Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/j3m9jmfEqzgEeYlfMWX06c-mIXo.roa
File: j3m9jmfEqzgEeYlfMWX06c-mIXo.roa (raw, json)
Hash identifier: gjJoSPmh2gspKLQUaVo4NCLBilqCIxX58RkzypDTs8c=
Subject key identifier: 8F:79:BD:8E:67:C4:AB:38:04:79:89:5F:31:65:F4:E9:CF:A6:21:7A
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 018CC9BC23396775A564CA0CA7652442A04E
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/j3m9jmfEqzgEeYlfMWX06c-mIXo.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 88.84.128.0/21 maxlen: 24
88.84.136.0/21 maxlen: 24
217.68.144.0/20 maxlen: 24
88.84.144.0/21 maxlen: 24
88.84.152.0/21 maxlen: 24
193.110.116.0/22 maxlen: 24
217.79.208.0/20 maxlen: 24
89.202.0.0/17 maxlen: 24
2a02:20ab::/32 maxlen: 32
2a02:20ac::/32 maxlen: 32
2a02:20a8::/32 maxlen: 48
2001:4c68::/32 maxlen: 48
2a02:20ad::/32 maxlen: 32
2a02:20aa::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:23:39:67:75:a5:64:ca:0c:a7:65:24:42:a0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f79bd8e67c4ab380479895f3165f4e9cfa6217a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:57:dd:22:fa:34:af:85:c3:d1:88:2a:63:4d:
0d:5d:d3:31:15:f1:a4:1e:7d:0b:4a:00:19:06:63:
44:79:d9:f9:af:14:75:4b:d3:70:0f:48:40:bd:cb:
d0:8b:df:e1:b6:17:07:97:8b:f8:af:e0:0f:80:75:
9c:77:4d:27:52:a7:1d:de:39:8d:48:ef:00:fc:5b:
d2:17:a7:39:d0:be:ee:29:4a:a2:c8:a1:ab:5b:6b:
37:ed:59:87:ad:0e:1e:ab:20:8f:0c:81:1a:64:2a:
9d:4e:00:e8:10:98:df:5e:c1:5e:a3:05:f4:a8:be:
55:96:37:bc:9a:88:3c:00:8f:2e:df:37:a6:96:20:
58:99:46:d7:a0:f1:81:63:01:3c:33:57:11:5f:22:
ce:ee:a8:ee:bb:8a:69:90:2c:75:c6:6a:78:c7:d2:
fd:1e:c2:57:f1:72:d0:a0:e1:ce:38:d8:37:e6:d3:
fb:39:c9:ce:eb:45:63:0d:b4:e4:1c:08:b1:30:2a:
55:32:12:63:46:6c:7a:ed:94:ff:0c:de:28:b4:fb:
46:c7:45:03:c4:44:c1:ef:71:11:5d:f8:07:0c:fc:
6a:c1:8d:32:f3:82:c2:ab:aa:c2:13:1f:73:5c:0b:
cc:38:02:05:38:53:ab:c1:04:cb:2f:16:b9:d4:c9:
ff:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:79:BD:8E:67:C4:AB:38:04:79:89:5F:31:65:F4:E9:CF:A6:21:7A
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/j3m9jmfEqzgEeYlfMWX06c-mIXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.128.0/19
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/32
2a02:20aa::-2a02:20ad:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:8f:d2:33:78:52:32:15:f2:cb:72:37:db:4a:ed:67:3a:8f:
26:9d:78:22:f3:18:06:3e:17:e7:89:22:5a:a3:a9:98:c4:8b:
a9:ca:fa:63:01:e7:b7:59:cc:f3:38:ec:a3:ba:95:94:58:a2:
53:3b:c8:57:86:d1:cd:c7:33:c8:f5:9a:8d:71:c9:58:4e:ad:
05:01:10:6d:05:bf:58:4d:9c:ab:95:1b:71:42:36:4b:bc:07:
1f:b9:45:8c:16:c4:9e:32:51:b1:83:2e:30:b8:b7:91:a0:7e:
de:d8:3f:90:0d:db:ca:cc:47:1e:07:d7:28:3e:06:ea:cd:df:
39:c4:de:93:67:be:91:db:a7:d5:ef:3b:a8:45:f5:22:f7:cc:
94:7b:90:9f:b5:06:7f:e5:c7:1c:a4:99:95:76:63:56:04:dc:
19:67:a6:39:db:7e:a0:1d:f5:d4:33:4d:ff:66:31:46:ae:7d:
50:12:56:48:79:e8:9a:50:49:59:31:07:8a:9f:ff:44:03:85:
65:c0:da:6e:b2:6b:d6:4d:2f:2b:7e:40:c4:2b:34:e5:0c:ca:
95:54:a2:47:aa:7d:c9:ca:5e:6e:a1:8a:4a:bf:a1:4d:e1:6f:
08:c6:e1:77:d8:93:5d:23:41:a8:3b:f6:9e:78:4e:a0:0d:ed:
64:bb:3b:cb
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzJvCM5Z3WlZMoMp2UkQqBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc5YmQ4ZTY3YzRhYjM4MDQ3OTg5NWYzMTY1ZjRlOWNmYTYyMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllfdIvo0r4XD0YgqY00NXdMxFfGk
Hn0LSgAZBmNEedn5rxR1S9NwD0hAvcvQi9/hthcHl4v4r+APgHWcd00nUqcd3jmN
SO8A/FvSF6c50L7uKUqiyKGrW2s37VmHrQ4eqyCPDIEaZCqdTgDoEJjfXsFeowX0
qL5Vlje8mog8AI8u3zemliBYmUbXoPGBYwE8M1cRXyLO7qjuu4ppkCx1xmp4x9L9
HsJX8XLQoOHOONg35tP7OcnO60VjDbTkHAixMCpVMhJjRmx67ZT/DN4otPtGx0UD
xETB73ERXfgHDPxqwY0y84LCq6rCEx9zXAvMOAIFOFOrwQTLLxa51Mn/WwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFI95vY5nxKs4BHmJXzFl9OnPpiF6MB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEvajNtOWptZkVxemdFZVlsZk1XWDA2Yy1tSVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQFWFSAAwQH
WcoAAwQCwW50AwQE2USQAwQE2U/QMCQEAgACMB4DBQAgAUxoAwUAKgIgqDAOAwUB
KgIgqgMFASoCIKwwDQYJKoZIhvcNAQELBQADggEBACqP0jN4UjIV8styN9tK7Wc6
jyadeCLzGAY+F+eJIlqjqZjEi6nK+mMB57dZzPM47KO6lZRYolM7yFeG0c3HM8j1
mo1xyVhOrQUBEG0Fv1hNnKuVG3FCNku8Bx+5RYwWxJ4yUbGDLjC4t5Ggft7YP5AN
28rMRx4H1yg+BurN3znE3pNnvpHbp9XvO6hF9SL3zJR7kJ+1Bn/lxxykmZV2Y1YE
3BlnpjnbfqAd9dQzTf9mMUaufVASVkh56JpQSVkxB4qf/0QDhWXA2m6ya9ZNLyt+
QMQrNOUMypVUokeqfcnKXm6hikq/oU3hbwjG4XfYk10jQag79p54TqAN7WS7O8s=
-----END CERTIFICATE-----
Generated at Sun May 5 04:41:03 2024 by rpki-client on console-fra.rpki-client.org