Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/j3OTuke_mRknBmt1C4J4dhIEdOk.roa
File: j3OTuke_mRknBmt1C4J4dhIEdOk.roa (raw, json)
Hash identifier: EmP6SaUNKBb8hBPbpdHrMv/BtY++jtNe3kNkjqBzyN8=
Subject key identifier: 8F:73:93:BA:47:BF:99:19:27:06:6B:75:0B:82:78:76:12:04:74:E9
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 01943F5FEE90D7C6060D8F7878E977719BB6
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/j3OTuke_mRknBmt1C4J4dhIEdOk.roa
Signing time: Tue 07 Jan 2025 06:07:19 +0000
ROA not before: Tue 07 Jan 2025 06:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 188.72.40.0/24 maxlen: 24
188.72.41.0/24 maxlen: 24
188.72.45.0/24 maxlen: 24
188.72.46.0/24 maxlen: 24
188.72.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:5f:ee:90:d7:c6:06:0d:8f:78:78:e9:77:71:9b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 7 06:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f7393ba47bf991927066b750b827876120474e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:63:5b:62:b3:82:7a:03:91:f2:21:50:7a:c1:
1b:ca:38:e9:c0:d3:3e:6e:7c:c1:d2:28:47:87:b1:
59:59:b9:64:b4:27:e8:52:86:15:63:14:c6:71:3e:
0f:ed:80:6f:22:93:d0:7a:6c:f6:6b:41:0b:9a:1e:
64:1a:85:80:99:66:82:72:15:88:ee:e0:1d:46:46:
65:d2:c7:a6:57:d5:0b:a2:e6:51:f6:02:26:24:16:
43:6d:0f:20:ed:46:7a:fa:e3:57:21:4f:ba:0b:8d:
2b:a4:0d:57:ca:27:e0:00:f6:71:60:c8:76:fb:03:
a7:38:09:8a:83:8f:ed:3e:10:c7:1a:89:8c:e6:07:
94:af:21:58:cc:61:93:4f:e3:34:28:b8:9a:7c:ce:
fa:39:3f:0c:f3:f1:86:3a:8f:34:01:af:61:b5:f7:
6a:23:0e:2e:f2:a4:ce:cf:83:a8:d3:30:35:fd:c4:
9a:e1:78:d9:06:49:68:99:e6:45:54:fb:40:2b:4f:
2e:d6:e9:7d:f5:d2:60:52:29:a2:fc:f0:f6:d2:23:
95:3f:1b:a0:70:24:9c:ee:cc:d5:48:ea:85:16:52:
4e:83:28:5e:a3:64:33:ef:56:63:92:b1:0b:94:da:
73:12:97:8f:06:c4:76:64:8b:29:3f:3b:e5:ad:e0:
ac:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:93:BA:47:BF:99:19:27:06:6B:75:0B:82:78:76:12:04:74:E9
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/j3OTuke_mRknBmt1C4J4dhIEdOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.40.0/23
188.72.45.0-188.72.46.255
188.72.49.0/24
Signature Algorithm: sha256WithRSAEncryption
73:00:0e:ae:61:c3:89:44:ea:f8:b0:fe:59:e4:cc:b0:99:79:
6b:f2:d8:4a:79:16:a4:d3:8e:9e:4c:90:0a:58:25:81:2a:e2:
c0:82:d4:7b:48:b0:2e:42:f8:ec:0f:fd:31:da:51:a0:11:15:
8f:63:4f:3b:51:a2:e3:78:40:bb:c5:02:6a:a6:71:c4:d6:09:
e3:b2:5e:97:d0:7a:32:9e:c0:00:df:52:e0:9e:f9:17:5c:79:
9e:a1:4d:e2:4b:21:d1:53:7a:78:4f:58:3b:64:cc:8a:a7:4f:
31:5b:19:cc:6a:b9:8d:b2:4d:f8:90:68:67:db:59:d4:5f:ae:
3a:dc:1b:0f:44:29:98:d3:74:1b:02:b4:16:97:f8:20:02:56:
9f:92:77:c0:06:b5:7c:be:f3:af:42:8e:bb:c3:87:51:ff:03:
e0:07:cc:bf:df:50:50:70:4f:84:03:83:3d:77:80:ae:e8:b4:
82:a9:87:e7:a9:a8:d6:36:e7:6e:44:32:ce:0c:82:60:fc:86:
89:d9:13:00:91:9f:cc:fc:e0:77:1f:de:ee:d2:fb:0d:fc:8d:
e0:2f:82:c1:f2:22:43:05:b1:8a:19:96:aa:a0:e3:42:e7:e3:
1c:d9:08:60:12:cf:02:79:e8:5d:60:21:54:c6:c5:31:55:cc:
fa:fe:fb:df
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQ/X+6Q18YGDY94eOl3cZu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjUwMTA3MDYwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjczOTNiYTQ3YmY5OTE5MjcwNjZiNzUwYjgyNzg3NjEyMDQ3NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mNbYrOCegOR8iFQesEbyjjpwNM+
bnzB0ihHh7FZWblktCfoUoYVYxTGcT4P7YBvIpPQemz2a0ELmh5kGoWAmWaCchWI
7uAdRkZl0semV9ULouZR9gImJBZDbQ8g7UZ6+uNXIU+6C40rpA1XyifgAPZxYMh2
+wOnOAmKg4/tPhDHGomM5geUryFYzGGTT+M0KLiafM76OT8M8/GGOo80Aa9htfdq
Iw4u8qTOz4Oo0zA1/cSa4XjZBklomeZFVPtAK08u1ul99dJgUimi/PD20iOVPxug
cCSc7szVSOqFFlJOgyheo2Qz71ZjkrELlNpzEpePBsR2ZIspPzvlreCsuwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI9zk7pHv5kZJwZrdQuCeHYSBHTpMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvajNPVHVrZV9tUmtuQm10MUM0SjRkaElFZE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBvEgoMAwD
BAC8SC0DBAC8SC4DBAC8SDEwDQYJKoZIhvcNAQELBQADggEBAHMADq5hw4lE6viw
/lnkzLCZeWvy2Ep5FqTTjp5MkApYJYEq4sCC1HtIsC5C+OwP/THaUaARFY9jTztR
ouN4QLvFAmqmccTWCeOyXpfQejKewADfUuCe+RdceZ6hTeJLIdFTenhPWDtkzIqn
TzFbGcxquY2yTfiQaGfbWdRfrjrcGw9EKZjTdBsCtBaX+CACVp+Sd8AGtXy+869C
jrvDh1H/A+AHzL/fUFBwT4QDgz13gK7otIKph+epqNY2525EMs4MgmD8honZEwCR
n8z84Hcf3u7S+w38jeAvgsHyIkMFsYoZlqqg40Ln4xzZCGASzwJ56F1gIVTGxTFV
zPr++98=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:55:40 2025 by rpki-client