Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/JOCjXzEEj6jLZ1bDz76_hQFJIHI.roa
File: JOCjXzEEj6jLZ1bDz76_hQFJIHI.roa (raw, json)
Hash identifier: 1e6xFOgHxSXAVf6z5Ww7KFpsIeMNAOX58klXLaO9VXo=
Subject key identifier: 24:E0:A3:5F:31:04:8F:A8:CB:67:56:C3:CF:BE:BF:85:01:49:20:72
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 018F62D328C949C7D31E3A22A8D5B5B9EA3A
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/JOCjXzEEj6jLZ1bDz76_hQFJIHI.roa
Signing time: Fri 10 May 2024 14:05:56 +0000
ROA not before: Fri 10 May 2024 14:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39347
IP address blocks: 89.33.88.0/21 maxlen: 21
89.33.89.0/24 maxlen: 24
89.33.90.0/23 maxlen: 23
89.33.94.0/23 maxlen: 23
93.119.176.0/23 maxlen: 23
93.119.176.0/24 maxlen: 24
93.119.177.0/24 maxlen: 24
93.119.182.0/23 maxlen: 23
185.122.221.0/24 maxlen: 24
185.122.222.0/24 maxlen: 24
2a06:a880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:d3:28:c9:49:c7:d3:1e:3a:22:a8:d5:b5:b9:ea:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: May 10 14:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24e0a35f31048fa8cb6756c3cfbebf8501492072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cc:a7:52:6c:24:ac:51:08:68:9b:f0:be:34:
c9:b6:c0:9f:21:d2:be:fd:70:8a:bc:89:8b:97:76:
26:30:14:19:63:17:27:b2:f6:c8:34:fa:35:3f:ad:
9e:d1:63:51:92:db:71:78:79:36:58:7c:23:92:61:
fb:e2:0d:5f:b9:db:26:a2:2c:3d:d7:64:04:26:a6:
c8:e7:5c:0d:ba:34:8c:68:56:e7:b9:ec:c0:22:04:
47:84:ac:f9:49:3a:99:7a:5a:0d:11:b3:08:28:e0:
d3:b2:11:82:bc:65:73:24:80:98:47:18:b0:83:05:
cd:8a:f1:4b:c6:7f:c9:e6:5d:8b:78:74:6c:15:ff:
a5:87:bc:30:e4:20:76:fe:d3:08:8c:01:67:7f:84:
bb:31:24:82:80:77:e2:8c:4c:3b:1d:a5:6a:9e:a6:
5a:33:59:c6:ab:10:0e:3f:83:a2:25:4a:c4:74:0b:
01:85:94:49:6f:e0:60:a1:23:7f:c0:0e:1d:99:a8:
15:fe:38:2f:e0:b6:78:b5:8d:c0:50:f1:81:6a:a6:
9d:ed:1d:64:7c:e1:7b:2b:74:75:55:98:a0:08:4b:
09:08:c1:57:44:3c:b5:2e:91:c5:5b:6d:21:16:d9:
f4:fb:a0:05:41:5f:a1:5e:b4:f8:87:9a:88:66:30:
ed:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E0:A3:5F:31:04:8F:A8:CB:67:56:C3:CF:BE:BF:85:01:49:20:72
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/JOCjXzEEj6jLZ1bDz76_hQFJIHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.88.0/21
93.119.176.0/23
93.119.182.0/23
185.122.221.0-185.122.222.255
IPv6:
2a06:a880::/48
Signature Algorithm: sha256WithRSAEncryption
89:a7:2c:7f:58:fc:3c:f2:5c:a0:95:8d:cd:67:2d:ac:17:9a:
2e:58:c3:ee:7c:f7:1e:e1:3b:35:84:03:e6:fd:69:f9:ca:3a:
ff:00:7e:b1:b3:5e:56:90:07:0d:7e:bb:7c:25:f8:2c:88:33:
4e:c7:39:52:1b:09:57:f9:d2:51:d3:5d:2d:83:be:00:20:33:
1c:e3:95:d9:17:e7:09:8a:be:3f:41:bf:1e:5b:c3:82:d6:b6:
c9:60:e4:03:c8:cc:16:3a:64:16:18:a7:0a:5d:21:11:af:e9:
ec:83:89:74:b1:51:c4:77:a7:b3:12:58:e9:de:04:70:68:00:
aa:0f:51:9b:b3:f3:d1:a3:04:53:a6:51:60:f8:1b:04:0d:80:
00:c3:70:d7:b4:b1:1f:5d:cf:b1:37:9f:ee:77:a6:c9:d5:9e:
39:a9:ea:8a:6d:4b:91:8e:33:4d:2c:a5:5e:ed:03:9c:b1:18:
cd:6a:3c:37:74:ac:5e:fb:8f:c8:81:d9:05:3e:b1:56:f2:9b:
17:49:7b:3d:90:28:7c:74:48:fc:40:95:fd:4c:85:65:b4:24:
89:0b:22:36:90:02:93:96:6a:bb:ee:3b:f6:06:6d:2f:80:7d:
64:c6:07:b7:b8:ff:c7:e5:91:10:33:40:21:4f:ca:9d:90:8e:
bb:4e:fb:91
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY9i0yjJScfTHjoiqNW1ueo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzA1OTFlMmViNDlkMDU1OWU2ZmNlN2VlMmFhODFmMGY1
OWJhNmYwHhcNMjQwNTEwMTQwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUwYTM1ZjMxMDQ4ZmE4Y2I2NzU2YzNjZmJlYmY4NTAxNDkyMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cynUmwkrFEIaJvwvjTJtsCfIdK+
/XCKvImLl3YmMBQZYxcnsvbINPo1P62e0WNRkttxeHk2WHwjkmH74g1fudsmoiw9
12QEJqbI51wNujSMaFbnuezAIgRHhKz5STqZeloNEbMIKODTshGCvGVzJICYRxiw
gwXNivFLxn/J5l2LeHRsFf+lh7ww5CB2/tMIjAFnf4S7MSSCgHfijEw7HaVqnqZa
M1nGqxAOP4OiJUrEdAsBhZRJb+BgoSN/wA4dmagV/jgv4LZ4tY3AUPGBaqad7R1k
fOF7K3R1VZigCEsJCMFXRDy1LpHFW20hFtn0+6AFQV+hXrT4h5qIZjDtbQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCTgo18xBI+oy2dWw8++v4UBSSByMB8GA1UdIwQY
MBaAFMPAWR4utJ0FWeb85+4qqB8PWbpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQt
ZTM0MDcxNzQ2NjNiLzEvSk9Dalh6RUVqNmpMWjFiRHo3Nl9oUUZKSUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQtZTM0MDcxNzQ2NjNi
LzEvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQDWSFYAwQB
XXewAwQBXXe2MAwDBAC5et0DBAC5et4wDwQCAAIwCQMHACoGqIAAADANBgkqhkiG
9w0BAQsFAAOCAQEAiacsf1j8PPJcoJWNzWctrBeaLljD7nz3HuE7NYQD5v1p+co6
/wB+sbNeVpAHDX67fCX4LIgzTsc5UhsJV/nSUdNdLYO+ACAzHOOV2RfnCYq+P0G/
HlvDgta2yWDkA8jMFjpkFhinCl0hEa/p7IOJdLFRxHensxJY6d4EcGgAqg9Rm7Pz
0aMEU6ZRYPgbBA2AAMNw17SxH13PsTef7nemydWeOanqim1LkY4zTSylXu0DnLEY
zWo8N3SsXvuPyIHZBT6xVvKbF0l7PZAofHRI/ECV/UyFZbQkiQsiNpACk5Zqu+47
9gZtL4B9ZMYHt7j/x+WREDNAIU/KnZCOu077kQ==
-----END CERTIFICATE-----
Generated at Thu May 23 03:16:32 2024 by rpki-client on console-ams.rpki-client.org