Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/j38nhe8aNWT22dFyzWf_G37kC0o.roa
File: j38nhe8aNWT22dFyzWf_G37kC0o.roa (raw, json)
Hash identifier: aImRv1pzBq97EqOY6vD/UcL6Zk5qmsKwijYZxpmKlk4=
Subject key identifier: 8F:7F:27:85:EF:1A:35:64:F6:D9:D1:72:CD:67:FF:1B:7E:E4:0B:4A
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 018CC87149B73DCED71B9A56C360FD09F6BE
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/j38nhe8aNWT22dFyzWf_G37kC0o.roa
Signing time: Tue 02 Jan 2024 04:31:56 +0000
ROA not before: Tue 02 Jan 2024 04:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.242.0/24 maxlen: 24
185.118.241.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.116.0/22 maxlen: 22
194.150.116.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
194.150.119.0/24 maxlen: 24
2a06:9680::/29 maxlen: 48
2a06:9682::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:49:b7:3d:ce:d7:1b:9a:56:c3:60:fd:09:f6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 2 04:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f7f2785ef1a3564f6d9d172cd67ff1b7ee40b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a5:26:7d:fc:80:c6:0a:ea:45:6d:71:75:fe:
29:f8:20:4b:ff:58:d7:1e:f4:bc:84:69:c4:c0:95:
3b:15:67:19:2a:ab:5d:7b:91:78:3f:d8:2b:ca:b3:
e2:48:99:07:1e:ab:1b:bb:f3:a0:aa:34:4d:7a:ef:
6f:d9:21:1b:6d:b8:db:eb:62:21:eb:09:e6:f9:c0:
95:fe:9e:0c:3c:ef:7a:10:e3:21:dc:03:e0:67:25:
13:36:d7:25:ae:d1:cc:be:9f:6e:78:c2:91:30:b2:
45:24:af:03:44:ea:0f:56:a8:6f:79:fe:f0:e6:78:
f5:a7:8d:e7:51:e1:7a:1a:64:bb:ca:09:ec:0f:58:
d4:ba:e7:dd:38:76:21:23:cd:3d:13:8a:9b:7b:2d:
76:48:f3:d3:45:d8:25:a9:31:a5:ea:70:d7:1b:43:
71:d7:82:04:e7:bb:90:48:49:b8:1f:e6:ed:e1:cc:
32:99:82:d5:d7:5d:38:d3:05:32:1a:ab:11:f9:74:
87:21:41:bb:49:04:fc:72:27:8d:12:61:64:d8:e2:
30:f3:2a:7a:5a:7a:c4:a4:c1:8d:d4:67:89:e4:57:
1a:2c:4e:bc:8b:0d:9c:cd:38:dd:3f:c0:7c:fc:81:
8c:04:1f:77:2b:c8:9a:66:e0:78:94:98:c6:2c:83:
98:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7F:27:85:EF:1A:35:64:F6:D9:D1:72:CD:67:FF:1B:7E:E4:0B:4A
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/j38nhe8aNWT22dFyzWf_G37kC0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0-185.118.243.255
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
41:37:ba:b7:3c:b2:0d:e7:a2:9d:cd:75:8d:c4:4f:05:40:0e:
8a:4a:7c:15:bc:4f:8f:15:12:7d:46:99:d7:b0:f4:f4:21:fa:
13:59:2c:22:93:bb:e2:88:e2:93:6e:9d:24:3d:a2:16:17:d1:
99:ce:6f:26:64:59:0b:5f:52:48:e1:c8:8c:c5:1c:dc:1c:60:
66:59:d2:c9:47:ff:83:a9:e9:b5:19:d0:02:da:76:56:cc:aa:
85:03:76:28:47:f4:13:76:31:99:11:dd:66:ae:69:a7:32:03:
7e:b2:b5:80:7f:cf:b5:7d:38:41:b5:35:51:51:aa:37:4c:7d:
b1:af:23:c9:6f:40:ee:b4:f9:ce:74:21:9e:8a:c1:6b:01:31:
66:7c:7f:71:a8:50:f4:62:73:c5:94:86:7a:70:3f:e9:1d:2f:
c6:ac:a3:2e:b3:66:6e:db:a7:5f:5f:40:80:6a:05:34:6f:d3:
f9:25:71:db:7b:5e:63:8b:7b:99:3f:44:53:27:a6:48:56:e0:
fd:9b:54:84:9c:1e:61:c0:e1:33:4a:80:c3:ee:bd:9e:83:b6:
c6:0c:d1:89:3b:2e:77:c6:63:f7:a3:84:f7:b4:9d:54:33:95:
3b:2d:66:80:d5:a2:50:84:df:7d:dc:d8:f1:6e:ce:a8:6e:1a:
a7:d3:41:a3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzIcUm3Pc7XG5pWw2D9Cfa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwMTAyMDQzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdmMjc4NWVmMWEzNTY0ZjZkOWQxNzJjZDY3ZmYxYjdlZTQwYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKUmffyAxgrqRW1xdf4p+CBL/1jX
HvS8hGnEwJU7FWcZKqtde5F4P9gryrPiSJkHHqsbu/OgqjRNeu9v2SEbbbjb62Ih
6wnm+cCV/p4MPO96EOMh3APgZyUTNtclrtHMvp9ueMKRMLJFJK8DROoPVqhvef7w
5nj1p43nUeF6GmS7ygnsD1jUuufdOHYhI809E4qbey12SPPTRdglqTGl6nDXG0Nx
14IE57uQSEm4H+bt4cwymYLV11040wUyGqsR+XSHIUG7SQT8cieNEmFk2OIw8yp6
WnrEpMGN1GeJ5FcaLE68iw2czTjdP8B8/IGMBB93K8iaZuB4lJjGLIOYfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI9/J4XvGjVk9tnRcs1n/xt+5AtKMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvajM4bmhlOGFOV1QyMmRGeXpXZl9HMzdrQzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5dvED
BAK5dvADBALClnQwDQQCAAIwBwMFAyoGloAwDQYJKoZIhvcNAQELBQADggEBAEE3
urc8sg3nop3NdY3ETwVADopKfBW8T48VEn1Gmdew9PQh+hNZLCKTu+KI4pNunSQ9
ohYX0ZnObyZkWQtfUkjhyIzFHNwcYGZZ0slH/4Op6bUZ0ALadlbMqoUDdihH9BN2
MZkR3WauaacyA36ytYB/z7V9OEG1NVFRqjdMfbGvI8lvQO60+c50IZ6KwWsBMWZ8
f3GoUPRic8WUhnpwP+kdL8asoy6zZm7bp19fQIBqBTRv0/klcdt7XmOLe5k/RFMn
pkhW4P2bVIScHmHA4TNKgMPuvZ6DtsYM0Yk7LnfGY/ejhPe0nVQzlTstZoDVolCE
333c2PFuzqhuGqfTQaM=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:21:14 2024 by rpki-client on console-fra.rpki-client.org