Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/rUYtJXNL-JM77AVwI-d1dunvfVA.roa
File: rUYtJXNL-JM77AVwI-d1dunvfVA.roa (raw, json)
Hash identifier: Jqdy9skpAY8r5n3r9+XoF/zjsdO22Iv39m5MZKwrVm0=
Subject key identifier: AD:46:2D:25:73:4B:F8:93:3B:EC:05:70:23:E7:75:76:E9:EF:7D:50
Certificate issuer: /CN=6cc23670f9789c02d83ba7c2e7e4c6e9ede52f7a
Certificate serial: 018CC56E34DB39A44CBB1740094BB0CFEA8C
Authority key identifier: 6C:C2:36:70:F9:78:9C:02:D8:3B:A7:C2:E7:E4:C6:E9:ED:E5:2F:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMI2cPl4nALYO6fC5-TG6e3lL3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/rUYtJXNL-JM77AVwI-d1dunvfVA.roa
Signing time: Mon 01 Jan 2024 14:29:43 +0000
ROA not before: Mon 01 Jan 2024 14:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203424
IP address blocks: 185.45.176.0/22 maxlen: 22
213.128.160.0/19 maxlen: 19
147.12.32.0/19 maxlen: 19
195.181.128.0/19 maxlen: 19
217.116.80.0/20 maxlen: 20
2a02:2c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/bMI2cPl4nALYO6fC5-TG6e3lL3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/bMI2cPl4nALYO6fC5-TG6e3lL3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/bMI2cPl4nALYO6fC5-TG6e3lL3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:34:db:39:a4:4c:bb:17:40:09:4b:b0:cf:ea:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc23670f9789c02d83ba7c2e7e4c6e9ede52f7a
Validity
Not Before: Jan 1 14:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad462d25734bf8933bec057023e77576e9ef7d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:07:21:ab:c6:e0:29:e2:ae:8b:fd:cb:58:26:
28:b0:e4:ab:ed:7e:4c:07:3b:5a:53:74:69:f0:05:
83:5e:6c:c7:07:7f:87:05:de:f0:ac:67:81:07:54:
ac:f9:fa:8f:15:85:81:8e:e8:0c:75:31:e7:f0:ba:
09:1b:cb:98:aa:00:84:de:08:8c:51:16:cb:f3:b3:
44:ae:e7:76:7e:b2:06:98:53:a6:e7:b1:e6:57:08:
bf:db:ca:3f:df:c1:84:02:9f:90:b1:30:0c:d7:b1:
f9:aa:22:dc:a4:67:09:ed:66:91:39:81:56:6c:7a:
a0:9c:14:f0:04:94:50:29:c1:ad:02:48:e8:72:b7:
37:e3:23:b2:1e:bb:6d:9e:4b:ed:83:6a:7b:08:c7:
b0:e4:ba:a4:ed:cc:2a:fc:fa:de:04:49:1b:3a:92:
01:3c:35:d7:54:5d:a5:ab:f3:8d:d5:ef:b0:09:5d:
88:ff:84:05:d5:1b:6b:ca:2b:01:64:e8:bd:b8:5e:
b6:e9:e2:49:e0:fd:58:0f:13:7a:14:29:8e:3e:a0:
8d:07:ed:8e:bb:49:4d:4c:1d:63:65:7c:be:d9:ee:
c1:52:89:31:8d:83:f8:a2:82:fe:91:4d:14:ec:8b:
a9:66:af:2e:53:dc:76:e4:1c:55:e5:49:24:4f:9d:
9e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:46:2D:25:73:4B:F8:93:3B:EC:05:70:23:E7:75:76:E9:EF:7D:50
X509v3 Authority Key Identifier:
keyid:6C:C2:36:70:F9:78:9C:02:D8:3B:A7:C2:E7:E4:C6:E9:ED:E5:2F:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMI2cPl4nALYO6fC5-TG6e3lL3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/rUYtJXNL-JM77AVwI-d1dunvfVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/9fd20e-34d7-4949-a307-9087e0ff3d36/1/bMI2cPl4nALYO6fC5-TG6e3lL3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.12.32.0/19
185.45.176.0/22
195.181.128.0/19
213.128.160.0/19
217.116.80.0/20
IPv6:
2a02:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
c8:6f:da:c7:bc:11:b6:d2:a7:6f:b5:28:17:a8:73:e7:71:a3:
e0:9c:b3:0d:47:81:9a:9a:97:b8:dd:64:ba:a4:90:73:fb:1a:
9f:89:8d:9b:5b:5a:29:38:c3:0f:52:64:3c:d9:1f:df:ce:b0:
10:70:75:9d:b7:f7:2e:f1:2d:a3:0d:bf:ee:b1:d2:75:3a:4f:
cd:7b:0d:be:58:80:69:2a:d2:f0:66:46:19:84:f1:d7:6b:ef:
d8:a5:2c:df:0a:44:fb:8e:f6:cf:64:39:aa:e2:c6:84:00:0d:
5a:ca:15:00:0e:17:8c:25:c5:e8:08:13:2a:38:a3:9b:d5:f8:
9f:d1:5b:fa:5f:7f:6c:d7:95:26:e7:2a:71:c2:9f:81:0f:99:
2c:0f:8f:89:5a:7a:55:26:1c:0e:85:2a:39:fe:eb:93:15:20:
e5:a0:e4:be:a8:15:a0:e9:fe:f7:8a:6d:d5:56:c8:69:ba:61:
8d:e7:c3:23:b0:2c:23:c4:e1:24:24:42:7d:ab:64:fd:9f:ff:
32:2d:98:95:db:7a:4a:4d:1a:08:79:9c:de:12:f2:2d:95:7b:
2e:f3:b0:c1:00:75:76:05:8f:df:6d:82:b4:4c:a2:8c:ae:a8:
d9:e1:16:e8:b5:9c:f1:60:6c:63:29:ac:d4:36:0d:3b:9a:97:
4f:71:c9:9b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFbjTbOaRMuxdACUuwz+qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzIzNjcwZjk3ODljMDJkODNiYTdjMmU3ZTRjNmU5ZWRl
NTJmN2EwHhcNMjQwMTAxMTQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQ2MmQyNTczNGJmODkzM2JlYzA1NzAyM2U3NzU3NmU5ZWY3ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgchq8bgKeKui/3LWCYosOSr7X5M
BztaU3Rp8AWDXmzHB3+HBd7wrGeBB1Ss+fqPFYWBjugMdTHn8LoJG8uYqgCE3giM
URbL87NErud2frIGmFOm57HmVwi/28o/38GEAp+QsTAM17H5qiLcpGcJ7WaROYFW
bHqgnBTwBJRQKcGtAkjocrc34yOyHrttnkvtg2p7CMew5Lqk7cwq/PreBEkbOpIB
PDXXVF2lq/ON1e+wCV2I/4QF1RtryisBZOi9uF626eJJ4P1YDxN6FCmOPqCNB+2O
u0lNTB1jZXy+2e7BUokxjYP4ooL+kU0U7IupZq8uU9x25BxV5UkkT52eswIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK1GLSVzS/iTO+wFcCPndXbp731QMB8GA1UdIwQY
MBaAFGzCNnD5eJwC2Dunwufkxunt5S96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1JMmNQbDRuQUxZTzZmQzUtVEc2ZTNsTDNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85ZmQyMGUtMzRkNy00OTQ5LWEzMDct
OTA4N2UwZmYzZDM2LzEvclVZdEpYTkwtSk03N0FWd0ktZDFkdW52ZlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85ZmQyMGUtMzRkNy00OTQ5LWEzMDctOTA4N2UwZmYzZDM2
LzEvYk1JMmNQbDRuQUxZTzZmQzUtVEc2ZTNsTDNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFkwwgAwQC
uS2wAwQFw7WAAwQF1YCgAwQE2XRQMA0EAgACMAcDBQMqAiwAMA0GCSqGSIb3DQEB
CwUAA4IBAQDIb9rHvBG20qdvtSgXqHPncaPgnLMNR4Gampe43WS6pJBz+xqfiY2b
W1opOMMPUmQ82R/fzrAQcHWdt/cu8S2jDb/usdJ1Ok/New2+WIBpKtLwZkYZhPHX
a+/YpSzfCkT7jvbPZDmq4saEAA1ayhUADheMJcXoCBMqOKOb1fif0Vv6X39s15Um
5ypxwp+BD5ksD4+JWnpVJhwOhSo5/uuTFSDloOS+qBWg6f73im3VVshpumGN58Mj
sCwjxOEkJEJ9q2T9n/8yLZiV23pKTRoIeZzeEvItlXsu87DBAHV2BY/fbYK0TKKM
rqjZ4RbotZzxYGxjKazUNg07mpdPccmb
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:14:01 2024 by rpki-client on console-fra.rpki-client.org