Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/J-F67EchYLFsSdnuT0ELKO3zkVM.roa
File: J-F67EchYLFsSdnuT0ELKO3zkVM.roa (raw, json)
Hash identifier: X3ffb8upes93ybjj9N2ywu5hcNrq4bSW9hgoat91kHU=
Subject key identifier: 27:E1:7A:EC:47:21:60:B1:6C:49:D9:EE:4F:41:0B:28:ED:F3:91:53
Certificate issuer: /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial: 01941FFA7292D13CB0550EA8C8DAA941AA34
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/J-F67EchYLFsSdnuT0ELKO3zkVM.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 212.83.64.0/22 maxlen: 22
212.83.68.0/22 maxlen: 22
212.142.0.0/18 maxlen: 18
212.142.0.0/19 maxlen: 19
212.142.32.0/19 maxlen: 19
213.46.60.0/22 maxlen: 22
213.46.160.0/19 maxlen: 19
213.46.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:72:92:d1:3c:b0:55:0e:a8:c8:da:a9:41:aa:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27e17aec472160b16c49d9ee4f410b28edf39153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a6:20:37:40:83:73:63:03:d2:b0:15:e9:89:
b8:7b:30:00:87:4e:3b:26:28:da:0d:06:b8:3b:78:
09:e0:1d:95:c9:bf:29:63:3b:a1:46:07:7d:62:ed:
22:6e:a0:13:5e:7e:20:b4:8f:b9:fa:ce:90:32:a1:
a4:94:4f:e2:3a:b2:a2:15:a6:9f:db:05:d6:50:e8:
5a:d4:26:70:ad:0a:d7:4a:72:a3:c0:71:63:66:11:
fe:ce:e1:dd:f7:89:3e:10:8c:3e:7a:59:08:bd:e9:
6f:a2:53:e8:9d:03:e4:d3:bc:79:a2:6e:40:ef:95:
cb:9b:c6:8e:9d:d8:f2:88:26:ea:3d:21:5c:3b:f7:
74:52:7c:8c:4f:83:33:aa:70:93:21:7c:7d:26:a0:
b2:65:33:eb:4d:92:4a:15:4c:9b:85:db:de:f4:c1:
2b:b0:54:33:57:f4:fc:c3:f9:d7:e8:a5:40:18:9b:
96:90:af:42:fb:ee:23:13:4d:0a:5e:05:9f:0c:19:
11:c5:3d:8d:ec:92:c2:52:f1:dc:46:9c:0e:f8:67:
0c:08:2c:ab:f2:4e:44:6b:5a:54:fa:4e:1a:7b:d2:
0a:69:f7:84:9e:41:40:6e:91:eb:4c:97:f2:28:f2:
a0:63:35:12:f1:f8:49:b7:c2:29:f0:f4:a8:2d:77:
e7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E1:7A:EC:47:21:60:B1:6C:49:D9:EE:4F:41:0B:28:ED:F3:91:53
X509v3 Authority Key Identifier:
keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/J-F67EchYLFsSdnuT0ELKO3zkVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.83.64.0/21
212.142.0.0/18
213.46.60.0/22
213.46.160.0/19
213.46.224.0/19
Signature Algorithm: sha256WithRSAEncryption
27:e2:e5:6f:8c:ed:44:55:83:67:79:17:98:b5:bc:9c:d5:00:
e0:9f:29:36:9b:97:7c:5d:55:68:ed:d6:e1:ce:3b:4c:f7:b5:
f7:7b:83:06:66:23:b0:f3:de:cc:fc:15:d4:66:57:a8:17:6d:
f1:ed:d6:0e:96:42:d8:8a:0e:f5:64:07:1e:2d:9f:da:c1:65:
83:ea:d9:08:12:6d:94:a6:1f:77:15:1f:69:4f:8c:3a:ae:7a:
47:56:40:fd:e3:a9:92:c4:6e:05:10:ca:26:bf:c8:af:12:b4:
e3:6b:0e:ad:e7:83:55:e8:ef:e6:0e:bf:0c:c0:86:b1:b4:d1:
ce:ab:50:0f:ad:df:46:bd:71:af:42:e4:14:b4:2a:42:be:ef:
24:6a:fc:20:18:ff:c4:9d:f8:f6:04:b6:6b:0b:dc:f9:b7:25:
ec:cc:a1:46:7c:17:0e:b6:79:cc:48:55:00:7c:11:be:b0:43:
5a:4b:10:eb:18:1a:04:4a:2d:20:a6:ec:32:f2:7e:3d:e5:6d:
f4:17:f2:aa:4e:6d:b4:64:12:4e:5a:5a:f7:36:db:df:2d:25:
f1:0e:07:82:b8:9c:b4:29:25:d0:4a:72:8c:b1:f4:01:44:a5:
5e:e0:f3:3d:b9:3f:7e:7b:d6:8f:a3:ed:0a:d1:ba:d2:ab:93:
3d:90:d7:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQf+nKS0TywVQ6oyNqpQao0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2UxN2FlYzQ3MjE2MGIxNmM0OWQ5ZWU0ZjQxMGIyOGVkZjM5MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqYgN0CDc2MD0rAV6Ym4ezAAh047
JijaDQa4O3gJ4B2Vyb8pYzuhRgd9Yu0ibqATXn4gtI+5+s6QMqGklE/iOrKiFaaf
2wXWUOha1CZwrQrXSnKjwHFjZhH+zuHd94k+EIw+elkIvelvolPonQPk07x5om5A
75XLm8aOndjyiCbqPSFcO/d0UnyMT4MzqnCTIXx9JqCyZTPrTZJKFUybhdve9MEr
sFQzV/T8w/nX6KVAGJuWkK9C++4jE00KXgWfDBkRxT2N7JLCUvHcRpwO+GcMCCyr
8k5Ea1pU+k4ae9IKafeEnkFAbpHrTJfyKPKgYzUS8fhJt8Ip8PSoLXfnIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCfheuxHIWCxbEnZ7k9BCyjt85FTMB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvSi1GNjdFY2hZTEZzU2RudVQwRUxLTzN6a1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQD1FNAAwQG
1I4AAwQC1S48AwQF1S6gAwQF1S7gMA0GCSqGSIb3DQEBCwUAA4IBAQAn4uVvjO1E
VYNneReYtbyc1QDgnyk2m5d8XVVo7dbhzjtM97X3e4MGZiOw897M/BXUZleoF23x
7dYOlkLYig71ZAceLZ/awWWD6tkIEm2Uph93FR9pT4w6rnpHVkD946mSxG4FEMom
v8ivErTjaw6t54NV6O/mDr8MwIaxtNHOq1APrd9GvXGvQuQUtCpCvu8kavwgGP/E
nfj2BLZrC9z5tyXszKFGfBcOtnnMSFUAfBG+sENaSxDrGBoESi0gpuwy8n495W30
F/KqTm20ZBJOWlr3NtvfLSXxDgeCuJy0KSXQSnKMsfQBRKVe4PM9uT9+e9aPo+0K
0brSq5M9kNeC
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:41:27 2025 by rpki-client