Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jLxy38wKiO5DMyDsYXUQh-1EGzM.roa
File: jLxy38wKiO5DMyDsYXUQh-1EGzM.roa (raw, json)
Hash identifier: 3mwHW0CU+Y3olgGgylITrYdGfRPO/OsZdlSuIxPlZeQ=
Subject key identifier: 8C:BC:72:DF:CC:0A:88:EE:43:33:20:EC:61:75:10:87:ED:44:1B:33
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E9EC5C6034F8382DC286E0768FA542E0A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jLxy38wKiO5DMyDsYXUQh-1EGzM.roa
Signing time: Tue 02 Apr 2024 12:25:45 +0000
ROA not before: Tue 02 Apr 2024 12:25:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 94.156.112.0/24 maxlen: 24
94.156.114.0/24 maxlen: 24
94.156.115.0/24 maxlen: 24
94.156.116.0/24 maxlen: 24
94.156.118.0/24 maxlen: 24
94.156.120.0/24 maxlen: 24
94.156.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:c5:c6:03:4f:83:82:dc:28:6e:07:68:fa:54:2e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 2 12:25:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cbc72dfcc0a88ee433320ec61751087ed441b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:be:88:a5:a4:dd:db:ec:64:eb:26:0c:0a:
ef:16:39:1f:2e:70:07:c4:86:74:9c:09:b4:50:0c:
ca:ca:50:58:fd:3f:32:1f:cc:e3:03:fb:25:b5:14:
f9:d9:88:e3:99:ec:32:b4:fe:0d:b4:65:eb:af:19:
8b:09:d1:2e:13:ed:36:92:4d:9c:15:76:1d:7f:8a:
eb:35:30:43:84:d4:f5:d9:44:c2:de:22:c7:b8:72:
ac:bf:1c:f2:1d:43:9d:f0:f2:64:38:47:1e:a5:a8:
dd:36:29:59:c1:e7:67:3b:df:e6:5f:59:6e:ee:ba:
5e:4e:b0:75:18:f4:b2:dd:00:5b:cc:08:21:5c:9c:
1a:b5:45:98:76:a0:02:b7:83:da:a5:5c:9e:8d:1b:
df:b1:9b:3f:d7:ba:dd:d0:ab:f2:e8:1f:56:11:dc:
ce:e5:a5:5d:9f:a7:bf:8b:9c:3b:74:1e:8a:3a:7b:
6e:08:60:93:88:95:f0:4f:fd:37:14:d6:99:c8:8e:
cd:64:62:de:0d:b5:4a:92:d1:2c:05:6a:82:87:a0:
0b:2e:e9:89:72:ce:79:a3:4d:29:d7:a2:c2:e6:37:
91:b9:60:91:a1:4c:93:24:2a:c1:26:03:18:96:61:
5c:01:30:de:ca:d4:54:c2:e1:0c:b0:bf:f6:75:9d:
2a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:BC:72:DF:CC:0A:88:EE:43:33:20:EC:61:75:10:87:ED:44:1B:33
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jLxy38wKiO5DMyDsYXUQh-1EGzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.112.0/24
94.156.114.0-94.156.116.255
94.156.118.0/24
94.156.120.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:3b:0f:72:c0:b2:51:83:1c:90:1a:52:66:65:30:c0:cb:cf:
ab:3b:2e:4a:38:c2:97:07:e3:bc:fe:6f:f1:90:52:17:ae:33:
fc:94:92:31:c3:db:5e:50:f3:47:37:11:f3:85:06:fc:dd:c8:
44:d6:b0:a7:37:a1:42:59:89:df:80:1a:9b:5f:5b:eb:af:11:
45:d2:b9:65:2b:c7:92:c4:a9:ea:2c:81:57:1f:40:e0:43:bb:
93:38:5f:1f:bb:25:ef:fb:b2:00:73:13:8e:4e:5c:f6:1a:f5:
5d:0a:1b:eb:b5:0b:3d:ab:18:ca:45:d3:b8:be:b6:18:c2:60:
c9:4a:82:35:27:e5:98:51:b3:78:22:73:c9:83:e5:2e:1a:c5:
ac:c2:9b:58:d1:fd:4e:1b:87:c0:39:12:3a:56:2a:83:ac:f0:
af:5f:85:67:bf:7a:85:36:ec:d7:4c:8c:db:93:2c:f5:ca:6e:
0a:7b:62:cf:18:e5:a2:22:8b:44:16:fa:b3:9d:47:5c:0b:67:
b9:1b:cc:01:f8:be:3e:c6:fc:b8:57:60:a9:42:74:00:40:38:
d0:91:e7:25:b2:35:ca:6a:e1:ca:30:8d:ce:db:ba:ac:53:26:
ea:0b:9f:a1:4e:f5:68:87:37:e3:a1:7d:6f:cf:b8:5e:84:a0:
d1:42:68:45
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY6excYDT4OC3ChuB2j6VC4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDAyMTIyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2JjNzJkZmNjMGE4OGVlNDMzMzIwZWM2MTc1MTA4N2VkNDQxYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPW+iKWk3dvsZOsmDArvFjkfLnAH
xIZ0nAm0UAzKylBY/T8yH8zjA/sltRT52YjjmewytP4NtGXrrxmLCdEuE+02kk2c
FXYdf4rrNTBDhNT12UTC3iLHuHKsvxzyHUOd8PJkOEcepajdNilZwednO9/mX1lu
7rpeTrB1GPSy3QBbzAghXJwatUWYdqACt4PapVyejRvfsZs/17rd0Kvy6B9WEdzO
5aVdn6e/i5w7dB6KOntuCGCTiJXwT/03FNaZyI7NZGLeDbVKktEsBWqCh6ALLumJ
cs55o00p16LC5jeRuWCRoUyTJCrBJgMYlmFcATDeytRUwuEMsL/2dZ0qlwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIy8ct/MCojuQzMg7GF1EIftRBszMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvakx4eTM4d0tpTzVETXlEc1lYVVFoLTFFR3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAXpxwMAwD
BAFenHIDBABenHQDBABenHYDBAFenHgwDQYJKoZIhvcNAQELBQADggEBAFw7D3LA
slGDHJAaUmZlMMDLz6s7Lko4wpcH47z+b/GQUheuM/yUkjHD215Q80c3EfOFBvzd
yETWsKc3oUJZid+AGptfW+uvEUXSuWUrx5LEqeosgVcfQOBDu5M4Xx+7Je/7sgBz
E45OXPYa9V0KG+u1Cz2rGMpF07i+thjCYMlKgjUn5ZhRs3gic8mD5S4axazCm1jR
/U4bh8A5EjpWKoOs8K9fhWe/eoU27NdMjNuTLPXKbgp7Ys8Y5aIii0QW+rOdR1wL
Z7kbzAH4vj7G/LhXYKlCdABAONCR5yWyNcpq4cowjc7buqxTJuoLn6FO9WiHN+Oh
fW/PuF6EoNFCaEU=
-----END CERTIFICATE-----
Generated at Sun May 5 18:37:01 2024 by rpki-client on console-fra.rpki-client.org