Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/9g3h73EzpZqX0f5xj7K8S2kGTTY.roa
File: 9g3h73EzpZqX0f5xj7K8S2kGTTY.roa (raw, json)
Hash identifier: D/zJeq6oXyURaFtXUmkWsQwO5ifPIM9UYgz6cN7WHe4=
Subject key identifier: F6:0D:E1:EF:71:33:A5:9A:97:D1:FE:71:8F:B2:BC:4B:69:06:4D:36
Certificate issuer: /CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Certificate serial: 018FE7855BAC805D88ED7ED373E9A9C8B493
Authority key identifier: C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/9g3h73EzpZqX0f5xj7K8S2kGTTY.roa
Signing time: Wed 05 Jun 2024 08:30:27 +0000
ROA not before: Wed 05 Jun 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206610
IP address blocks: 78.111.128.0/20 maxlen: 20
92.119.100.0/24 maxlen: 24
92.119.101.0/24 maxlen: 24
92.119.102.0/24 maxlen: 24
92.119.103.0/24 maxlen: 24
185.104.168.0/22 maxlen: 24
185.173.180.0/22 maxlen: 24
2a0b:b880::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jun 2024 18:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:85:5b:ac:80:5d:88:ed:7e:d3:73:e9:a9:c8:b4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Validity
Not Before: Jun 5 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f60de1ef7133a59a97d1fe718fb2bc4b69064d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:54:0c:82:58:88:e4:96:2b:17:75:dd:77:ce:
21:af:02:59:2d:a6:e3:39:07:4a:ce:c5:be:3c:44:
a2:74:ae:9d:f7:d0:5f:88:e5:e7:de:17:62:7a:a7:
eb:47:04:f4:23:90:34:2e:94:79:84:c8:98:66:40:
0d:1e:ea:cf:25:51:76:3c:32:ed:ee:76:9e:8a:7c:
ce:be:72:9f:df:6c:fd:27:ee:47:cd:70:a1:37:24:
b8:41:4b:c6:64:a7:35:92:58:af:57:0f:17:ee:1e:
24:77:a1:0a:b0:ae:ca:5a:09:10:50:2b:27:28:42:
85:c0:5e:50:5d:33:f0:7e:f6:de:c2:20:5d:12:bf:
13:4b:f9:c6:32:36:2d:f0:62:ca:99:4e:3f:11:35:
5d:42:c4:ed:ef:b3:4e:2c:7d:b9:ad:60:73:e3:b8:
24:9f:66:55:04:4e:b2:d6:56:18:44:4a:37:6a:c2:
eb:8e:de:55:2f:b9:75:c4:44:9a:9e:ed:aa:a0:f1:
02:e9:5b:4a:47:7a:28:bc:5d:84:04:c1:61:a3:32:
bf:4d:33:42:37:19:aa:a4:52:da:19:72:1b:33:9c:
f0:e7:31:6d:3a:7d:b0:33:58:74:c4:df:2f:25:92:
40:75:1c:d3:82:ce:8d:57:75:40:10:bb:47:5a:60:
b2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0D:E1:EF:71:33:A5:9A:97:D1:FE:71:8F:B2:BC:4B:69:06:4D:36
X509v3 Authority Key Identifier:
keyid:C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/9g3h73EzpZqX0f5xj7K8S2kGTTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.128.0/20
92.119.100.0/22
185.104.168.0/22
185.173.180.0/22
IPv6:
2a0b:b880::/29
Signature Algorithm: sha256WithRSAEncryption
7e:c2:dd:4b:c3:f0:83:fc:89:4e:c3:58:fa:ff:f8:b0:52:34:
65:74:92:94:bc:cd:59:1a:da:e0:5b:d1:ab:69:90:9a:4b:92:
ca:05:64:6c:02:aa:2c:4a:fd:80:66:16:4c:da:2a:eb:29:de:
c2:d2:72:14:f7:66:ba:f5:06:58:a2:02:b3:81:a4:69:1d:43:
4b:a6:6c:89:09:b8:15:72:bf:0d:c6:00:56:f0:77:49:c9:0a:
b0:7d:25:55:db:50:0e:e8:c5:51:02:6a:dd:8e:b6:c9:89:61:
13:45:bf:d0:71:7b:81:60:3c:4d:cf:0d:39:4b:ef:59:d3:8d:
79:08:b8:94:cb:96:b0:93:c6:b1:11:90:4a:6f:22:eb:ac:be:
e9:69:31:75:2b:05:d9:d8:a1:66:24:99:98:7e:df:21:1f:0c:
6d:4e:a5:c2:3d:ab:c6:1f:71:5f:ef:87:7b:dd:ff:54:55:49:
cf:33:9e:f5:96:e6:10:9a:13:c3:9d:31:83:6a:20:2d:d0:25:
f8:20:a6:28:ff:95:83:6b:79:c0:a3:12:ba:ce:c0:a7:b1:d0:
d1:db:e0:fe:c9:b9:b6:65:67:2a:29:1b:b5:a9:86:71:13:e9:
3a:1e:7f:00:98:89:79:ea:bf:90:52:2d:66:5c:c9:4d:dc:10:
00:f4:c9:1f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY/nhVusgF2I7X7Tc+mpyLSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NTNmNWUyMzA0MjBiYzRhNzBkMGE2MWRlM2I0N2RjZGEx
YThkMGUwHhcNMjQwNjA1MDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjBkZTFlZjcxMzNhNTlhOTdkMWZlNzE4ZmIyYmM0YjY5MDY0ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1QMgliI5JYrF3Xdd84hrwJZLabj
OQdKzsW+PESidK6d99BfiOXn3hdieqfrRwT0I5A0LpR5hMiYZkANHurPJVF2PDLt
7naeinzOvnKf32z9J+5HzXChNyS4QUvGZKc1klivVw8X7h4kd6EKsK7KWgkQUCsn
KEKFwF5QXTPwfvbewiBdEr8TS/nGMjYt8GLKmU4/ETVdQsTt77NOLH25rWBz47gk
n2ZVBE6y1lYYREo3asLrjt5VL7l1xESanu2qoPEC6VtKR3oovF2EBMFhozK/TTNC
NxmqpFLaGXIbM5zw5zFtOn2wM1h0xN8vJZJAdRzTgs6NV3VAELtHWmCy0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPYN4e9xM6Wal9H+cY+yvEtpBk02MB8GA1UdIwQY
MBaAFMRT9eIwQgvEpw0KYd47R9zaGo0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1Njkt
ZTZjZjE3Y2RkYTRmLzEvOWczaDczRXpwWnFYMGY1eGo3SzhTMmtHVFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1NjktZTZjZjE3Y2RkYTRm
LzEveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETm+AAwQC
XHdkAwQCuWioAwQCua20MA0EAgACMAcDBQMqC7iAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+wt1Lw/CD/IlOw1j6//iwUjRldJKUvM1ZGtrgW9GraZCaS5LKBWRsAqosSv2A
ZhZM2irrKd7C0nIU92a69QZYogKzgaRpHUNLpmyJCbgVcr8NxgBW8HdJyQqwfSVV
21AO6MVRAmrdjrbJiWETRb/QcXuBYDxNzw05S+9Z0415CLiUy5awk8axEZBKbyLr
rL7paTF1KwXZ2KFmJJmYft8hHwxtTqXCPavGH3Ff74d73f9UVUnPM571luYQmhPD
nTGDaiAt0CX4IKYo/5WDa3nAoxK6zsCnsdDR2+D+ybm2ZWcqKRu1qYZxE+k6Hn8A
mIl56r+QUi1mXMlN3BAA9Mkf
-----END CERTIFICATE-----
Generated at Thu Jun 20 03:45:57 2024 by rpki-client on console.sobornost.net