:f7:19:b8:
21:1b:98:8e:63:52:92:dd:fa:6c:39:7d:e0:42:87:
52:45:7a:d2:77:4f:9d:af:04:cd:52:d4:69:2b:64:
69:1d:f5:3e:15:0c:64:18:80:79:30:2f:99:50:a3:
0d:f4:d1:5b:b7:4f:79:4b:65:c3:92:6c:0e:20:be:
ba:ad:8b:59:97:98:b2:95:f3:54:b5:74:36:87:9b:
55:b7:d7:44:79:16:d7:24:55:39:2a:58:a4:cc:f1:
e6:93:e3:14:1f:25:17:a4:e7:8d:c5:fd:72:1a:b0:
4f:7a:d8:18:cc:1f:fa:e8:a2:e8:d1:90:90:ca:97:
db:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3D:36:39:56:FA:1A:9A:44:28:42:0D:B9:60:E0:D6:54:5C:C5:2A
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/sj02OVb6GppEKEINuWDg1lRcxSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.184.0/22
90.152.128.0/17
176.66.64.0/18
193.154.144.0/20
217.76.160.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
93:85:8f:6f:ba:05:a1:e8:37:c9:cc:b4:6c:d0:5f:4e:ac:6d:
45:e1:c6:06:a6:3a:14:3b:30:a9:d9:69:11:c9:dd:8d:23:e7:
28:53:e2:07:88:ff:1c:06:97:01:89:28:c4:ed:0a:37:22:1c:
73:ce:d7:19:73:82:bf:cb:49:c4:25:fd:57:cc:54:1e:4e:ee:
d6:d1:32:38:36:ac:7f:e0:11:67:88:ee:f4:c4:59:83:12:33:
a8:09:ba:49:e0:f2:c0:7a:e2:ad:a7:a3:ae:cb:90:66:60:cd:
50:06:3f:bf:b4:4b:ba:e8:a1:e3:52:38:56:4e:9e:1e:45:ec:
7f:80:a3:4f:69:4a:8a:bf:f4:8a:80:53:02:96:a8:24:5a:66:
e1:c3:d1:62:c9:17:fd:c0:9c:e1:43:55:b4:86:39:4b:ec:b1:
66:26:1f:d3:8b:38:e5:11:d1:70:10:03:71:96:06:8f:e8:19:
2e:af:52:5f:8f:58:6c:eb:a2:48:6b:cd:80:12:e2:ff:36:fa:
95:7c:80:48:38:4a:16:fd:79:91:09:96:2c:bf:c0:07:62:76:
5f:1a:84:55:17:9f:a2:5f:96:2d:24:a6:e7:5b:98:c8:ed:48:
df:7c:41:59:84:8d:e5:23:f8:62:c8:12:2f:e9:c5:2e:c7:c3:
7c:b1:4f:b1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzF3BhHWk9IS3wBECV+TudbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjNkMzYzOTU2ZmExYTlhNDQyODQyMGRiOTYwZTBkNjU0NWNjNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhePeFCZOSF/7WsGtpldh4mGvUjhu
/rvS434qtBrRkiT9OSiIpaXEeSk+mOUG/MGwT8ulqfQOnYPlvc5Jsb/QMf2aiYfF
fQUh/+MGPIzswo0Ik8Zwp3b89orkLvxuMCFbFqXMjr47dfBtJ00Eh4llR5MZKjT3
g+u4vr9YYFDBf1bjM3P3GbghG5iOY1KS3fpsOX3gQodSRXrSd0+drwTNUtRpK2Rp
HfU+FQxkGIB5MC+ZUKMN9NFbt095S2XDkmwOIL66rYtZl5iylfNUtXQ2h5tVt9dE
eRbXJFU5KlikzPHmk+MUHyUXpOeNxf1yGrBPetgYzB/66KLo0ZCQypfbhQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLI9NjlW+hqaRChCDblg4NZUXMUqMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvc2owMk9WYjZHcHBFS0VJTnVXRGcxbFJjeFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCVBS4AwQH
WpiAAwQGsEJAAwQEwZqQAwQE2UygMA4EAgACMAgDBgYgAQiQwDANBgkqhkiG9w0B
AQsFAAOCAQEAk4WPb7oFoeg3ycy0bNBfTqxtReHGBqY6FDswqdlpEcndjSPnKFPi
B4j/HAaXAYkoxO0KNyIcc87XGXOCv8tJxCX9V8xUHk7u1tEyODasf+ARZ4ju9MRZ
gxIzqAm6SeDywHriraejrsuQZmDNUAY/v7RLuuih41I4Vk6eHkXsf4CjT2lKir/0
ioBTApaoJFpm4cPRYskX/cCc4UNVtIY5S+yxZiYf04s45RHRcBADcZYGj+gZLq9S
X49YbOuiSGvNgBLi/zb6lXyASDhKFv15kQmWLL/AB2J2XxqEVRefol+WLSSm51uY
yO1I33xBWYSN5SP4YsgSL+nFLsfDfLFPsQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:37:27 2024 by rpki-client on console-fra.rpki-client.org