Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/jevXkRK5_BMqW-H-X0f7h6W8Pl4.roa
File: jevXkRK5_BMqW-H-X0f7h6W8Pl4.roa (raw, json)
Hash identifier: QE+ViIaMe5OSTWOw3lcA7Lsg0w9OdZsUzDuAlnpG42A=
Subject key identifier: 8D:EB:D7:91:12:B9:FC:13:2A:5B:E1:FE:5F:47:FB:87:A5:BC:3E:5E
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 018F37FECD1E69DA504195E810AE9BEC95F9
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/jevXkRK5_BMqW-H-X0f7h6W8Pl4.roa
Signing time: Thu 02 May 2024 06:29:56 +0000
ROA not before: Thu 02 May 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200780
IP address blocks: 77.236.98.0/23 maxlen: 24
88.218.32.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
91.234.104.0/22 maxlen: 24
95.178.108.0/22 maxlen: 24
185.40.102.0/23 maxlen: 24
194.106.208.0/23 maxlen: 24
195.35.96.0/24 maxlen: 24
195.133.148.0/22 maxlen: 24
2a10:780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:37:fe:cd:1e:69:da:50:41:95:e8:10:ae:9b:ec:95:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: May 2 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8debd79112b9fc132a5be1fe5f47fb87a5bc3e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:67:1b:be:64:7d:a0:d0:e0:2c:61:9b:4e:73:
fc:d3:53:5a:4d:c1:08:35:45:08:d5:1e:7e:a6:53:
76:5a:f8:09:32:bc:4c:e9:08:ab:f7:3f:75:47:bc:
25:80:33:34:04:78:a8:a0:e3:2c:c6:60:8f:9e:df:
69:60:53:59:ec:43:d8:2b:3c:bb:d2:92:64:f5:42:
a8:62:95:7a:b8:a3:b9:a6:50:44:1e:02:85:98:cf:
a7:66:86:ed:cc:69:5d:22:9c:5c:f0:43:29:85:37:
d1:f7:62:29:1c:ea:01:66:48:0a:09:06:1e:ad:83:
07:07:d5:27:ec:a7:b5:a7:27:ee:9a:c3:55:0e:b2:
1d:88:86:ab:13:09:38:40:96:b1:44:e3:e3:5c:35:
16:a1:ea:61:40:37:ca:dc:fc:66:71:45:8d:52:6d:
6c:b1:03:87:0f:a0:27:a2:cc:01:5b:39:9a:e8:4e:
4f:82:a4:34:4a:c8:42:1e:fb:d7:07:67:c6:29:dd:
18:b6:6b:e2:a3:7d:5f:20:81:49:f4:3f:e9:8e:42:
c0:e5:10:71:5d:d0:26:26:e4:3d:47:70:3f:56:3e:
e2:24:85:fa:86:9b:39:63:36:c9:04:e2:6e:f3:68:
2f:66:f6:82:5f:fd:a1:2a:6b:16:a9:bf:da:76:9c:
f2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EB:D7:91:12:B9:FC:13:2A:5B:E1:FE:5F:47:FB:87:A5:BC:3E:5E
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/jevXkRK5_BMqW-H-X0f7h6W8Pl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.236.98.0/23
88.218.32.0/23
89.40.220.0/23
91.234.104.0/22
95.178.108.0/22
185.40.102.0/23
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
85:5a:cc:d5:df:1e:ae:cf:92:12:42:08:92:b1:3b:57:59:8d:
82:4b:0f:cd:ea:34:87:a5:47:09:fc:01:f5:06:81:b3:81:cd:
e0:e6:27:32:70:9d:3b:cb:f6:95:b1:a6:fd:a5:4e:df:8e:72:
45:9d:96:4d:98:90:08:32:44:77:0b:b8:64:e0:3b:dd:51:97:
a8:5c:1c:14:2f:b6:d6:da:e8:03:fc:27:ba:5b:7b:17:7d:02:
45:0e:fd:22:6c:5d:e2:c5:b2:88:97:d3:f2:fc:ba:96:1c:77:
2e:3c:20:8b:ee:f0:32:f3:a4:b0:2e:48:f3:53:3b:73:0d:4d:
1c:ed:6f:fa:46:7d:d3:ee:6e:79:df:22:3e:4e:69:2e:e1:8b:
3c:bc:0e:6b:00:69:cf:94:68:bb:e2:f4:e8:c1:78:d0:6a:d9:
ca:ee:7b:74:3b:6f:78:60:b4:c8:d6:ab:a0:cd:50:b8:bd:12:
94:a7:4d:60:a8:bd:10:b1:43:b8:89:53:6c:1e:2b:37:ed:19:
e7:f1:c1:ca:db:b5:92:df:e8:01:b8:77:3b:50:0d:9c:5a:6f:
8f:71:cc:84:d1:0b:7f:92:7d:45:1e:43:18:2e:0b:2c:d4:f3:
a9:bc:78:f8:87:3e:e6:79:f4:fc:e4:c5:e1:0f:48:58:74:b1:
c0:81:4d:41
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY83/s0eadpQQZXoEK6b7JX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNTAyMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGViZDc5MTEyYjlmYzEzMmE1YmUxZmU1ZjQ3ZmI4N2E1YmMzZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmcbvmR9oNDgLGGbTnP801NaTcEI
NUUI1R5+plN2WvgJMrxM6Qir9z91R7wlgDM0BHiooOMsxmCPnt9pYFNZ7EPYKzy7
0pJk9UKoYpV6uKO5plBEHgKFmM+nZobtzGldIpxc8EMphTfR92IpHOoBZkgKCQYe
rYMHB9Un7Ke1pyfumsNVDrIdiIarEwk4QJaxROPjXDUWoephQDfK3PxmcUWNUm1s
sQOHD6AnoswBWzma6E5PgqQ0SshCHvvXB2fGKd0Ytmvio31fIIFJ9D/pjkLA5RBx
XdAmJuQ9R3A/Vj7iJIX6hps5YzbJBOJu82gvZvaCX/2hKmsWqb/adpzywwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFI3r15ESufwTKlvh/l9H+4elvD5eMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvamV2WGtSSzVfQk1xVy1ILVgwZjdoNlc4UGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBTexiAwQB
WNogAwQBWSjcAwQCW+poAwQCX7JsAwQBuShmAwQBwmrQAwQAwyNgAwQCw4WUMA0E
AgACMAcDBQAqEAeAMA0GCSqGSIb3DQEBCwUAA4IBAQCFWszV3x6uz5ISQgiSsTtX
WY2CSw/N6jSHpUcJ/AH1BoGzgc3g5icycJ07y/aVsab9pU7fjnJFnZZNmJAIMkR3
C7hk4DvdUZeoXBwUL7bW2ugD/Ce6W3sXfQJFDv0ibF3ixbKIl9Py/LqWHHcuPCCL
7vAy86SwLkjzUztzDU0c7W/6Rn3T7m553yI+Tmku4Ys8vA5rAGnPlGi74vTowXjQ
atnK7nt0O294YLTI1qugzVC4vRKUp01gqL0QsUO4iVNsHis37Rnn8cHK27WS3+gB
uHc7UA2cWm+PccyE0Qt/kn1FHkMYLgss1POpvHj4hz7mefT85MXhD0hYdLHAgU1B
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:21:36 2024 by rpki-client on console-ams.rpki-client.org