Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/jmn-nO6rVyJYRennm7w9ZQcZ8uU.roa
File: jmn-nO6rVyJYRennm7w9ZQcZ8uU.roa (raw, json)
Hash identifier: wWIfyCrad/1Aa4CQAllrP8wJZVpPZCDRTIWQRACs/6k=
Subject key identifier: 8E:69:FE:9C:EE:AB:57:22:58:45:E9:E7:9B:BC:3D:65:07:19:F2:E5
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 018CC5001F2B612C3CE0988CE71D352C8C46
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/jmn-nO6rVyJYRennm7w9ZQcZ8uU.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57822
IP address blocks: 185.54.246.0/24 maxlen: 24
185.54.245.0/24 maxlen: 24
185.54.247.0/24 maxlen: 24
94.247.105.0/24 maxlen: 24
94.247.104.0/24 maxlen: 24
94.247.109.0/24 maxlen: 24
94.247.108.0/24 maxlen: 24
94.247.107.0/24 maxlen: 24
94.247.106.0/24 maxlen: 24
2a02:47a0:4::/48 maxlen: 48
2a02:47a0:3::/48 maxlen: 48
2a02:47a0:203::/48 maxlen: 48
2a02:47a0:201::/48 maxlen: 48
2a02:47a0:202::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1f:2b:61:2c:3c:e0:98:8c:e7:1d:35:2c:8c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e69fe9ceeab57225845e9e79bbc3d650719f2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c7:34:30:58:5a:8b:78:2b:12:27:07:2e:20:
7d:5e:aa:0f:87:6a:b7:4d:5f:7e:05:af:f4:ae:a5:
0e:17:a9:3d:68:d0:4c:78:d4:aa:ab:a4:16:aa:bb:
99:e4:6c:0a:f6:dd:90:36:c0:0e:7c:f0:e9:7e:3c:
d2:81:69:dc:3a:d1:f6:62:b9:30:c0:92:2c:e8:3c:
09:81:bf:66:dd:eb:72:59:c4:52:91:97:e2:8e:34:
ec:a3:44:44:c2:94:ca:f9:b4:89:20:68:0a:70:83:
68:05:fe:c3:83:1f:8e:0a:14:96:3b:bb:66:d8:9c:
8c:e7:fb:ac:31:74:35:ff:db:d1:ab:dd:47:7b:1c:
05:44:cf:30:a7:a4:b1:0a:b2:fc:09:5d:f0:75:0c:
54:fa:a3:02:f3:b6:c8:1a:28:36:5e:d7:64:e1:bb:
4e:6c:bb:25:80:0c:23:da:5f:c2:c1:0f:64:a6:5c:
e1:a6:a9:9d:1a:ff:8b:10:85:47:e3:f8:82:a5:83:
39:c1:0c:1a:be:45:6a:6d:de:93:28:8b:14:03:34:
54:0f:dd:4f:2c:c8:5f:36:9d:23:f6:b5:80:73:20:
a1:ad:cd:c1:bf:c2:10:1f:cc:6e:10:e3:10:f1:be:
0f:d9:1f:fb:03:47:e5:bc:2a:17:c9:ab:db:6c:6b:
a5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:69:FE:9C:EE:AB:57:22:58:45:E9:E7:9B:BC:3D:65:07:19:F2:E5
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/jmn-nO6rVyJYRennm7w9ZQcZ8uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.104.0-94.247.109.255
185.54.245.0-185.54.247.255
IPv6:
2a02:47a0:3::-2a02:47a0:4:ffff:ffff:ffff:ffff:ffff
2a02:47a0:201::-2a02:47a0:203:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4a:2c:49:d2:6f:f5:ec:cc:3a:f2:b9:d1:df:54:1b:f5:74:d5:
e1:84:2a:b3:92:94:35:6d:44:96:cf:a9:33:8d:f6:27:47:6f:
60:c5:fe:23:c2:1e:cf:69:b6:d5:4a:88:cf:aa:14:3f:04:a3:
10:00:98:1f:e7:d4:4e:7d:2f:27:3b:65:59:47:3b:bf:b6:6b:
1e:eb:02:0c:73:fe:c3:0d:39:3a:81:94:ed:37:b0:ab:92:01:
42:eb:89:04:1e:0d:de:01:07:0f:dd:ce:96:4a:2c:03:fb:a8:
87:c0:84:30:cb:06:9a:96:b9:12:72:46:55:b5:19:12:08:60:
76:1a:af:43:cb:54:37:4b:80:41:94:dd:c7:ee:ac:b4:f5:28:
32:6a:a7:9d:94:cb:ed:22:d4:83:54:fb:a8:92:8e:ac:ad:74:
09:97:27:8e:07:e4:e4:87:2e:0e:4c:5c:0f:4b:75:10:07:cc:
8d:33:fc:21:a0:fe:25:95:de:14:29:c7:ea:51:f6:d8:70:ad:
fc:73:6a:cb:ab:ee:73:72:53:72:91:1e:cc:93:b6:f3:94:e4:
74:8c:95:a3:bf:62:3f:53:22:06:3e:3e:94:1c:70:97:f1:57:
d0:0f:02:b1:91:2b:4c:98:dc:9a:74:3f:a3:79:2a:ae:51:5b:
a1:e6:cb:6c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzFAB8rYSw84JiM5x01LIxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODczODllZjQxZjE4YzFmY2M4Mjc1NDM0OWVhNzA5Njk4
MGIxZTMwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTY5ZmU5Y2VlYWI1NzIyNTg0NWU5ZTc5YmJjM2Q2NTA3MTlmMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8c0MFhai3grEicHLiB9XqoPh2q3
TV9+Ba/0rqUOF6k9aNBMeNSqq6QWqruZ5GwK9t2QNsAOfPDpfjzSgWncOtH2Yrkw
wJIs6DwJgb9m3etyWcRSkZfijjTso0REwpTK+bSJIGgKcINoBf7Dgx+OChSWO7tm
2JyM5/usMXQ1/9vRq91HexwFRM8wp6SxCrL8CV3wdQxU+qMC87bIGig2Xtdk4btO
bLslgAwj2l/CwQ9kplzhpqmdGv+LEIVH4/iCpYM5wQwavkVqbd6TKIsUAzRUD91P
LMhfNp0j9rWAcyChrc3Bv8IQH8xuEOMQ8b4P2R/7A0flvCoXyavbbGulDQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFI5p/pzuq1ciWEXp55u8PWUHGfLlMB8GA1UdIwQY
MBaAFEyHOJ70HxjB/MgnVDSepwlpgLHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTct
ZmZiNzA5Zjc2NjhjLzEvam1uLW5PNnJWeUpZUmVubm03dzlaUWNaOHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTctZmZiNzA5Zjc2Njhj
LzEvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAiBAIAATAcMAwDBANe92gD
BAFe92wwDAMEALk29QMEA7k28DAuBAIAAjAoMBIDBwAqAkegAAMDBwAqAkegAAQw
EgMHACoCR6ACAQMHAioCR6ACADANBgkqhkiG9w0BAQsFAAOCAQEASixJ0m/17Mw6
8rnR31Qb9XTV4YQqs5KUNW1Els+pM432J0dvYMX+I8Iez2m21UqIz6oUPwSjEACY
H+fUTn0vJztlWUc7v7ZrHusCDHP+ww05OoGU7Tewq5IBQuuJBB4N3gEHD93Olkos
A/uoh8CEMMsGmpa5EnJGVbUZEghgdhqvQ8tUN0uAQZTdx+6stPUoMmqnnZTL7SLU
g1T7qJKOrK10CZcnjgfk5IcuDkxcD0t1EAfMjTP8IaD+JZXeFCnH6lH22HCt/HNq
y6vuc3JTcpEezJO285TkdIyVo79iP1MiBj4+lBxwl/FX0A8CsZErTJjcmnQ/o3kq
rlFboebLbA==
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:45:24 2024 by rpki-client on console-ams.rpki-client.org