Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/JZVOQicSqQ9kZ0L8_JALfXURfRY.roa
File: JZVOQicSqQ9kZ0L8_JALfXURfRY.roa (raw, json)
Hash identifier: lbLC+42djuWZ60UKXlVUGmagjVYOlRMLaKKaBMnRIjg=
Subject key identifier: 25:95:4E:42:27:12:A9:0F:64:67:42:FC:FC:90:0B:7D:75:11:7D:16
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 018D5D9C964AE0035C70648BDB88268238E1
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/JZVOQicSqQ9kZ0L8_JALfXURfRY.roa
Signing time: Wed 31 Jan 2024 03:42:39 +0000
ROA not before: Wed 31 Jan 2024 03:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39835
IP address blocks: 5.34.224.0/21 maxlen: 24
81.20.112.0/20 maxlen: 24
81.90.192.0/20 maxlen: 24
130.193.96.0/21 maxlen: 24
185.75.148.0/22 maxlen: 24
185.94.36.0/22 maxlen: 24
188.74.32.0/20 maxlen: 24
212.101.32.0/19 maxlen: 24
2a02:1318::/32 maxlen: 40
2a03:4b20::/29 maxlen: 40
2a03:6880::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.mft
rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5d:9c:96:4a:e0:03:5c:70:64:8b:db:88:26:82:38:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Jan 31 03:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25954e422712a90f646742fcfc900b7d75117d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:76:19:b4:0e:f0:54:2a:39:ec:f4:fe:2f:
1b:26:ee:a7:b2:ad:69:55:a4:2f:07:87:20:7e:58:
fe:02:d2:22:26:7e:af:93:89:bb:78:9d:7b:b8:e5:
1e:73:d0:86:8f:84:f0:2b:eb:62:d8:54:82:cf:4a:
ad:79:dd:df:e2:66:85:3e:d4:5c:75:10:ce:da:b8:
05:9e:c8:38:c0:2b:49:00:e8:90:05:e3:91:c8:c7:
12:d6:cc:4d:d1:a8:50:ee:0a:68:d0:ed:46:d5:c0:
2c:21:72:6b:6f:64:6a:0a:a4:7e:a1:d8:f2:10:fa:
bf:10:a0:17:7c:0f:1c:e8:5e:b7:21:28:c1:57:63:
0c:e5:42:c4:db:80:41:49:e0:70:3d:20:97:2c:c3:
f2:b4:28:c2:d9:da:8b:48:d2:8c:a5:ce:06:2c:65:
c9:3c:21:fa:97:9e:b8:ed:a7:86:94:9a:85:45:77:
f8:38:17:ea:0b:5f:fe:eb:1e:93:7b:58:1d:39:12:
f8:88:9e:fe:a7:17:f3:13:05:03:21:f2:81:e2:bc:
94:73:b3:81:90:73:85:91:c5:ae:97:5d:d4:69:e1:
27:18:11:21:2e:02:80:f3:b1:5e:77:26:6a:2f:5c:
16:e6:24:69:d2:6a:a2:a1:b5:9c:31:7c:8e:fa:ba:
e7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:95:4E:42:27:12:A9:0F:64:67:42:FC:FC:90:0B:7D:75:11:7D:16
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/JZVOQicSqQ9kZ0L8_JALfXURfRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.224.0/21
81.20.112.0/20
81.90.192.0/20
130.193.96.0/21
185.75.148.0/22
185.94.36.0/22
188.74.32.0/20
212.101.32.0/19
IPv6:
2a02:1318::/32
2a03:4b20::/29
2a03:6880::/32
Signature Algorithm: sha256WithRSAEncryption
79:42:07:d3:eb:ba:33:13:d7:44:c3:f2:e8:51:10:2d:3b:81:
0b:6f:da:3e:ea:24:84:76:84:fa:54:10:76:94:a5:75:2a:d7:
d7:5c:e7:17:65:dd:b6:10:1f:3e:c5:4b:e9:d3:b7:6d:38:0a:
2c:5d:2e:09:35:a8:20:ff:da:42:5b:cf:47:dc:da:85:88:90:
2a:5f:89:e4:59:a5:3e:90:56:bf:66:20:64:8f:b0:46:6e:2d:
f1:3d:83:26:fd:c5:81:35:88:b0:90:cb:5c:8d:d3:9d:4b:f9:
8b:d4:39:fa:be:86:e4:e8:82:f3:0d:c4:9d:0c:c5:e1:e4:26:
1b:25:a3:76:6f:49:d5:ac:77:3f:91:76:d8:cd:11:58:da:5f:
61:b1:30:41:55:4e:d6:5d:7b:d3:b2:fa:cc:53:b2:3e:0b:8b:
a8:da:fe:96:5f:cb:68:24:0e:02:7e:d4:f2:fc:04:dc:b2:91:
9b:80:1f:2c:91:b7:6e:fb:df:d0:90:c5:27:61:86:77:0b:24:
2d:e7:67:63:e7:9c:e8:ce:bb:11:08:64:5f:a1:b9:32:55:5a:
f8:a4:7c:fb:c0:ef:40:eb:68:a5:7a:89:e8:1a:41:f4:71:fc:
b6:28:c8:0b:77:58:5d:6d:27:f5:29:2d:26:97:61:37:53:e5:
5f:d0:28:8b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY1dnJZK4ANccGSL24gmgjjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjQwMTMxMDM0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTk1NGU0MjI3MTJhOTBmNjQ2NzQyZmNmYzkwMGI3ZDc1MTE3ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7R2GbQO8FQqOez0/i8bJu6nsq1p
VaQvB4cgflj+AtIiJn6vk4m7eJ17uOUec9CGj4TwK+ti2FSCz0qted3f4maFPtRc
dRDO2rgFnsg4wCtJAOiQBeORyMcS1sxN0ahQ7gpo0O1G1cAsIXJrb2RqCqR+odjy
EPq/EKAXfA8c6F63ISjBV2MM5ULE24BBSeBwPSCXLMPytCjC2dqLSNKMpc4GLGXJ
PCH6l5647aeGlJqFRXf4OBfqC1/+6x6Te1gdORL4iJ7+pxfzEwUDIfKB4ryUc7OB
kHOFkcWul13UaeEnGBEhLgKA87FedyZqL1wW5iRp0mqiobWcMXyO+rrnXwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFCWVTkInEqkPZGdC/PyQC311EX0WMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvSlpWT1FpY1NxUTlrWjBMOF9KQUxmWFVSZlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDBSLgAwQE
URRwAwQEUVrAAwQDgsFgAwQCuUuUAwQCuV4kAwQEvEogAwQF1GUgMBsEAgACMBUD
BQAqAhMYAwUDKgNLIAMFACoDaIAwDQYJKoZIhvcNAQELBQADggEBAHlCB9PrujMT
10TD8uhREC07gQtv2j7qJIR2hPpUEHaUpXUq19dc5xdl3bYQHz7FS+nTt204Cixd
Lgk1qCD/2kJbz0fc2oWIkCpfieRZpT6QVr9mIGSPsEZuLfE9gyb9xYE1iLCQy1yN
051L+YvUOfq+huTogvMNxJ0MxeHkJhslo3ZvSdWsdz+RdtjNEVjaX2GxMEFVTtZd
e9Oy+sxTsj4Li6ja/pZfy2gkDgJ+1PL8BNyykZuAHyyRt27739CQxSdhhncLJC3n
Z2PnnOjOuxEIZF+huTJVWvikfPvA70DraKV6iegaQfRx/LYoyAt3WF1tJ/UpLSaX
YTdT5V/QKIs=
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:55:09 2024 by rpki-client on console-fra.rpki-client.org