Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/7yeAJsPiywRRlNBbmfV6z9cpdA4.roa
File: 7yeAJsPiywRRlNBbmfV6z9cpdA4.roa (raw, json)
Hash identifier: YfxMfsKrvWGkNBjDsVcvrUJ0QDObsVVBj0QwiDMFjPA=
Subject key identifier: EF:27:80:26:C3:E2:CB:04:51:94:D0:5B:99:F5:7A:CF:D7:29:74:0E
Certificate issuer: /CN=3c02094c2210d8b21715f98df8598b353208d10c
Certificate serial: 018CC8016FA9D31436B12B3FEE10844D1737
Authority key identifier: 3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/7yeAJsPiywRRlNBbmfV6z9cpdA4.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211200
IP address blocks: 92.119.39.0/24 maxlen: 24
194.180.63.0/24 maxlen: 24
194.180.62.0/24 maxlen: 24
194.180.61.0/24 maxlen: 24
194.180.60.0/22 maxlen: 22
194.180.60.0/24 maxlen: 24
2a0b:e340::/32 maxlen: 32
2a0b:e341::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6f:a9:d3:14:36:b1:2b:3f:ee:10:84:4d:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c02094c2210d8b21715f98df8598b353208d10c
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef278026c3e2cb045194d05b99f57acfd729740e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cf:d4:f1:63:a1:97:ef:3e:ea:8d:40:a4:8c:
b6:0c:a5:1c:2b:8f:6b:2f:a2:03:7d:fd:38:a0:62:
0f:97:96:0a:11:95:27:d0:8a:0f:1c:9d:be:24:a1:
f4:c9:54:61:9e:18:88:9c:00:90:97:df:85:30:2c:
34:97:d2:f4:58:9f:c5:64:7c:86:2c:12:f9:f8:04:
2d:7f:61:2d:d1:07:27:e4:94:4a:80:41:dd:7c:09:
62:67:0f:84:35:89:94:0d:e8:ed:c8:55:ed:88:0f:
f3:7b:bb:6d:40:ba:a0:20:85:a0:ca:d6:9c:6a:c5:
87:ef:d0:2c:ed:e5:3f:aa:9d:02:8c:aa:34:d9:19:
76:c3:bf:79:7b:7c:47:b4:a2:ec:19:9e:80:e0:bf:
9b:07:c4:9e:18:a0:b3:51:fd:f1:80:db:ef:e9:b0:
da:d1:bc:7b:06:62:05:a1:05:ef:85:57:89:b6:30:
9f:38:73:a9:8e:05:c7:e1:7e:31:b8:85:20:0f:6f:
0a:88:9c:82:21:78:37:28:21:0d:a8:9f:52:1e:b2:
f6:95:c0:dd:f4:22:c4:54:8c:d6:1d:60:31:8c:e7:
ae:2d:db:d5:39:1e:3b:11:3c:c0:1d:4c:df:e2:32:
7b:ac:ec:f9:78:89:17:8d:e6:20:2d:4b:c8:d8:a9:
04:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:27:80:26:C3:E2:CB:04:51:94:D0:5B:99:F5:7A:CF:D7:29:74:0E
X509v3 Authority Key Identifier:
keyid:3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/7yeAJsPiywRRlNBbmfV6z9cpdA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.39.0/24
194.180.60.0/22
IPv6:
2a0b:e340::/31
Signature Algorithm: sha256WithRSAEncryption
a8:d8:cd:18:fe:2d:3c:99:f2:0f:c5:f5:a3:56:ba:b7:a2:fe:
eb:66:91:28:66:e0:20:32:3c:61:da:cb:30:98:78:e5:13:db:
20:da:51:8b:41:1c:c1:5b:f5:6a:13:fd:58:d5:0c:52:51:7f:
86:1b:46:56:ca:2b:db:f4:1f:7e:b9:ec:6e:62:f9:31:2a:1d:
eb:fc:6c:d2:72:92:dc:01:5d:07:45:db:aa:83:3b:4f:30:09:
52:f3:39:07:8d:f2:e1:1c:68:a3:09:e8:1f:d9:56:2e:44:2f:
ff:d8:e4:5b:e7:bd:9c:c0:13:4d:63:db:73:d1:2a:36:65:7c:
dd:3f:d4:63:65:d7:ea:3d:33:02:09:d5:e2:28:6a:70:3a:21:
69:a4:53:57:a1:7f:fc:6c:6f:00:11:7b:a0:8a:57:b5:a6:77:
d6:48:cb:b0:13:59:6a:ad:bf:d7:eb:70:dc:f3:2c:a7:d5:1c:
72:50:07:71:aa:e2:03:e5:8c:b8:8a:7d:d6:97:b9:15:cf:1d:
36:89:23:f1:0a:5c:60:ff:50:ac:e3:68:ed:af:45:47:1f:e0:
00:24:3f:8a:3a:e7:5b:8c:23:a2:82:6e:a5:5c:8c:ee:2a:19:
5c:39:0b:fb:a4:46:7d:09:f6:25:74:d5:57:67:19:12:2d:1f:
93:82:7f:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAW+p0xQ2sSs/7hCETRc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMDIwOTRjMjIxMGQ4YjIxNzE1Zjk4ZGY4NTk4YjM1MzIw
OGQxMGMwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjI3ODAyNmMzZTJjYjA0NTE5NGQwNWI5OWY1N2FjZmQ3Mjk3NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM/U8WOhl+8+6o1ApIy2DKUcK49r
L6IDff04oGIPl5YKEZUn0IoPHJ2+JKH0yVRhnhiInACQl9+FMCw0l9L0WJ/FZHyG
LBL5+AQtf2Et0Qcn5JRKgEHdfAliZw+ENYmUDejtyFXtiA/ze7ttQLqgIIWgytac
asWH79As7eU/qp0CjKo02Rl2w795e3xHtKLsGZ6A4L+bB8SeGKCzUf3xgNvv6bDa
0bx7BmIFoQXvhVeJtjCfOHOpjgXH4X4xuIUgD28KiJyCIXg3KCENqJ9SHrL2lcDd
9CLEVIzWHWAxjOeuLdvVOR47ETzAHUzf4jJ7rOz5eIkXjeYgLUvI2KkE8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO8ngCbD4ssEUZTQW5n1es/XKXQOMB8GA1UdIwQY
MBaAFDwCCUwiENiyFxX5jfhZizUyCNEMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFJSlRDSVEyTElYRmZtTi1GbUxOVElJMFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85ODNjMmMtZGRhYi00MjJiLWJjZDIt
MTczNzRiZmZiNzFhLzEvN3llQUpzUGl5d1JSbE5CYm1mVjZ6OWNwZEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85ODNjMmMtZGRhYi00MjJiLWJjZDItMTczNzRiZmZiNzFh
LzEvUEFJSlRDSVEyTElYRmZtTi1GbUxOVElJMFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXHcnAwQC
wrQ8MA0EAgACMAcDBQEqC+NAMA0GCSqGSIb3DQEBCwUAA4IBAQCo2M0Y/i08mfIP
xfWjVrq3ov7rZpEoZuAgMjxh2sswmHjlE9sg2lGLQRzBW/VqE/1Y1QxSUX+GG0ZW
yivb9B9+uexuYvkxKh3r/GzScpLcAV0HRduqgztPMAlS8zkHjfLhHGijCegf2VYu
RC//2ORb572cwBNNY9tz0So2ZXzdP9RjZdfqPTMCCdXiKGpwOiFppFNXoX/8bG8A
EXugile1pnfWSMuwE1lqrb/X63Dc8yyn1RxyUAdxquID5Yy4in3Wl7kVzx02iSPx
Clxg/1Cs42jtr0VHH+AAJD+KOudbjCOigm6lXIzuKhlcOQv7pEZ9CfYldNVXZxkS
LR+Tgn/R
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:21:23 2024 by rpki-client on console-fra.rpki-client.org