Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/jqB_TtFMdBFc5r4VjOr7iCCRrnk.roa
File: jqB_TtFMdBFc5r4VjOr7iCCRrnk.roa (raw, json)
Hash identifier: q5VaDJYLU8oS5UY9mpyW5g+u9SWRJbmRmRDG2rXsFK0=
Subject key identifier: 8E:A0:7F:4E:D1:4C:74:11:5C:E6:BE:15:8C:EA:FB:88:20:91:AE:79
Certificate issuer: /CN=448ca39537597cfae60ae0421db8e098b4e26130
Certificate serial: 018CC726DD4C9EA98FDE3E7F9CC1CC309EF8
Authority key identifier: 44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/jqB_TtFMdBFc5r4VjOr7iCCRrnk.roa
Signing time: Mon 01 Jan 2024 22:31:02 +0000
ROA not before: Mon 01 Jan 2024 22:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51758
IP address blocks: 95.215.184.0/21 maxlen: 24
185.206.232.0/22 maxlen: 24
2a00:51c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:dd:4c:9e:a9:8f:de:3e:7f:9c:c1:cc:30:9e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=448ca39537597cfae60ae0421db8e098b4e26130
Validity
Not Before: Jan 1 22:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ea07f4ed14c74115ce6be158ceafb882091ae79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:c3:7c:60:51:05:c2:96:67:74:0c:56:61:
c2:9f:6c:6c:e2:c7:9c:96:64:4b:bc:60:1e:0e:f0:
a4:4a:99:bd:00:a8:02:b4:20:25:34:a5:ea:17:7e:
fd:ae:cf:02:bc:5f:60:cd:3d:d3:ba:e1:f6:f4:ec:
a7:28:a4:ba:4a:6a:1e:37:75:c2:9a:2a:65:63:e0:
8f:69:28:65:d9:38:bc:02:6e:14:b2:c8:d7:d5:ba:
04:85:ac:71:08:b8:76:5e:bf:5e:ad:6b:a0:eb:2e:
8f:c9:69:4b:48:74:cc:71:15:5c:ce:10:b1:84:f1:
ff:f2:ba:90:49:a2:34:30:e8:ca:02:45:37:32:74:
29:fe:1d:45:f0:41:c5:52:fd:83:47:23:94:ed:a6:
c6:59:6e:d6:f7:24:5c:93:fd:ea:be:65:87:ed:4d:
0a:5e:7c:2c:2c:dc:6f:6a:41:c4:b7:f0:19:ad:38:
92:d6:e3:6f:db:13:fd:35:c7:8c:65:ca:03:69:2c:
51:5d:0a:ac:79:b2:1f:71:32:8f:04:26:84:5e:b9:
f0:eb:c0:d1:20:f5:59:c9:0d:ad:10:4c:4f:97:8e:
bd:d0:4d:87:b8:1f:c9:9c:a9:b4:a3:fb:08:40:46:
d5:6d:f8:53:df:79:3e:f2:1a:2d:76:72:f9:2a:39:
da:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A0:7F:4E:D1:4C:74:11:5C:E6:BE:15:8C:EA:FB:88:20:91:AE:79
X509v3 Authority Key Identifier:
keyid:44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/jqB_TtFMdBFc5r4VjOr7iCCRrnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.184.0/21
185.206.232.0/22
IPv6:
2a00:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
09:f5:90:2c:2d:96:87:6e:86:96:ba:52:90:32:67:38:ef:3c:
f0:85:1d:db:f6:d5:5d:58:6c:76:f6:c7:c5:16:1a:b4:c4:de:
7d:fb:10:3e:82:d5:77:c5:96:b5:46:8b:22:d2:37:e3:cd:cd:
93:67:3d:a9:8c:72:a1:7d:34:02:e2:f7:4e:e3:99:36:6f:53:
77:38:c9:06:9f:24:c4:30:80:93:c1:ca:46:b0:98:08:5d:28:
9b:c2:43:65:d7:6c:49:7c:91:bb:67:ea:39:d0:f7:40:b5:ee:
d1:0e:d1:6f:f7:3b:6c:77:0d:bc:de:14:b8:c5:3d:81:a1:55:
78:6b:75:be:63:34:82:b6:a7:7f:ea:23:e1:20:38:78:c1:f0:
5b:dc:a7:a7:0f:26:49:14:14:02:ce:d2:76:4d:5b:ea:f7:39:
98:eb:ca:93:7a:d4:d4:ff:9c:7d:b9:0e:55:d8:47:fc:fe:a4:
b3:8a:82:64:2e:5d:77:de:35:71:8c:84:65:6a:1d:96:6b:46:
42:3d:90:5b:61:d7:40:e3:6b:de:02:55:1a:17:37:ca:d4:7b:
8d:e1:4c:08:44:78:33:c2:92:8d:19:c8:58:72:69:ac:5a:c4:
dc:bb:46:42:2e:dd:29:97:86:7a:e8:45:e3:f4:6a:93:3c:8a:
75:ec:35:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJt1MnqmP3j5/nMHMMJ74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OGNhMzk1Mzc1OTdjZmFlNjBhZTA0MjFkYjhlMDk4YjRl
MjYxMzAwHhcNMjQwMTAxMjIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWEwN2Y0ZWQxNGM3NDExNWNlNmJlMTU4Y2VhZmI4ODIwOTFhZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle/DfGBRBcKWZ3QMVmHCn2xs4sec
lmRLvGAeDvCkSpm9AKgCtCAlNKXqF379rs8CvF9gzT3TuuH29OynKKS6SmoeN3XC
miplY+CPaShl2Ti8Am4UssjX1boEhaxxCLh2Xr9erWug6y6PyWlLSHTMcRVczhCx
hPH/8rqQSaI0MOjKAkU3MnQp/h1F8EHFUv2DRyOU7abGWW7W9yRck/3qvmWH7U0K
XnwsLNxvakHEt/AZrTiS1uNv2xP9NceMZcoDaSxRXQqsebIfcTKPBCaEXrnw68DR
IPVZyQ2tEExPl4690E2HuB/JnKm0o/sIQEbVbfhT33k+8hotdnL5KjnayQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI6gf07RTHQRXOa+FYzq+4ggka55MB8GA1UdIwQY
MBaAFESMo5U3WXz65grgQh244Ji04mEwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQt
YmJjMjM5ZTg5N2ViLzEvanFCX1R0Rk1kQkZjNXI0VmpPcjdpQ0NScm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQtYmJjMjM5ZTg5N2Vi
LzEvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX9e4AwQC
uc7oMA0EAgACMAcDBQAqAFHAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ9ZAsLZaHboaW
ulKQMmc47zzwhR3b9tVdWGx29sfFFhq0xN59+xA+gtV3xZa1Rosi0jfjzc2TZz2p
jHKhfTQC4vdO45k2b1N3OMkGnyTEMICTwcpGsJgIXSibwkNl12xJfJG7Z+o50PdA
te7RDtFv9ztsdw283hS4xT2BoVV4a3W+YzSCtqd/6iPhIDh4wfBb3KenDyZJFBQC
ztJ2TVvq9zmY68qTetTU/5x9uQ5V2Ef8/qSzioJkLl133jVxjIRlah2Wa0ZCPZBb
YddA42veAlUaFzfK1HuN4UwIRHgzwpKNGchYcmmsWsTcu0ZCLt0pl4Z66EXj9GqT
PIp17DVo
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:10 2024 by rpki-client on console-fra.rpki-client.org