Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/JV2k_KyZFj6EIOU_1LTqH7G3lZA.roa
File: JV2k_KyZFj6EIOU_1LTqH7G3lZA.roa (raw, json)
Hash identifier: 9B70SyyKn90M2W+GLxXdB4/6s5sk5U9IxN4hiBR7V/M=
Subject key identifier: 25:5D:A4:FC:AC:99:16:3E:84:20:E5:3F:D4:B4:EA:1F:B1:B7:95:90
Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Certificate serial: 018CC348FD7742B6B411C6703DA9E6D57BCA
Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/JV2k_KyZFj6EIOU_1LTqH7G3lZA.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13287
IP address blocks: 185.127.128.0/24 maxlen: 24
185.127.131.0/24 maxlen: 24
185.127.130.0/24 maxlen: 24
2a06:c980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.mft
rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fd:77:42:b6:b4:11:c6:70:3d:a9:e6:d5:7b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=255da4fcac99163e8420e53fd4b4ea1fb1b79590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b1:e5:30:48:83:92:d6:46:bb:82:68:32:eb:
14:1b:52:cc:8e:f8:f8:8f:bf:2a:e8:91:13:1d:de:
12:1e:71:a0:71:19:07:9c:36:79:43:36:20:ff:7d:
f2:4f:05:32:86:1e:43:d6:cb:10:7e:d2:31:97:cc:
1c:53:94:2a:bf:df:47:88:0e:5c:88:ea:b7:38:b0:
b1:8f:1d:19:aa:3d:a6:0c:85:a1:e0:5b:3e:9d:6e:
4a:33:67:58:ed:b2:e6:4f:32:4a:55:44:9a:1c:71:
89:79:75:eb:52:0b:b8:cc:18:75:d0:ba:59:86:bf:
57:f6:11:a2:b4:25:62:b5:86:04:94:0c:6e:93:2b:
2f:fe:f7:f8:c6:79:d2:ec:4c:69:8c:c0:c5:0f:fd:
d2:b2:60:0b:89:53:4d:50:11:23:be:1b:c3:c6:92:
25:b8:51:47:86:d6:75:4d:b2:27:28:94:49:41:25:
e0:ca:f2:26:3f:b7:72:e1:67:bf:81:ae:20:25:49:
bb:be:82:82:b9:a0:8f:5f:0a:37:bb:75:ff:ce:8b:
55:28:62:72:e2:8e:dd:49:c2:3e:4c:4f:fb:47:51:
29:5f:dc:92:fb:a8:54:f8:b1:59:f4:a9:98:00:bd:
03:b7:5b:83:63:9f:ba:d6:1b:2e:13:35:a3:81:17:
4a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5D:A4:FC:AC:99:16:3E:84:20:E5:3F:D4:B4:EA:1F:B1:B7:95:90
X509v3 Authority Key Identifier:
keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/JV2k_KyZFj6EIOU_1LTqH7G3lZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.128.0/24
185.127.130.0/23
IPv6:
2a06:c980::/29
Signature Algorithm: sha256WithRSAEncryption
71:29:10:d4:a3:5e:e9:22:95:d2:e7:26:7d:1f:40:e6:37:5d:
35:41:53:a1:9a:be:03:a0:ae:d3:ae:62:e2:e1:ab:dc:ba:a5:
1e:73:12:14:c0:a8:e5:82:db:6b:8b:fa:a9:2e:bd:e9:40:39:
dc:3c:97:2c:93:3b:b0:a2:56:92:f3:9c:f7:e3:bf:18:54:4d:
39:1e:36:13:7a:3e:bb:f8:ef:dd:89:34:ac:e9:10:4b:56:2a:
ce:ce:a5:f8:6c:8f:36:82:39:f1:00:e9:f9:25:35:b7:f9:33:
8e:77:6b:9d:66:b7:d9:fa:ac:69:80:35:10:90:1a:af:7a:5a:
f7:37:df:c0:7e:2d:c2:5b:90:27:1c:b2:e3:ea:a1:29:59:7f:
3d:d0:34:ba:48:b6:a2:51:e0:a7:6b:4a:80:e8:ca:d8:13:29:
46:f6:2c:21:59:b0:0c:e7:dc:5f:79:42:be:7c:5a:2d:f8:96:
f9:2e:df:6f:68:65:43:2e:28:93:cd:38:7e:77:0a:d8:a5:c0:
89:fa:1f:6b:10:33:01:bd:c3:b2:05:7a:22:1f:8c:62:d2:57:
ea:18:19:94:c1:a2:f4:3f:4f:b9:ba:7e:6d:48:f3:0a:64:b6:
54:47:3a:39:5c:00:64:02:15:ba:73:fc:e4:39:f9:49:71:b6:
c4:b7:40:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSP13Qra0EcZwPanm1XvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi
MzMyNzgwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVkYTRmY2FjOTkxNjNlODQyMGU1M2ZkNGI0ZWExZmIxYjc5NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7HlMEiDktZGu4JoMusUG1LMjvj4
j78q6JETHd4SHnGgcRkHnDZ5QzYg/33yTwUyhh5D1ssQftIxl8wcU5Qqv99HiA5c
iOq3OLCxjx0Zqj2mDIWh4Fs+nW5KM2dY7bLmTzJKVUSaHHGJeXXrUgu4zBh10LpZ
hr9X9hGitCVitYYElAxukysv/vf4xnnS7ExpjMDFD/3SsmALiVNNUBEjvhvDxpIl
uFFHhtZ1TbInKJRJQSXgyvImP7dy4We/ga4gJUm7voKCuaCPXwo3u3X/zotVKGJy
4o7dScI+TE/7R1EpX9yS+6hU+LFZ9KmYAL0Dt1uDY5+61hsuEzWjgRdKtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCVdpPysmRY+hCDlP9S06h+xt5WQMB8GA1UdIwQY
MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt
MzA1ZDQxZDUzYTY1LzEvSlYya19LeVpGajZFSU9VXzFMVHFIN0czbFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1
LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuX+AAwQB
uX+CMA0EAgACMAcDBQMqBsmAMA0GCSqGSIb3DQEBCwUAA4IBAQBxKRDUo17pIpXS
5yZ9H0DmN101QVOhmr4DoK7TrmLi4avcuqUecxIUwKjlgttri/qpLr3pQDncPJcs
kzuwolaS85z3478YVE05HjYTej67+O/diTSs6RBLVirOzqX4bI82gjnxAOn5JTW3
+TOOd2udZrfZ+qxpgDUQkBqvelr3N9/Afi3CW5AnHLLj6qEpWX890DS6SLaiUeCn
a0qA6MrYEylG9iwhWbAM59xfeUK+fFot+Jb5Lt9vaGVDLiiTzTh+dwrYpcCJ+h9r
EDMBvcOyBXoiH4xi0lfqGBmUwaL0P0+5un5tSPMKZLZURzo5XABkAhW6c/zkOflJ
cbbEt0Bi
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:34:01 2024 by rpki-client on console-ams.rpki-client.org