Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/jPD4zIUjpEJ8OTCWwYVBkh0H7lw.roa
File: jPD4zIUjpEJ8OTCWwYVBkh0H7lw.roa (raw, json)
Hash identifier: wqeYkz6VkVSpIu/FtRtZ6HFM7FKhMA9KjeRG3ZVX2xg=
Subject key identifier: 8C:F0:F8:CC:85:23:A4:42:7C:39:30:96:C1:85:41:92:1D:07:EE:5C
Certificate issuer: /CN=c63d96aefc548024fa36fa5ce804a48bf7ca3a40
Certificate serial: 018D7835EBF05D62B53C57024CF3AB0737E8
Authority key identifier: C6:3D:96:AE:FC:54:80:24:FA:36:FA:5C:E8:04:A4:8B:F7:CA:3A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/jPD4zIUjpEJ8OTCWwYVBkh0H7lw.roa
Signing time: Mon 05 Feb 2024 07:40:16 +0000
ROA not before: Mon 05 Feb 2024 07:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56654
IP address blocks: 46.102.234.0/24 maxlen: 24
77.81.68.0/22 maxlen: 22
85.204.164.0/22 maxlen: 22
89.39.176.0/22 maxlen: 22
94.24.111.0/24 maxlen: 24
185.85.176.0/21 maxlen: 21
188.208.128.0/22 maxlen: 22
188.214.244.0/22 maxlen: 22
188.214.248.0/21 maxlen: 21
2a04:f980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:35:eb:f0:5d:62:b5:3c:57:02:4c:f3:ab:07:37:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c63d96aefc548024fa36fa5ce804a48bf7ca3a40
Validity
Not Before: Feb 5 07:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf0f8cc8523a4427c393096c18541921d07ee5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2d:36:98:a5:55:03:04:9c:37:74:3b:e3:74:
3d:b2:a2:7d:05:e6:ff:0d:f3:db:91:5f:7d:af:94:
c3:f5:99:ff:00:a0:05:3e:03:bb:33:b0:27:a7:de:
63:c7:43:d0:ca:3e:41:72:78:f3:88:df:e9:10:eb:
89:00:08:3d:e1:5d:65:3b:b6:ab:49:6f:4b:d7:52:
df:09:eb:f9:58:f6:2e:57:0d:9c:52:a9:bb:43:cd:
6a:81:fa:ad:3d:3f:43:70:4d:c9:e8:09:bb:9e:59:
e4:1e:19:86:95:83:d2:4b:a7:5b:cf:8e:22:bb:e5:
24:62:9e:40:5b:12:32:a6:38:2c:9b:b8:76:46:c0:
ff:40:0e:94:f0:b4:a8:6b:39:9e:4a:e7:91:fd:12:
41:c0:38:ce:81:06:81:7c:ab:74:80:8d:01:58:bd:
7d:3d:73:c0:57:fc:25:f4:2c:a2:98:26:a5:8a:d1:
0d:66:01:35:4e:a4:0d:e9:2c:98:5b:6c:82:f7:c0:
af:45:3f:4d:0d:13:2e:df:c0:6a:10:6c:6d:a8:78:
8d:2e:9a:ae:6c:c7:00:5a:95:6c:da:d8:8e:00:a0:
4d:fe:25:6b:6a:6a:33:fc:1d:cc:77:a0:42:ec:43:
7e:e7:71:01:2b:60:29:eb:d8:b9:d7:12:55:e2:4e:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F0:F8:CC:85:23:A4:42:7C:39:30:96:C1:85:41:92:1D:07:EE:5C
X509v3 Authority Key Identifier:
keyid:C6:3D:96:AE:FC:54:80:24:FA:36:FA:5C:E8:04:A4:8B:F7:CA:3A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xj2WrvxUgCT6Nvpc6ASki_fKOkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/jPD4zIUjpEJ8OTCWwYVBkh0H7lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/edd6b8-abbd-4b81-9707-971d28d43c14/1/xj2WrvxUgCT6Nvpc6ASki_fKOkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.234.0/24
77.81.68.0/22
85.204.164.0/22
89.39.176.0/22
94.24.111.0/24
185.85.176.0/21
188.208.128.0/22
188.214.244.0-188.214.255.255
IPv6:
2a04:f980::/29
Signature Algorithm: sha256WithRSAEncryption
93:8d:84:e8:f3:04:92:fc:ff:0d:84:fe:e5:f7:08:b2:f6:e1:
51:17:65:e2:e5:4d:c0:0c:bd:46:51:f0:f1:fa:87:6c:06:bd:
13:67:e0:72:b2:6c:b1:93:f4:a5:2c:e8:0b:bc:f2:ad:74:62:
72:82:19:e4:03:5e:03:2c:93:9a:f0:48:35:b5:b0:c4:b4:3d:
ad:8e:5a:9a:a7:3e:7d:82:11:bd:53:31:0c:70:db:5f:41:4d:
50:4e:89:2f:f5:f0:ba:35:57:06:40:e7:e6:a7:53:1b:b7:8b:
f5:f6:41:da:44:c4:d2:0a:6a:b1:78:4b:77:47:08:50:2b:bb:
cf:cc:76:24:8a:55:ac:c1:83:31:18:43:74:5a:e4:be:1d:e3:
18:f7:1b:00:d2:56:36:d3:ff:a9:48:02:66:9a:47:98:7b:ca:
22:e6:b3:dd:b4:2a:f2:9a:4c:7e:b8:eb:fc:e7:19:e8:06:4a:
8a:d0:6e:e0:d8:8e:eb:62:fa:08:44:c1:aa:f4:75:8c:ab:d3:
d7:8e:a9:b4:b6:2c:5e:32:27:7f:27:51:2f:73:02:16:22:ca:
1e:a8:0f:4e:fe:17:f9:3e:1c:f7:7a:df:7d:7a:63:e0:6f:13:
14:12:dd:90:6c:4e:33:b0:14:ab:66:6b:b0:d5:28:1e:37:41:
ce:75:32:12
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY14NevwXWK1PFcCTPOrBzfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2M2Q5NmFlZmM1NDgwMjRmYTM2ZmE1Y2U4MDRhNDhiZjdj
YTNhNDAwHhcNMjQwMjA1MDc0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YwZjhjYzg1MjNhNDQyN2MzOTMwOTZjMTg1NDE5MjFkMDdlZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi02mKVVAwScN3Q743Q9sqJ9Beb/
DfPbkV99r5TD9Zn/AKAFPgO7M7Anp95jx0PQyj5BcnjziN/pEOuJAAg94V1lO7ar
SW9L11LfCev5WPYuVw2cUqm7Q81qgfqtPT9DcE3J6Am7nlnkHhmGlYPSS6dbz44i
u+UkYp5AWxIypjgsm7h2RsD/QA6U8LSoazmeSueR/RJBwDjOgQaBfKt0gI0BWL19
PXPAV/wl9CyimCalitENZgE1TqQN6SyYW2yC98CvRT9NDRMu38BqEGxtqHiNLpqu
bMcAWpVs2tiOAKBN/iVramoz/B3Md6BC7EN+53EBK2Ap69i51xJV4k4frwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFIzw+MyFI6RCfDkwlsGFQZIdB+5cMB8GA1UdIwQY
MBaAFMY9lq78VIAk+jb6XOgEpIv3yjpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGoyV3J2eFVnQ1Q2TnZwYzZBU2tpX2ZLT2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lZGQ2YjgtYWJiZC00YjgxLTk3MDct
OTcxZDI4ZDQzYzE0LzEvalBENHpJVWpwRUo4T1RDV3dZVkJraDBIN2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lZGQ2YjgtYWJiZC00YjgxLTk3MDctOTcxZDI4ZDQzYzE0
LzEveGoyV3J2eFVnQ1Q2TnZwYzZBU2tpX2ZLT2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQALmbqAwQC
TVFEAwQCVcykAwQCWSewAwQAXhhvAwQDuVWwAwQCvNCAMAsDBAK81vQDAwC81jAN
BAIAAjAHAwUDKgT5gDANBgkqhkiG9w0BAQsFAAOCAQEAk42E6PMEkvz/DYT+5fcI
svbhURdl4uVNwAy9RlHw8fqHbAa9E2fgcrJssZP0pSzoC7zyrXRicoIZ5ANeAyyT
mvBINbWwxLQ9rY5amqc+fYIRvVMxDHDbX0FNUE6JL/XwujVXBkDn5qdTG7eL9fZB
2kTE0gpqsXhLd0cIUCu7z8x2JIpVrMGDMRhDdFrkvh3jGPcbANJWNtP/qUgCZppH
mHvKIuaz3bQq8ppMfrjr/OcZ6AZKitBu4NiO62L6CETBqvR1jKvT146ptLYsXjIn
fydRL3MCFiLKHqgPTv4X+T4c93rffXpj4G8TFBLdkGxOM7AUq2ZrsNUoHjdBznUy
Eg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:08:55 2024 by rpki-client on console-fra.rpki-client.org