Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/JjgLVYD_xJAzQgEsxv704RTJtEI.roa
File: JjgLVYD_xJAzQgEsxv704RTJtEI.roa (raw, json)
Hash identifier: 2h1ogcGPMQ3n2z1740U/v3v9A4z+IsHVRGyjZ8cmBOk=
Subject key identifier: 26:38:0B:55:80:FF:C4:90:33:42:01:2C:C6:FE:F4:E1:14:C9:B4:42
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 018D35FFC7C28345246DE6E02380FD041880
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/JjgLVYD_xJAzQgEsxv704RTJtEI.roa
Signing time: Tue 23 Jan 2024 11:06:11 +0000
ROA not before: Tue 23 Jan 2024 11:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209100
IP address blocks: 2a0e:800:ff90::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:ff:c7:c2:83:45:24:6d:e6:e0:23:80:fd:04:18:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 23 11:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26380b5580ffc4903342012cc6fef4e114c9b442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:36:c6:c9:8f:7d:79:f2:0a:f5:86:32:fa:
55:e3:65:a0:3f:13:42:e5:29:36:de:6a:c0:87:09:
21:12:f4:c1:ba:97:85:db:aa:0f:f9:9f:71:32:a0:
38:56:df:88:8c:8b:eb:35:49:90:e3:85:d7:dd:10:
44:c1:ab:d2:a3:37:4d:5a:a1:1c:fd:80:f3:bc:62:
cf:23:20:59:95:77:27:ac:98:b6:42:d3:97:1f:ed:
44:1d:83:73:34:55:5b:7a:6b:6b:3c:c6:93:c6:98:
5a:f1:41:2e:1c:1a:2f:2f:34:4b:2d:53:35:0a:0f:
4f:12:a8:73:18:ec:fd:89:76:dc:32:82:7e:e9:8e:
fb:bb:a1:28:ca:c1:23:73:ab:17:fe:3a:b3:98:43:
d5:0c:de:98:83:38:cf:13:04:40:f4:ec:3f:d2:b5:
c2:60:74:e7:3e:64:50:3d:cf:24:e1:54:be:0f:58:
a7:03:8c:61:e9:5b:f3:fc:55:59:3c:2b:8a:2a:60:
7f:9b:e8:8f:53:4e:c8:36:a8:22:d1:00:b2:85:f3:
56:82:6e:9e:04:bc:2c:18:d8:a7:a5:95:c4:50:73:
aa:e5:71:16:4b:88:9a:f0:8e:cd:ce:61:99:a6:c4:
3b:9c:c0:d5:af:0e:fe:78:dc:2e:bd:4c:4d:15:6d:
f5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:38:0B:55:80:FF:C4:90:33:42:01:2C:C6:FE:F4:E1:14:C9:B4:42
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/JjgLVYD_xJAzQgEsxv704RTJtEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:800:ff90::/47
Signature Algorithm: sha256WithRSAEncryption
95:e8:ab:4e:fb:2e:dc:1d:f9:e2:49:5f:8d:0e:d7:d6:08:38:
b5:ad:9f:6f:8d:98:fd:6f:e9:c8:9f:f9:3c:55:94:8b:47:78:
15:1d:75:2b:e1:8b:55:7b:79:47:1d:ec:4b:e2:21:e3:78:fa:
db:74:53:f1:14:52:0b:83:7d:36:92:08:4e:a7:77:18:ed:85:
47:d4:9c:c9:53:2f:f7:d0:e6:be:3e:da:28:6e:e1:2b:d4:d1:
22:60:8b:c8:dd:16:74:fd:eb:6c:db:70:07:a5:23:f3:b0:00:
b2:6c:a4:e0:c7:59:4c:ad:9d:27:ee:c3:db:90:cd:35:7f:68:
be:51:6a:4c:bc:ae:02:d9:a4:f4:c5:35:53:8c:00:88:19:1f:
bc:c9:d5:28:ae:45:57:ba:45:65:a3:01:27:a3:a9:24:7d:58:
0a:8b:6e:85:42:56:5d:8c:bb:93:8b:07:b5:2a:a5:1a:d2:c0:
bf:e7:91:7b:75:9c:c7:03:34:38:c5:fb:f0:8c:c6:91:82:55:
7a:38:6d:c9:00:c6:4b:8e:2c:cb:9f:60:14:1d:6f:ee:e5:50:
48:fc:6e:f4:e2:ff:97:18:ff:de:b3:f9:6e:3f:9d:c3:e0:da:
28:78:90:cc:c0:79:e0:c7:77:1f:7e:96:6b:23:f8:01:95:05:
2d:03:d3:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY01/8fCg0UkbebgI4D9BBiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjQwMTIzMTEwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM4MGI1NTgwZmZjNDkwMzM0MjAxMmNjNmZlZjRlMTE0YzliNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUk2xsmPfXnyCvWGMvpV42WgPxNC
5Sk23mrAhwkhEvTBupeF26oP+Z9xMqA4Vt+IjIvrNUmQ44XX3RBEwavSozdNWqEc
/YDzvGLPIyBZlXcnrJi2QtOXH+1EHYNzNFVbemtrPMaTxpha8UEuHBovLzRLLVM1
Cg9PEqhzGOz9iXbcMoJ+6Y77u6EoysEjc6sX/jqzmEPVDN6YgzjPEwRA9Ow/0rXC
YHTnPmRQPc8k4VS+D1inA4xh6Vvz/FVZPCuKKmB/m+iPU07INqgi0QCyhfNWgm6e
BLwsGNinpZXEUHOq5XEWS4ia8I7NzmGZpsQ7nMDVrw7+eNwuvUxNFW31qQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCY4C1WA/8SQM0IBLMb+9OEUybRCMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvSmpnTFZZRF94SkF6UWdFc3h2NzA0UlRKdEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg4IAP+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCV6KtO+y7cHfniSV+NDtfWCDi1rZ9vjZj9b+nI
n/k8VZSLR3gVHXUr4YtVe3lHHexL4iHjePrbdFPxFFILg302kghOp3cY7YVH1JzJ
Uy/30Oa+PtoobuEr1NEiYIvI3RZ0/ets23AHpSPzsACybKTgx1lMrZ0n7sPbkM01
f2i+UWpMvK4C2aT0xTVTjACIGR+8ydUorkVXukVlowEno6kkfVgKi26FQlZdjLuT
iwe1KqUa0sC/55F7dZzHAzQ4xfvwjMaRglV6OG3JAMZLjizLn2AUHW/u5VBI/G70
4v+XGP/es/luP53D4NooeJDMwHngx3cffpZrI/gBlQUtA9Ow
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:16:20 2024 by rpki-client on console-ams.rpki-client.org