Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/jV7hKj2mwJiYMkjowu_Az2iONak.roa
File: jV7hKj2mwJiYMkjowu_Az2iONak.roa (raw, json)
Hash identifier: +OGWq4TXSrAbFA6t7QZIKqlSuPUiSW9C334KAFNO0G4=
Subject key identifier: 8D:5E:E1:2A:3D:A6:C0:98:98:32:48:E8:C2:EF:C0:CF:68:8E:35:A9
Certificate issuer: /CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Certificate serial: 018CC5DC503BD664EE0EC7589B219F4E36D5
Authority key identifier: 72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/jV7hKj2mwJiYMkjowu_Az2iONak.roa
Signing time: Mon 01 Jan 2024 16:29:59 +0000
ROA not before: Mon 01 Jan 2024 16:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34968
IP address blocks: 89.207.24.0/21 maxlen: 24
95.155.184.0/21 maxlen: 24
46.38.192.0/19 maxlen: 24
193.238.240.0/22 maxlen: 24
2a01:710::/32 maxlen: 64
2a0f:4880::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 01:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:50:3b:d6:64:ee:0e:c7:58:9b:21:9f:4e:36:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Validity
Not Before: Jan 1 16:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5ee12a3da6c098983248e8c2efc0cf688e35a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:90:b9:55:09:4b:60:00:52:9b:40:a0:31:
03:7c:27:5b:90:02:c1:ee:60:64:16:64:63:74:9b:
21:a6:b6:cc:ea:64:2a:f6:db:58:40:09:a7:2f:eb:
a2:00:ee:6b:1b:44:15:01:05:3b:56:3a:d8:ca:e3:
93:8c:30:d8:b8:00:f3:00:8e:48:3e:35:c7:a0:90:
9c:6b:49:47:50:82:6a:38:cd:8c:ea:79:f3:2c:e1:
0f:6c:65:5e:7a:38:d6:60:dd:cb:8b:fe:d9:7f:3c:
4b:c3:56:ce:33:d2:f5:f6:c2:9f:c9:a5:ac:a5:2a:
9e:dd:e4:1c:ca:80:c9:d2:d9:2b:2e:17:16:3b:36:
97:7d:cf:d8:f2:7b:8e:ee:4f:b3:b3:9c:c3:4a:1f:
49:b5:99:ca:ef:76:41:dd:4b:f8:0f:ef:1f:7a:cf:
db:b6:0d:d0:32:03:b3:6e:67:60:ed:0f:fd:13:3c:
99:33:98:a4:d0:ea:ff:6f:7f:aa:a7:8b:5f:1d:a4:
37:5e:c3:75:d2:8d:b2:39:c6:67:84:97:07:b1:4c:
35:87:f1:22:b5:42:1c:67:c9:bb:ba:d3:f2:35:37:
c8:78:16:2f:7a:ea:72:1d:6c:f9:ba:dc:5b:cf:e6:
6e:0f:85:76:07:1b:e3:c3:fc:09:e3:94:cd:75:a5:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5E:E1:2A:3D:A6:C0:98:98:32:48:E8:C2:EF:C0:CF:68:8E:35:A9
X509v3 Authority Key Identifier:
keyid:72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/jV7hKj2mwJiYMkjowu_Az2iONak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.192.0/19
89.207.24.0/21
95.155.184.0/21
193.238.240.0/22
IPv6:
2a01:710::/32
2a0f:4880::/29
Signature Algorithm: sha256WithRSAEncryption
76:32:2c:bf:8d:86:9e:09:6c:35:8a:f9:d1:7f:26:57:6a:dd:
02:3f:80:17:cb:0d:a1:31:e3:e6:88:6b:08:b3:31:6d:da:11:
6f:65:bc:1a:3a:ab:1c:50:1a:05:08:92:29:de:0b:cf:f6:98:
d0:87:25:6b:a1:71:ae:1d:26:30:fb:0e:7b:2e:1b:d9:b3:d7:
2e:59:25:a8:7f:5b:d3:f8:31:d7:b8:47:28:8c:4d:43:97:43:
f4:72:87:49:f1:d0:52:b7:84:ca:d5:59:e6:43:6c:50:e6:3d:
fc:2e:a9:e6:46:38:04:e1:55:ad:50:bd:3a:e4:7c:44:ee:bf:
ed:ff:bf:d6:20:49:91:c9:c6:70:70:99:d6:0d:92:c0:3e:ba:
7a:11:a9:d5:0d:95:53:9a:aa:72:db:3d:99:f6:79:9e:6d:55:
3e:58:8c:a4:71:0a:c2:93:b5:78:12:1f:92:57:ea:58:a6:d7:
8d:ce:fe:c4:50:ca:cc:0a:32:77:3c:09:42:9a:12:7d:59:2d:
d3:b8:f9:b5:bd:2f:1c:fa:28:2e:0e:97:5e:5b:44:b5:e4:91:
88:5c:4c:79:cc:82:01:9c:d3:3a:2d:66:50:70:85:eb:0b:2f:
c5:55:3b:c0:42:7a:c1:0a:23:69:ec:ae:de:fb:fd:9d:f5:d6:
a8:88:18:14
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzF3FA71mTuDsdYmyGfTjbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWFkYzdhN2VjZTQ3N2Q1ZjRkNzc3MjQzYjYwZjJiYmJi
NzU2MDMwHhcNMjQwMTAxMTYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVlZTEyYTNkYTZjMDk4OTgzMjQ4ZThjMmVmYzBjZjY4OGUzNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu52QuVUJS2AAUptAoDEDfCdbkALB
7mBkFmRjdJshprbM6mQq9ttYQAmnL+uiAO5rG0QVAQU7VjrYyuOTjDDYuADzAI5I
PjXHoJCca0lHUIJqOM2M6nnzLOEPbGVeejjWYN3Li/7ZfzxLw1bOM9L19sKfyaWs
pSqe3eQcyoDJ0tkrLhcWOzaXfc/Y8nuO7k+zs5zDSh9JtZnK73ZB3Uv4D+8fes/b
tg3QMgOzbmdg7Q/9EzyZM5ik0Or/b3+qp4tfHaQ3XsN10o2yOcZnhJcHsUw1h/Ei
tUIcZ8m7utPyNTfIeBYveupyHWz5utxbz+ZuD4V2Bxvjw/wJ45TNdaXJXwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFI1e4So9psCYmDJI6MLvwM9ojjWpMB8GA1UdIwQY
MBaAFHLq3Hp+zkd9X013ckO2Dyu7t1YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjkt
NDczODUxNzA5YzU4LzEvalY3aEtqMm13SmlZTWtqb3d1X0F6MmlPTmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjktNDczODUxNzA5YzU4
LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQFLibAAwQD
Wc8YAwQDX5u4AwQCwe7wMBQEAgACMA4DBQAqAQcQAwUDKg9IgDANBgkqhkiG9w0B
AQsFAAOCAQEAdjIsv42GnglsNYr50X8mV2rdAj+AF8sNoTHj5ohrCLMxbdoRb2W8
GjqrHFAaBQiSKd4Lz/aY0Icla6Fxrh0mMPsOey4b2bPXLlklqH9b0/gx17hHKIxN
Q5dD9HKHSfHQUreEytVZ5kNsUOY9/C6p5kY4BOFVrVC9OuR8RO6/7f+/1iBJkcnG
cHCZ1g2SwD66ehGp1Q2VU5qqcts9mfZ5nm1VPliMpHEKwpO1eBIfklfqWKbXjc7+
xFDKzAoydzwJQpoSfVkt07j5tb0vHPooLg6XXltEteSRiFxMecyCAZzTOi1mUHCF
6wsvxVU7wEJ6wQojaeyu3vv9nfXWqIgYFA==
-----END CERTIFICATE-----
Generated at Sun Jun 30 10:20:12 2024 by rpki-client on console-fra.rpki-client.org