Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/kXJ4tP5GYgOYwyzVoCUhTjhOgZ4.roa
File: kXJ4tP5GYgOYwyzVoCUhTjhOgZ4.roa (raw, json)
Hash identifier: qV6XQqTohn5J5nHVzPQxBEPwfoHyupzXYGSWuoMDZMo=
Subject key identifier: 91:72:78:B4:FE:46:62:03:98:C3:2C:D5:A0:25:21:4E:38:4E:81:9E
Certificate issuer: /CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Certificate serial: 018EE647291BE73B097CFD719380A3CCBB52
Authority key identifier: 4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/kXJ4tP5GYgOYwyzVoCUhTjhOgZ4.roa
Signing time: Tue 16 Apr 2024 09:40:07 +0000
ROA not before: Tue 16 Apr 2024 09:40:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205975
IP address blocks: 80.79.48.0/20 maxlen: 24
147.189.155.0/24 maxlen: 24
176.10.0.0/20 maxlen: 24
212.46.58.0/24 maxlen: 24
2a12:f40::/29 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:47:29:1b:e7:3b:09:7c:fd:71:93:80:a3:cc:bb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Validity
Not Before: Apr 16 09:40:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=917278b4fe46620398c32cd5a025214e384e819e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2e:cf:d1:4d:c3:2a:aa:0b:03:b0:d6:88:ed:
0b:a0:37:8a:a0:c6:d9:f2:5d:70:92:ee:af:79:5f:
02:31:c4:ac:4b:ab:b7:89:d0:52:06:f8:b0:f0:5f:
e3:62:be:1c:da:6b:ba:dc:8b:e7:c4:4c:8e:e3:77:
ad:b7:4f:94:eb:e7:dc:bb:92:d8:55:e9:2c:cf:01:
96:e7:fd:b3:31:4f:0c:e8:1c:a0:28:79:c6:60:ba:
d1:38:46:3a:fe:39:38:91:77:5d:71:8c:36:70:ff:
a9:cb:e7:93:72:f6:4e:3b:6e:9c:f1:29:c2:75:ed:
d8:23:4e:8a:11:b1:5f:07:1c:bb:2c:9e:5b:cc:6d:
d7:bd:7a:04:be:7f:50:e0:8e:f7:5d:ff:0b:5c:2a:
0f:5f:8c:53:fb:03:ab:33:13:dd:30:4a:1e:bd:70:
f3:67:72:87:7a:85:92:3f:7a:60:ca:9c:3b:9d:42:
d5:ae:e9:c0:9d:9f:b8:0f:17:bb:57:55:ae:93:ce:
77:5f:66:68:b2:db:de:63:ea:e4:11:a6:75:56:16:
0b:49:85:f3:47:62:de:68:38:aa:28:95:20:31:b5:
6c:9e:fc:df:1b:a0:93:57:cf:01:a5:9c:ab:d7:87:
ad:65:7b:cc:cc:76:49:2e:4d:15:56:a8:40:e9:d0:
d4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:72:78:B4:FE:46:62:03:98:C3:2C:D5:A0:25:21:4E:38:4E:81:9E
X509v3 Authority Key Identifier:
keyid:4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/kXJ4tP5GYgOYwyzVoCUhTjhOgZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.48.0/20
147.189.155.0/24
176.10.0.0/20
212.46.58.0/24
IPv6:
2a12:f40::/29
Signature Algorithm: sha256WithRSAEncryption
02:f1:eb:be:1a:9d:95:6d:1f:ff:67:96:0b:8f:cf:ae:ae:9c:
9d:bd:5b:06:6c:fb:2b:38:5d:f5:95:a4:59:86:87:d3:b2:73:
49:cf:b0:9c:9a:73:de:89:83:f1:04:12:95:43:53:2c:41:ed:
db:f8:22:6d:ed:99:2b:ba:26:a9:88:9b:61:c5:e1:d1:86:ce:
ce:59:d6:29:d1:0b:99:35:c9:48:fc:9b:e0:42:d8:40:66:8c:
cf:39:c5:bd:35:0e:46:fa:e8:f7:b6:59:a5:b1:ad:42:80:d6:
67:2d:cf:fd:21:54:3c:a3:fe:9a:fb:e2:f7:04:e5:fd:cc:46:
c7:d5:69:1d:c9:67:9a:d9:da:2f:a3:3c:80:37:f6:39:9a:e4:
d2:53:ff:f5:6c:6c:5a:5f:74:34:e7:b4:a3:1d:86:b4:f3:9f:
25:82:57:7d:76:91:4f:29:f2:39:e3:e8:85:5e:d8:8d:eb:03:
7e:da:28:59:07:89:57:a0:e0:11:9c:0c:e1:57:ad:54:07:58:
78:f1:e4:8c:59:9e:71:97:54:01:9c:3e:20:3b:b5:fa:27:77:
74:20:15:56:b1:4c:33:66:4a:83:7c:4f:62:35:d5:66:f4:4b:
bf:a8:41:14:de:2e:68:bc:6c:aa:d9:50:c1:da:6c:ba:43:03:
82:73:f1:20
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY7mRykb5zsJfP1xk4CjzLtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjExMmNiZjZkY2M4ZGQzNDQ0ZTRlY2VkMjg0NDU3MzEw
ZjcwZDIwHhcNMjQwNDE2MDk0MDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcyNzhiNGZlNDY2MjAzOThjMzJjZDVhMDI1MjE0ZTM4NGU4MTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i7P0U3DKqoLA7DWiO0LoDeKoMbZ
8l1wku6veV8CMcSsS6u3idBSBviw8F/jYr4c2mu63IvnxEyO43ett0+U6+fcu5LY
VekszwGW5/2zMU8M6BygKHnGYLrROEY6/jk4kXddcYw2cP+py+eTcvZOO26c8SnC
de3YI06KEbFfBxy7LJ5bzG3XvXoEvn9Q4I73Xf8LXCoPX4xT+wOrMxPdMEoevXDz
Z3KHeoWSP3pgypw7nULVrunAnZ+4Dxe7V1Wuk853X2ZostveY+rkEaZ1VhYLSYXz
R2LeaDiqKJUgMbVsnvzfG6CTV88BpZyr14etZXvMzHZJLk0VVqhA6dDUDwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJFyeLT+RmIDmMMs1aAlIU44ToGeMB8GA1UdIwQY
MBaAFE8hEsv23MjdNETk7O0oRFcxD3DSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMt
YjI3OThjMWEwMzI3LzEva1hKNHRQNUdZZ09Zd3l6Vm9DVWhUamhPZ1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMtYjI3OThjMWEwMzI3
LzEvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE8wAwQA
k72bAwQEsAoAAwQA1C46MA0EAgACMAcDBQMqEg9AMA0GCSqGSIb3DQEBCwUAA4IB
AQAC8eu+Gp2VbR//Z5YLj8+urpydvVsGbPsrOF31laRZhofTsnNJz7CcmnPeiYPx
BBKVQ1MsQe3b+CJt7ZkruiapiJthxeHRhs7OWdYp0QuZNclI/JvgQthAZozPOcW9
NQ5G+uj3tlmlsa1CgNZnLc/9IVQ8o/6a++L3BOX9zEbH1WkdyWea2dovozyAN/Y5
muTSU//1bGxaX3Q057SjHYa0858lgld9dpFPKfI54+iFXtiN6wN+2ihZB4lXoOAR
nAzhV61UB1h48eSMWZ5xl1QBnD4gO7X6J3d0IBVWsUwzZkqDfE9iNdVm9Eu/qEEU
3i5ovGyq2VDB2my6QwOCc/Eg
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:53:17 2024 by rpki-client on console-fra.rpki-client.org