Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/j7kWV8Av6gEKXca5gUotNbA2WZc.roa
File: j7kWV8Av6gEKXca5gUotNbA2WZc.roa (raw, json)
Hash identifier: xjgZc9LC2dqH6AZGUGd2RmrYdVX/JJgu8rZefJ+oXdA=
Subject key identifier: 8F:B9:16:57:C0:2F:EA:01:0A:5D:C6:B9:81:4A:2D:35:B0:36:59:97
Certificate issuer: /CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Certificate serial: 018CC5001D8B71D21164532028EB6BC66354
Authority key identifier: E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/j7kWV8Av6gEKXca5gUotNbA2WZc.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33907
IP address blocks: 193.26.17.0/24 maxlen: 24
194.145.172.0/24 maxlen: 24
194.145.173.0/24 maxlen: 24
194.145.174.0/24 maxlen: 24
194.145.175.0/24 maxlen: 24
2001:67c:2968::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/5aJ1VcGlxd3396zIOfpXeqfuepw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/5aJ1VcGlxd3396zIOfpXeqfuepw.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1d:8b:71:d2:11:64:53:20:28:eb:6b:c6:63:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fb91657c02fea010a5dc6b9814a2d35b0365997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fb:4c:d3:bb:2e:15:f3:23:d1:a6:6a:2e:0e:
cd:c7:de:80:60:dc:3b:61:80:82:ff:00:a7:85:f2:
e9:70:9c:bc:b6:fd:ff:ea:4d:50:c0:84:44:8a:b8:
32:b5:28:d7:eb:64:34:6f:d8:c1:ac:aa:3b:ed:a1:
10:9f:43:cd:1b:e5:ce:9e:46:d7:63:11:f6:0f:66:
92:76:40:6f:48:18:27:41:0a:fe:4b:44:89:84:bf:
c1:a5:4c:a1:1c:43:6e:b7:4d:f9:29:fc:13:4b:88:
9a:70:6a:c8:80:c2:9b:ec:be:ef:0b:7d:c3:47:e3:
9f:d9:ab:bb:7a:e5:78:c6:c4:35:82:c6:55:63:8a:
de:16:fc:7f:db:3d:e9:6e:b0:65:37:e1:4e:62:b7:
21:17:83:df:3d:91:11:05:c0:37:ed:9a:67:97:ac:
37:77:83:67:20:73:90:74:8f:ec:cf:4c:3a:de:8c:
14:3a:34:48:a7:63:83:6f:da:75:43:01:2b:dd:65:
89:d3:76:36:3e:c6:1d:dc:3a:42:e0:ff:18:d5:4f:
54:99:44:e2:1c:c3:d1:6d:28:65:07:97:05:2d:cf:
b7:21:5e:77:c0:db:dc:12:31:83:86:21:b3:52:57:
53:1b:e6:97:73:e0:86:e5:29:f5:c2:3f:9a:09:45:
42:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B9:16:57:C0:2F:EA:01:0A:5D:C6:B9:81:4A:2D:35:B0:36:59:97
X509v3 Authority Key Identifier:
keyid:E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/j7kWV8Av6gEKXca5gUotNbA2WZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/5aJ1VcGlxd3396zIOfpXeqfuepw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.17.0/24
194.145.172.0/22
IPv6:
2001:67c:2968::/48
Signature Algorithm: sha256WithRSAEncryption
46:05:36:fd:84:fe:fd:f5:1e:0d:94:3f:99:c0:aa:77:bb:fc:
4b:fa:d6:a1:3f:e0:db:a7:37:38:0d:91:f9:d0:9d:16:eb:9b:
f0:9e:df:f5:00:cc:a8:5e:7b:cb:bd:0d:b3:f6:dc:11:e9:2e:
44:af:a6:15:01:56:c5:2e:10:1e:82:2b:13:cd:b4:db:fd:ef:
e2:4f:25:b3:ea:5c:f9:a1:64:d7:48:0a:08:23:fe:22:53:b4:
56:8e:a4:0b:6f:e7:37:9c:16:39:b2:63:72:33:97:da:4f:8f:
01:9d:42:ea:9f:dc:f2:b4:c1:fd:cb:00:b5:c5:93:87:d6:d2:
fd:89:b6:55:07:a8:b1:13:ad:ba:28:9f:31:9f:29:c9:cd:cd:
2f:d3:3e:e2:f2:ae:cf:eb:e4:b3:5c:d7:ec:1d:7f:ea:46:7d:
53:8e:2c:d0:35:ae:ad:55:6d:f0:a8:88:cd:d3:76:9b:9a:8e:
08:01:bf:b9:96:a6:93:d2:d9:f0:3f:4d:94:0e:a6:72:d2:8e:
06:b1:0e:a1:24:4f:11:9f:b1:d6:4b:2f:91:1a:2c:d1:0c:67:
6c:ea:69:0c:e6:0b:9b:0f:03:99:65:e3:48:94:ea:f5:62:76:
e9:7e:97:6f:10:fb:e4:d1:4d:25:24:ee:a5:f0:87:ed:11:48:
b2:b2:03:9e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAB2LcdIRZFMgKOtrxmNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTI3NTU1YzFhNWM1ZGRmN2Y3YWNjODM5ZmE1NzdhYTdl
ZTdhOWMwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI5MTY1N2MwMmZlYTAxMGE1ZGM2Yjk4MTRhMmQzNWIwMzY1OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjftM07suFfMj0aZqLg7Nx96AYNw7
YYCC/wCnhfLpcJy8tv3/6k1QwIREirgytSjX62Q0b9jBrKo77aEQn0PNG+XOnkbX
YxH2D2aSdkBvSBgnQQr+S0SJhL/BpUyhHENut035KfwTS4iacGrIgMKb7L7vC33D
R+Of2au7euV4xsQ1gsZVY4reFvx/2z3pbrBlN+FOYrchF4PfPZERBcA37Zpnl6w3
d4NnIHOQdI/sz0w63owUOjRIp2ODb9p1QwEr3WWJ03Y2PsYd3DpC4P8Y1U9UmUTi
HMPRbShlB5cFLc+3IV53wNvcEjGDhiGzUldTG+aXc+CG5Sn1wj+aCUVCqwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI+5FlfAL+oBCl3GuYFKLTWwNlmXMB8GA1UdIwQY
MBaAFOWidVXBpcXd9/esyDn6V3qn7nqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFKMVZjR2x4ZDMzOTZ6SU9mcFhlcWZ1ZXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xY2NkOWEtYzMwZS00ZThhLTg5NGEt
ZmQ3MTY2N2EyYjVmLzEvajdrV1Y4QXY2Z0VLWGNhNWdVb3ROYkEyV1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xY2NkOWEtYzMwZS00ZThhLTg5NGEtZmQ3MTY2N2EyYjVm
LzEvNWFKMVZjR2x4ZDMzOTZ6SU9mcFhlcWZ1ZXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwRoRAwQC
wpGsMA8EAgACMAkDBwAgAQZ8KWgwDQYJKoZIhvcNAQELBQADggEBAEYFNv2E/v31
Hg2UP5nAqne7/Ev61qE/4NunNzgNkfnQnRbrm/Ce3/UAzKhee8u9DbP23BHpLkSv
phUBVsUuEB6CKxPNtNv97+JPJbPqXPmhZNdICggj/iJTtFaOpAtv5zecFjmyY3Iz
l9pPjwGdQuqf3PK0wf3LALXFk4fW0v2JtlUHqLETrboonzGfKcnNzS/TPuLyrs/r
5LNc1+wdf+pGfVOOLNA1rq1VbfCoiM3TdpuajggBv7mWppPS2fA/TZQOpnLSjgax
DqEkTxGfsdZLL5EaLNEMZ2zqaQzmC5sPA5ll40iU6vVidul+l28Q++TRTSUk7qXw
h+0RSLKyA54=
-----END CERTIFICATE-----
Generated at Sun Nov 24 05:29:59 2024 by rpki-client on console-fra.rpki-client.org