Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eF5jkHlWrdiRPkGGFv7KlF_IxZk.roa
File: eF5jkHlWrdiRPkGGFv7KlF_IxZk.roa (raw, json)
Hash identifier: zaCa0JANUH4YDjHfVn3SMM010Xb8oJZ4yiB5xHIp2no=
Subject key identifier: 78:5E:63:90:79:56:AD:D8:91:3E:41:86:16:FE:CA:94:5F:C8:C5:99
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 018F1ADC77A0703EE6B94A4B97AD8C4C00A2
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eF5jkHlWrdiRPkGGFv7KlF_IxZk.roa
Signing time: Fri 26 Apr 2024 14:43:27 +0000
ROA not before: Fri 26 Apr 2024 14:43:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12444
IP address blocks: 84.17.67.0/24 maxlen: 24
84.17.68.0/24 maxlen: 24
84.17.69.0/24 maxlen: 24
84.17.70.0/24 maxlen: 24
84.17.71.0/24 maxlen: 24
84.17.72.0/24 maxlen: 24
84.17.75.0/24 maxlen: 24
84.17.76.0/24 maxlen: 24
84.17.78.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.84.0/24 maxlen: 24
84.17.86.0/24 maxlen: 24
84.17.87.0/24 maxlen: 24
84.17.89.0/24 maxlen: 24
84.17.90.0/24 maxlen: 24
84.17.91.0/24 maxlen: 24
84.17.93.0/24 maxlen: 24
185.118.176.0/24 maxlen: 24
185.118.177.0/24 maxlen: 24
185.118.178.0/24 maxlen: 24
185.118.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:dc:77:a0:70:3e:e6:b9:4a:4b:97:ad:8c:4c:00:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Apr 26 14:43:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=785e63907956add8913e418616feca945fc8c599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:33:6f:89:8a:c5:02:95:77:00:4c:9d:83:3e:
3a:60:cc:3d:e4:d8:8a:e3:6e:54:63:b0:c7:64:3c:
b2:b1:cc:46:c3:4c:61:64:37:73:99:ad:85:57:c1:
57:9d:7d:00:83:63:4a:22:81:a2:7f:96:47:e6:7f:
11:83:86:99:7e:4f:cc:a8:63:fa:b2:d1:3b:56:0a:
aa:4e:e7:9f:6f:a5:9d:f7:37:fa:ef:65:80:94:ee:
8e:f1:9a:1f:f0:44:17:d0:08:d7:d2:be:43:14:0e:
c9:64:ea:c7:aa:8b:8a:10:e6:a0:0b:f4:d9:91:75:
3a:ca:ba:b8:7a:bc:6e:ad:9c:9e:2d:57:ab:fb:d7:
fc:30:c2:f6:a8:60:08:3c:41:d9:d4:3e:31:b4:08:
71:ce:d0:44:a8:36:da:bb:d9:35:aa:24:08:24:a0:
f1:e7:0e:78:90:fa:56:a8:17:71:ba:30:c7:52:b0:
c3:e0:14:27:03:6c:a8:7c:1c:4c:c9:da:24:e7:41:
3d:d5:4b:3d:1e:6e:72:ab:39:94:e9:55:25:47:bf:
8c:f6:10:8a:46:6d:6d:fc:fc:48:ef:e6:35:b8:c1:
41:d4:8a:d6:a7:83:73:14:f6:9d:57:14:77:2f:3f:
5f:6d:89:ff:7d:82:28:41:82:3d:9a:d8:ac:5a:38:
e5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5E:63:90:79:56:AD:D8:91:3E:41:86:16:FE:CA:94:5F:C8:C5:99
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eF5jkHlWrdiRPkGGFv7KlF_IxZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.67.0-84.17.72.255
84.17.75.0-84.17.76.255
84.17.78.0/23
84.17.84.0/24
84.17.86.0/23
84.17.89.0-84.17.91.255
84.17.93.0/24
185.118.176.0/22
Signature Algorithm: sha256WithRSAEncryption
29:de:b6:b5:a4:35:70:8c:5c:c4:6f:0a:e2:79:3f:a6:3a:4c:
e1:de:21:d6:39:d7:0d:ad:43:46:b9:d4:8a:0f:c9:5d:13:f1:
7a:74:92:43:75:11:93:88:16:52:f3:89:7c:b9:59:d3:7f:35:
1a:66:20:7b:d6:83:98:86:43:8c:aa:c0:29:a8:bf:66:23:94:
96:6b:fa:14:7b:67:5f:de:a1:31:30:de:23:c9:03:32:67:29:
95:f7:0d:ce:cf:87:07:79:ad:09:32:0b:07:d4:aa:04:82:4e:
13:f9:bb:b1:4b:f7:ae:ef:e3:4c:a8:bd:29:6a:31:48:0b:37:
46:27:49:47:fd:8a:0c:9a:15:61:39:7b:58:30:9c:83:42:4e:
b7:c5:2c:dc:43:95:10:3b:d5:81:c4:14:dd:70:3a:aa:03:ad:
42:10:a4:f2:07:8b:08:19:8a:3c:33:d9:20:3c:da:73:cd:a9:
12:bf:6e:3d:25:d2:14:c7:01:df:6f:a8:ae:1e:64:3c:fe:3b:
e1:6d:1c:3c:1f:e9:34:17:05:6e:20:94:d9:14:e9:77:f5:d5:
e9:62:41:45:d8:31:23:f2:99:38:85:e7:e9:3e:d7:6c:39:d3:
f0:31:0d:d3:8f:aa:82:e6:c6:f3:a0:74:40:4d:46:89:5d:9f:
4a:22:60:86
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY8a3HegcD7muUpLl62MTACiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwNDI2MTQ0MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODVlNjM5MDc5NTZhZGQ4OTEzZTQxODYxNmZlY2E5NDVmYzhjNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjNviYrFApV3AEydgz46YMw95NiK
425UY7DHZDyyscxGw0xhZDdzma2FV8FXnX0Ag2NKIoGif5ZH5n8Rg4aZfk/MqGP6
stE7VgqqTuefb6Wd9zf672WAlO6O8Zof8EQX0AjX0r5DFA7JZOrHqouKEOagC/TZ
kXU6yrq4erxurZyeLVer+9f8MML2qGAIPEHZ1D4xtAhxztBEqDbau9k1qiQIJKDx
5w54kPpWqBdxujDHUrDD4BQnA2yofBxMydok50E91Us9Hm5yqzmU6VUlR7+M9hCK
Rm1t/PxI7+Y1uMFB1IrWp4NzFPadVxR3Lz9fbYn/fYIoQYI9mtisWjjldwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHheY5B5Vq3YkT5Bhhb+ypRfyMWZMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvZUY1amtIbFdyZGlSUGtHR0Z2N0tsRl9JeFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBABUEUMD
BABUEUgwDAMEAFQRSwMEAFQRTAMEAVQRTgMEAFQRVAMEAVQRVjAMAwQAVBFZAwQC
VBFYAwQAVBFdAwQCuXawMA0GCSqGSIb3DQEBCwUAA4IBAQAp3ra1pDVwjFzEbwri
eT+mOkzh3iHWOdcNrUNGudSKD8ldE/F6dJJDdRGTiBZS84l8uVnTfzUaZiB71oOY
hkOMqsApqL9mI5SWa/oUe2df3qExMN4jyQMyZymV9w3Oz4cHea0JMgsH1KoEgk4T
+buxS/eu7+NMqL0pajFICzdGJ0lH/YoMmhVhOXtYMJyDQk63xSzcQ5UQO9WBxBTd
cDqqA61CEKTyB4sIGYo8M9kgPNpzzakSv249JdIUxwHfb6iuHmQ8/jvhbRw8H+k0
FwVuIJTZFOl39dXpYkFF2DEj8pk4hefpPtdsOdPwMQ3Tj6qC5sbzoHRATUaJXZ9K
ImCG
-----END CERTIFICATE-----
Generated at Sun May 12 21:29:16 2024 by rpki-client on console-fra.rpki-client.org