Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/U3LifuXxxQKTWDLanFnWFAX83bM.roa
File: U3LifuXxxQKTWDLanFnWFAX83bM.roa (raw, json)
Hash identifier: txPWCq8ZGnsUG9cOfsXJfPbCaGwIk4K1ofWsqIiOUyM=
Subject key identifier: 53:72:E2:7E:E5:F1:C5:02:93:58:32:DA:9C:59:D6:14:05:FC:DD:B3
Certificate issuer: /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial: 018CC5014CE142D09EB3939D2AAE873CFA88
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/U3LifuXxxQKTWDLanFnWFAX83bM.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 78.108.224.0/20 maxlen: 24
213.55.0.0/18 maxlen: 24
80.69.208.0/20 maxlen: 24
109.122.128.0/18 maxlen: 24
185.147.224.0/22 maxlen: 24
5.57.96.0/19 maxlen: 24
2a00:a080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.mft
rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4c:e1:42:d0:9e:b3:93:9d:2a:ae:87:3c:fa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5372e27ee5f1c502935832da9c59d61405fcddb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a2:22:e9:95:0d:5c:9f:65:bf:f0:34:70:1c:
fa:81:3e:2d:52:e8:91:dd:a3:b4:bd:0c:76:aa:07:
b3:60:ff:31:31:a1:1d:93:41:76:83:58:51:65:01:
5c:9c:f1:be:cb:3e:b3:97:d7:e5:f9:ff:e2:e8:01:
7d:f1:26:dd:60:0d:e4:f6:65:a2:f0:df:74:28:3e:
61:ea:53:7a:44:73:a1:0c:30:ef:50:4e:e0:5b:cc:
10:ae:a3:fb:49:4d:e9:03:df:8a:4b:1b:e2:bb:c1:
1c:dd:22:cf:4f:89:81:4b:bb:dd:c2:bd:5e:db:02:
2f:8a:15:7c:42:0a:6f:45:b7:a6:44:64:ef:e9:a0:
71:43:d1:ce:2e:cf:51:38:d0:f4:c9:61:9b:a4:cd:
a8:19:30:e8:7a:1b:6f:9c:71:ee:95:9e:13:4b:33:
1f:09:8b:88:ff:58:c7:3c:de:e1:4e:e1:5c:5b:9e:
6c:28:35:2f:cc:38:1f:56:0a:8c:b9:cb:dc:d3:53:
6e:d4:24:3e:22:e4:5d:e1:46:e9:bd:7f:62:d6:c5:
73:d3:aa:3a:87:71:c1:73:79:ca:7e:80:55:e7:37:
ef:3c:d5:7e:15:24:b1:bf:11:f2:40:c1:a4:5e:f5:
29:10:f9:e1:ed:e5:34:fb:53:18:94:e3:01:55:08:
59:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:72:E2:7E:E5:F1:C5:02:93:58:32:DA:9C:59:D6:14:05:FC:DD:B3
X509v3 Authority Key Identifier:
keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/U3LifuXxxQKTWDLanFnWFAX83bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.96.0/19
78.108.224.0/20
80.69.208.0/20
109.122.128.0/18
185.147.224.0/22
213.55.0.0/18
IPv6:
2a00:a080::/32
Signature Algorithm: sha256WithRSAEncryption
87:94:20:54:97:d0:d0:11:8a:d1:a4:bf:a4:a3:db:f5:19:00:
db:4e:7a:3e:89:53:fe:ef:3f:ea:3f:63:d2:5a:99:d7:3f:56:
73:dc:53:41:89:8c:fc:85:ba:4d:d8:0f:2f:a5:1e:18:23:fd:
71:d1:0b:83:2a:a2:80:e4:29:da:62:15:34:09:60:5e:1e:0c:
92:81:11:ba:6c:23:e1:50:9c:ad:56:15:88:e0:d7:6c:3c:47:
79:ab:8c:f5:9b:13:4c:99:49:57:82:14:ae:79:90:55:80:19:
47:b1:48:ec:d1:26:9b:48:06:ec:61:c5:99:f2:5d:7d:55:f7:
1d:e8:51:f0:00:7c:92:e0:64:81:cf:28:4f:e8:19:6e:fa:6f:
e1:45:6b:b5:fb:9b:4b:83:af:de:dc:77:8b:aa:4a:76:18:18:
ed:09:cb:c7:6a:8f:0a:63:71:d3:41:70:0d:69:60:e7:7e:1a:
d6:7a:27:63:2a:ba:59:08:d3:b0:45:79:67:14:24:2a:9d:52:
6e:d8:7b:7a:3a:4e:17:93:1a:7e:6b:99:9f:e0:bb:9e:da:12:
84:d4:ba:ad:c0:6d:b1:2a:35:48:9d:76:1b:99:a7:23:f1:b9:
7c:a7:23:ce:0a:1d:b8:49:f2:ad:f4:15:98:1d:d7:bc:4f:25:
05:58:fd:3c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFAUzhQtCes5OdKq6HPPqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcyZTI3ZWU1ZjFjNTAyOTM1ODMyZGE5YzU5ZDYxNDA1ZmNkZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Ii6ZUNXJ9lv/A0cBz6gT4tUuiR
3aO0vQx2qgezYP8xMaEdk0F2g1hRZQFcnPG+yz6zl9fl+f/i6AF98SbdYA3k9mWi
8N90KD5h6lN6RHOhDDDvUE7gW8wQrqP7SU3pA9+KSxviu8Ec3SLPT4mBS7vdwr1e
2wIvihV8QgpvRbemRGTv6aBxQ9HOLs9ROND0yWGbpM2oGTDoehtvnHHulZ4TSzMf
CYuI/1jHPN7hTuFcW55sKDUvzDgfVgqMucvc01Nu1CQ+IuRd4UbpvX9i1sVz06o6
h3HBc3nKfoBV5zfvPNV+FSSxvxHyQMGkXvUpEPnh7eU0+1MYlOMBVQhZswIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFNy4n7l8cUCk1gy2pxZ1hQF/N2zMB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEvVTNMaWZ1WHh4UUtUV0RMYW5GbldGQVg4M2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFBTlgAwQE
TmzgAwQEUEXQAwQGbXqAAwQCuZPgAwQG1TcAMA0EAgACMAcDBQAqAKCAMA0GCSqG
SIb3DQEBCwUAA4IBAQCHlCBUl9DQEYrRpL+ko9v1GQDbTno+iVP+7z/qP2PSWpnX
P1Zz3FNBiYz8hbpN2A8vpR4YI/1x0QuDKqKA5CnaYhU0CWBeHgySgRG6bCPhUJyt
VhWI4NdsPEd5q4z1mxNMmUlXghSueZBVgBlHsUjs0SabSAbsYcWZ8l19Vfcd6FHw
AHyS4GSBzyhP6Blu+m/hRWu1+5tLg6/e3HeLqkp2GBjtCcvHao8KY3HTQXANaWDn
fhrWeidjKrpZCNOwRXlnFCQqnVJu2Ht6Ok4Xkxp+a5mf4Lue2hKE1LqtwG2xKjVI
nXYbmacj8bl8pyPOCh24SfKt9BWYHde8TyUFWP08
-----END CERTIFICATE-----
Generated at Sun May 5 19:53:35 2024 by rpki-client on console-fra.rpki-client.org