Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/jUD-FO67L3zlqWHSZPWsvNCDGTo.roa
File: jUD-FO67L3zlqWHSZPWsvNCDGTo.roa (raw, json)
Hash identifier: k5fGWD/GNRN6WXnD/EKLZMo1S5lmzGesAZY5yGqIkAE=
Subject key identifier: 8D:40:FE:14:EE:BB:2F:7C:E5:A9:61:D2:64:F5:AC:BC:D0:83:19:3A
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018E65557EE7B62A2D7ADF5096B61EAB74FF
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/jUD-FO67L3zlqWHSZPWsvNCDGTo.roa
Signing time: Fri 22 Mar 2024 08:44:45 +0000
ROA not before: Fri 22 Mar 2024 08:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34879
IP address blocks: 195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:55:7e:e7:b6:2a:2d:7a:df:50:96:b6:1e:ab:74:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Mar 22 08:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d40fe14eebb2f7ce5a961d264f5acbcd083193a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8d:c6:b0:df:74:b5:f2:e0:be:07:a9:a6:d4:
65:0f:a5:84:c9:7a:3e:b5:b5:b4:87:52:cf:e0:27:
52:d4:53:7f:56:4d:80:b2:e0:29:07:aa:98:41:6f:
83:16:42:f8:b5:94:75:da:d7:99:87:76:99:36:8d:
f0:cd:41:33:b6:b8:d9:70:f6:7c:0d:66:24:16:d1:
d8:79:18:04:47:88:28:5a:bd:db:98:57:35:26:ba:
8f:0e:9d:fe:ab:5a:03:fa:2a:6d:84:d4:50:eb:b7:
c4:69:b6:26:f1:da:4f:8c:a3:50:2b:6f:88:18:ff:
0e:9d:16:cd:cc:d2:b9:d4:1b:74:df:ca:77:39:84:
4a:46:5a:07:97:b7:81:96:f5:e4:43:06:58:da:62:
94:af:86:3f:fe:05:3c:23:24:e2:ca:f6:14:5c:f3:
9d:c6:e9:c4:ea:ab:d7:2c:5b:c3:93:d0:9e:56:a5:
07:df:69:dc:b9:93:6a:96:0c:e7:cc:f5:55:d9:c1:
67:84:b8:87:02:68:09:d2:0b:9b:2e:72:a7:3a:a8:
2f:b9:d3:f2:0c:22:cb:4a:8d:6b:12:d3:62:e6:34:
26:49:5e:f7:22:9a:d6:0c:bf:c3:b9:56:61:91:7f:
22:0b:c7:c8:b1:e8:8a:87:b4:ab:96:fa:a2:17:82:
ab:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:40:FE:14:EE:BB:2F:7C:E5:A9:61:D2:64:F5:AC:BC:D0:83:19:3A
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/jUD-FO67L3zlqWHSZPWsvNCDGTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.209.72.0-195.209.74.255
195.209.77.0/24
195.209.84.0/24
Signature Algorithm: sha256WithRSAEncryption
76:35:3d:9f:03:01:ea:8c:e2:21:37:52:ec:d5:74:aa:ca:50:
62:12:59:82:51:24:c5:1b:ac:11:78:08:22:e8:7f:e7:b1:33:
a8:8b:26:c3:9d:50:9c:1f:c7:d4:c8:27:b0:5d:dc:03:5b:b9:
18:6c:af:12:30:2c:51:9b:23:50:e2:73:53:22:1e:eb:93:80:
92:9a:8d:db:ff:e0:de:e8:89:a7:7b:7b:b1:80:7b:84:d9:62:
18:5d:1c:e2:5d:5e:32:37:81:64:8c:9c:d6:c2:a9:e7:1c:ee:
6d:b3:26:20:c6:20:89:8d:c8:4b:c3:3a:4b:a4:10:17:59:0d:
7b:a9:b1:70:c0:6e:58:df:e0:a8:6d:3f:47:ec:c7:86:0b:e5:
62:c6:40:bd:7b:56:c4:51:ea:19:39:ae:6d:f2:5c:ab:62:d3:
81:f8:09:ad:ca:a3:d7:ec:20:77:9b:9f:8c:09:89:f8:0a:ef:
2c:27:c2:07:34:0a:a6:4a:48:34:a7:51:84:b4:7b:37:c9:8d:
59:24:45:bf:c4:73:b0:b5:78:28:a2:08:7e:58:88:ec:b1:aa:
1d:81:7c:5f:af:4c:f9:da:fc:33:fe:1e:b7:c3:64:0e:72:66:
d8:76:9c:60:12:b3:bb:ea:c1:11:69:f4:3a:50:d5:4c:90:be:
b0:dd:95:a3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY5lVX7ntiotet9QlrYeq3T/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMzIyMDg0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQwZmUxNGVlYmIyZjdjZTVhOTYxZDI2NGY1YWNiY2QwODMxOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo3GsN90tfLgvgepptRlD6WEyXo+
tbW0h1LP4CdS1FN/Vk2AsuApB6qYQW+DFkL4tZR12teZh3aZNo3wzUEztrjZcPZ8
DWYkFtHYeRgER4goWr3bmFc1JrqPDp3+q1oD+ipthNRQ67fEabYm8dpPjKNQK2+I
GP8OnRbNzNK51Bt038p3OYRKRloHl7eBlvXkQwZY2mKUr4Y//gU8IyTiyvYUXPOd
xunE6qvXLFvDk9CeVqUH32ncuZNqlgznzPVV2cFnhLiHAmgJ0gubLnKnOqgvudPy
DCLLSo1rEtNi5jQmSV73IprWDL/DuVZhkX8iC8fIseiKh7SrlvqiF4KrzQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI1A/hTuuy985alh0mT1rLzQgxk6MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvalVELUZPNjdMM3pscVdIU1pQV3N2TkNER1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAPD0UgD
BADD0UoDBADD0U0DBADD0VQwDQYJKoZIhvcNAQELBQADggEBAHY1PZ8DAeqM4iE3
UuzVdKrKUGISWYJRJMUbrBF4CCLof+exM6iLJsOdUJwfx9TIJ7Bd3ANbuRhsrxIw
LFGbI1Dic1MiHuuTgJKajdv/4N7oiad7e7GAe4TZYhhdHOJdXjI3gWSMnNbCqecc
7m2zJiDGIImNyEvDOkukEBdZDXupsXDAbljf4KhtP0fsx4YL5WLGQL17VsRR6hk5
rm3yXKti04H4Ca3Ko9fsIHebn4wJifgK7ywnwgc0CqZKSDSnUYS0ezfJjVkkRb/E
c7C1eCiiCH5YiOyxqh2BfF+vTPna/DP+HrfDZA5yZth2nGASs7vqwRFp9DpQ1UyQ
vrDdlaM=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:35:00 2024 by rpki-client on console-ams.rpki-client.org