Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/jdpXFqgSOq_OrfPGSURfw7EtwjA.roa
File: jdpXFqgSOq_OrfPGSURfw7EtwjA.roa (raw, json)
Hash identifier: NZM9BeWwtCDC6uUCa17DCGwDxjogrAPttTqJ6ThGMos=
Subject key identifier: 8D:DA:57:16:A8:12:3A:AF:CE:AD:F3:C6:49:44:5F:C3:B1:2D:C2:30
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018ED263E97F78CBE834CBD31BC1CD455B11
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/jdpXFqgSOq_OrfPGSURfw7EtwjA.roa
Signing time: Fri 12 Apr 2024 12:59:06 +0000
ROA not before: Fri 12 Apr 2024 12:59:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60077
IP address blocks: 78.110.112.0/21 maxlen: 32
78.110.112.0/22 maxlen: 32
78.110.116.0/22 maxlen: 32
85.198.8.0/21 maxlen: 32
85.198.8.0/22 maxlen: 32
85.198.12.0/22 maxlen: 32
85.198.16.0/21 maxlen: 32
85.198.16.0/22 maxlen: 32
85.198.20.0/22 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.128.0/20 maxlen: 32
193.151.144.0/20 maxlen: 32
193.151.144.0/21 maxlen: 32
193.151.152.0/22 maxlen: 32
193.151.156.0/23 maxlen: 32
193.151.156.0/24 maxlen: 32
193.151.157.0/24 maxlen: 32
193.151.158.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
2a05:1a30::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:63:e9:7f:78:cb:e8:34:cb:d3:1b:c1:cd:45:5b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Apr 12 12:59:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dda5716a8123aafceadf3c649445fc3b12dc230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:32:12:eb:c6:86:1e:39:7d:9c:79:60:f8:35:
c7:91:b1:b7:c1:67:02:12:a8:89:ca:59:2b:f8:d2:
2f:3c:aa:d5:e6:9e:f3:68:3f:7f:2a:bd:99:58:ad:
fa:1e:34:ea:05:1e:9b:9f:0f:b0:86:3a:cf:de:d7:
4e:28:c5:0e:f1:c7:ed:6c:97:01:27:de:6a:54:c6:
6d:af:41:fe:a1:91:a8:cb:5a:12:c5:c1:00:58:e5:
aa:a0:bc:6b:2f:c1:c9:c1:12:15:f4:71:bd:5f:9a:
c8:3d:ec:f0:be:6e:d9:00:1e:64:1c:05:de:07:6b:
ef:f0:94:60:5c:96:c8:55:82:a7:32:e8:fc:18:9c:
8b:63:d1:e7:2a:11:e5:83:37:4c:5b:dc:f7:66:76:
f0:4f:3f:f3:36:b0:20:23:15:fb:43:3f:e7:f8:3d:
5b:9d:13:78:76:08:a6:32:79:cb:50:e1:21:6b:1c:
3d:a4:f3:d7:d4:63:c4:cf:49:1a:15:05:d8:df:44:
e0:bc:01:45:cf:81:88:62:6c:8e:82:a9:ac:7c:94:
06:a0:28:28:c4:ff:3b:a5:c2:b4:f5:07:f4:71:aa:
3c:d3:bf:2b:24:df:2c:4d:fb:52:78:b5:85:53:9e:
cd:63:47:c8:04:df:6b:68:61:3d:12:0c:ef:9a:10:
5f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DA:57:16:A8:12:3A:AF:CE:AD:F3:C6:49:44:5F:C3:B1:2D:C2:30
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/jdpXFqgSOq_OrfPGSURfw7EtwjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/21
85.198.8.0-85.198.23.255
193.151.128.0/19
IPv6:
2a05:1a30::/34
Signature Algorithm: sha256WithRSAEncryption
1a:84:68:2f:9b:a0:cc:cf:54:91:cb:3d:5e:e0:a5:62:bd:fd:
c9:34:5f:87:82:5e:6c:9a:b2:9a:78:0f:a4:db:df:8e:c8:ff:
21:8f:b9:97:46:5c:02:2e:6c:40:23:c1:48:23:24:75:63:e3:
84:63:54:67:15:1b:1e:8d:d0:9d:32:64:83:1f:e0:65:f2:4f:
9e:44:d9:39:e3:6d:ca:58:4f:b3:58:3f:35:bf:00:59:ce:bb:
3f:b8:3a:d1:ae:9f:9c:46:22:8c:ec:90:07:0a:75:d3:5c:1b:
86:8c:b5:ca:2d:1c:6c:d4:f6:65:2d:8a:b5:3e:6c:68:76:41:
94:fa:a4:e0:3d:97:69:23:f4:23:60:41:ed:b8:a3:e8:e9:4a:
ba:87:18:17:bd:36:f9:ab:f8:fa:b4:3a:0e:04:ad:dd:a0:8e:
91:5c:0a:cd:49:d8:9e:d7:c3:a0:0c:60:98:ff:eb:1c:d0:b9:
19:a9:29:72:5f:d2:82:51:0d:50:bf:d2:00:b1:89:17:c0:bf:
e4:43:25:17:6f:59:24:06:83:ff:f1:cc:43:d4:b6:eb:5c:11:
a8:47:27:7f:06:c1:2d:1f:0f:9c:38:16:ce:a9:41:b9:64:60:
ea:e0:23:a2:f0:36:e1:f7:c5:94:4a:9b:8f:39:c8:f8:c8:b5:
84:dc:50:67
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7SY+l/eMvoNMvTG8HNRVsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwNDEyMTI1OTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRhNTcxNmE4MTIzYWFmY2VhZGYzYzY0OTQ0NWZjM2IxMmRjMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojIS68aGHjl9nHlg+DXHkbG3wWcC
EqiJylkr+NIvPKrV5p7zaD9/Kr2ZWK36HjTqBR6bnw+whjrP3tdOKMUO8cftbJcB
J95qVMZtr0H+oZGoy1oSxcEAWOWqoLxrL8HJwRIV9HG9X5rIPezwvm7ZAB5kHAXe
B2vv8JRgXJbIVYKnMuj8GJyLY9HnKhHlgzdMW9z3ZnbwTz/zNrAgIxX7Qz/n+D1b
nRN4dgimMnnLUOEhaxw9pPPX1GPEz0kaFQXY30TgvAFFz4GIYmyOgqmsfJQGoCgo
xP87pcK09Qf0cao8078rJN8sTftSeLWFU57NY0fIBN9raGE9EgzvmhBftQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI3aVxaoEjqvzq3zxklEX8OxLcIwMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvamRwWEZxZ1NPcV9PcmZQR1NVUmZ3N0V0d2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaAwQDTm5wMAwD
BANVxggDBANVxhADBAXBl4AwDgQCAAIwCAMGBioFGjAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAahGgvm6DMz1SRyz1e4KVivf3JNF+Hgl5smrKaeA+k29+OyP8hj7mXRlwC
LmxAI8FIIyR1Y+OEY1RnFRsejdCdMmSDH+Bl8k+eRNk5423KWE+zWD81vwBZzrs/
uDrRrp+cRiKM7JAHCnXTXBuGjLXKLRxs1PZlLYq1PmxodkGU+qTgPZdpI/QjYEHt
uKPo6Uq6hxgXvTb5q/j6tDoOBK3doI6RXArNSdie18OgDGCY/+sc0LkZqSlyX9KC
UQ1Qv9IAsYkXwL/kQyUXb1kkBoP/8cxD1LbrXBGoRyd/BsEtHw+cOBbOqUG5ZGDq
4COi8Dbh98WUSpuPOcj4yLWE3FBn
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:04:05 2024 by rpki-client on console-fra.rpki-client.org