Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/jroNHvHGwQBlaUboAkTg4lpzHu4.roa
File: jroNHvHGwQBlaUboAkTg4lpzHu4.roa (raw, json)
Hash identifier: lRF6gKcFPOEEvAAAKvEqEkFUFX8mv2G4gjtbmZ5KgGY=
Subject key identifier: 8E:BA:0D:1E:F1:C6:C1:00:65:69:46:E8:02:44:E0:E2:5A:73:1E:EE
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 018CC87060CB6875E38085745DF7EA902A9D
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/jroNHvHGwQBlaUboAkTg4lpzHu4.roa
Signing time: Tue 02 Jan 2024 04:30:57 +0000
ROA not before: Tue 02 Jan 2024 04:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12847
IP address blocks: 212.93.98.0/24 maxlen: 24
212.93.96.0/24 maxlen: 24
212.93.96.0/19 maxlen: 19
212.93.124.0/23 maxlen: 23
212.93.126.0/24 maxlen: 24
194.125.240.0/24 maxlen: 24
2a03:ec00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:60:cb:68:75:e3:80:85:74:5d:f7:ea:90:2a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Jan 2 04:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eba0d1ef1c6c100656946e80244e0e25a731eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:36:6f:3f:68:0a:b5:97:1d:1a:a1:93:26:58:
1c:9a:d8:b1:85:3c:4f:ac:51:e0:f2:fa:77:ad:0c:
f1:a0:f7:a3:e0:81:56:96:ae:26:43:0c:40:ef:92:
97:fb:63:ea:fd:1f:d6:82:7d:e0:48:4c:48:47:a7:
a2:00:bc:0e:69:89:32:32:d1:58:1a:a2:de:13:b6:
bb:66:1d:42:5b:53:61:1e:4d:e9:bb:7e:d4:0b:d2:
1e:cf:07:28:05:63:3c:93:f0:ef:ef:44:da:c0:75:
be:e3:af:be:82:9e:e6:d8:66:25:e5:76:78:be:d5:
18:6e:3a:ef:dd:4f:20:1c:93:c1:fb:1b:84:d6:9e:
90:45:3f:27:07:ed:85:94:ff:9d:15:17:da:32:a0:
19:69:2d:2c:e0:2c:ed:3f:f9:32:b2:1e:dc:90:60:
7d:ae:33:b2:9b:f2:16:de:0b:d8:4e:13:b3:6d:ee:
8e:f3:5b:cf:6f:e0:43:10:e4:5d:82:90:90:15:0b:
b0:09:8d:ea:85:30:94:f1:ef:f2:c9:d8:48:7e:82:
46:69:98:08:d3:b1:2b:d7:5d:8c:49:e4:69:a5:72:
05:3b:cd:06:39:2c:11:0e:a0:82:48:78:2e:91:52:
d1:9b:d7:be:35:80:b3:89:7e:c2:0d:7b:74:01:30:
e3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BA:0D:1E:F1:C6:C1:00:65:69:46:E8:02:44:E0:E2:5A:73:1E:EE
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/jroNHvHGwQBlaUboAkTg4lpzHu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.240.0/24
212.93.96.0/19
IPv6:
2a03:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
26:8b:8d:e4:29:bb:01:f0:86:c3:06:d1:f2:a6:21:2a:f9:ee:
01:0b:f1:80:99:a0:6e:9e:be:d1:db:db:8a:6d:4b:9b:95:f1:
89:61:a2:ce:d2:9e:18:15:0a:1e:b4:da:6a:12:fc:9f:d3:2c:
89:d4:6c:02:7d:d7:61:a2:5f:97:0f:22:3a:65:39:e3:08:ed:
0e:9d:02:3c:d5:f5:23:75:9f:23:cd:67:53:6b:1e:84:15:98:
86:31:41:3b:7b:06:b7:0f:1b:96:5b:3d:c3:46:6b:7a:c0:a8:
e3:99:98:27:d4:a3:21:92:ff:16:96:a3:62:ca:ab:9b:23:fd:
72:88:26:65:78:68:fc:6d:b5:bb:b9:47:1f:79:e8:00:a3:1d:
59:16:aa:e5:8b:af:c9:99:9e:06:35:a6:db:a5:d5:8d:9a:85:
fd:fd:2d:d8:4d:83:c9:6a:f5:8d:fa:ca:fa:97:d2:c0:1f:07:
cd:40:25:06:b0:47:d0:40:a4:76:70:a6:7d:51:cd:1f:c6:87:
64:cf:57:db:2d:99:99:76:c7:ef:b3:7a:ff:79:46:ac:0f:27:
52:f7:a1:87:48:b4:b4:eb:10:37:1b:c7:ba:48:8f:e5:6c:0f:
64:9b:06:a1:26:8d:c4:75:03:37:a5:19:72:8a:fa:99:60:86:
0e:6f:7f:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcGDLaHXjgIV0XffqkCqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5
ZTRlMjUwHhcNMjQwMTAyMDQzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWJhMGQxZWYxYzZjMTAwNjU2OTQ2ZTgwMjQ0ZTBlMjVhNzMxZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTZvP2gKtZcdGqGTJlgcmtixhTxP
rFHg8vp3rQzxoPej4IFWlq4mQwxA75KX+2Pq/R/Wgn3gSExIR6eiALwOaYkyMtFY
GqLeE7a7Zh1CW1NhHk3pu37UC9IezwcoBWM8k/Dv70TawHW+46++gp7m2GYl5XZ4
vtUYbjrv3U8gHJPB+xuE1p6QRT8nB+2FlP+dFRfaMqAZaS0s4CztP/kysh7ckGB9
rjOym/IW3gvYThOzbe6O81vPb+BDEORdgpCQFQuwCY3qhTCU8e/yydhIfoJGaZgI
07Er112MSeRppXIFO80GOSwRDqCCSHgukVLRm9e+NYCziX7CDXt0ATDjfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI66DR7xxsEAZWlG6AJE4OJacx7uMB8GA1UdIwQY
MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt
MmFmMDY3YTEzMGFhLzEvanJvTkh2SEd3UUJsYVVib0FrVGc0bHB6SHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh
LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwn3wAwQF
1F1gMA0EAgACMAcDBQAqA+wAMA0GCSqGSIb3DQEBCwUAA4IBAQAmi43kKbsB8IbD
BtHypiEq+e4BC/GAmaBunr7R29uKbUublfGJYaLO0p4YFQoetNpqEvyf0yyJ1GwC
fddhol+XDyI6ZTnjCO0OnQI81fUjdZ8jzWdTax6EFZiGMUE7ewa3DxuWWz3DRmt6
wKjjmZgn1KMhkv8WlqNiyqubI/1yiCZleGj8bbW7uUcfeegAox1ZFqrli6/JmZ4G
NabbpdWNmoX9/S3YTYPJavWN+sr6l9LAHwfNQCUGsEfQQKR2cKZ9Uc0fxodkz1fb
LZmZdsfvs3r/eUasDydS96GHSLS06xA3G8e6SI/lbA9kmwahJo3EdQM3pRlyivqZ
YIYOb3/x
-----END CERTIFICATE-----
Generated at Sat May 18 06:34:43 2024 by rpki-client on console-ams.rpki-client.org