Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/JvC2JdG3hfGkVUXNDNobvLTMzuQ.roa
File: JvC2JdG3hfGkVUXNDNobvLTMzuQ.roa (raw, json)
Hash identifier: 2hlprpvYwqwIpcyRe97Fy9yGjH4FCEn/iX3+4+BHBLE=
Subject key identifier: 26:F0:B6:25:D1:B7:85:F1:A4:55:45:CD:0C:DA:1B:BC:B4:CC:CE:E4
Certificate issuer: /CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Certificate serial: 018CC56EC6E4E76D5E6BBA0B8C49E03F0D38
Authority key identifier: B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/JvC2JdG3hfGkVUXNDNobvLTMzuQ.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212865
IP address blocks: 62.65.144.0/21 maxlen: 21
62.65.141.0/24 maxlen: 24
62.65.142.0/24 maxlen: 24
62.65.143.0/24 maxlen: 24
62.65.153.0/24 maxlen: 24
62.65.156.0/23 maxlen: 23
62.65.154.0/23 maxlen: 23
62.65.158.0/24 maxlen: 24
94.78.2.0/24 maxlen: 24
94.78.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c6:e4:e7:6d:5e:6b:ba:0b:8c:49:e0:3f:0d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26f0b625d1b785f1a45545cd0cda1bbcb4cccee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:40:c4:2f:77:d6:9f:18:11:77:7a:71:04:3c:
3e:28:48:36:45:01:88:81:cc:90:4b:14:6b:c0:8b:
0d:1a:cb:19:c4:ef:75:ac:f5:19:fa:f5:5d:6a:1d:
9a:00:34:5f:d5:8f:28:49:97:be:dd:cb:0a:8f:39:
cb:5e:6e:26:b8:57:88:0e:e0:71:56:62:a8:6e:2b:
db:d7:51:4c:f1:6b:96:e5:59:3e:c6:12:89:03:fc:
c7:4a:9f:90:aa:82:37:a2:fe:dc:e4:75:92:67:ec:
22:8c:5a:2b:e1:9d:67:74:d9:92:62:2e:b8:1c:f2:
0a:2d:80:c6:f5:c8:96:43:a4:48:d1:1a:c1:41:68:
69:95:12:bf:5d:fb:78:22:ee:91:94:fb:34:0c:ab:
03:3c:0e:3d:0e:0a:1a:64:d9:ce:14:bd:d7:40:47:
ca:76:e5:d0:c2:35:15:b3:d1:ad:d0:1c:96:58:0b:
9e:c7:9b:d0:d5:51:7f:1b:17:55:01:26:b6:b1:28:
6b:72:54:27:6c:06:0b:f9:4c:b2:57:5a:c2:77:87:
55:3a:16:fd:71:be:fb:3f:7d:65:17:54:0f:7a:c8:
71:1d:48:68:42:30:7c:a8:21:d6:93:20:63:71:f2:
5a:a2:07:7e:57:1f:34:20:1a:6c:12:49:91:68:48:
f1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F0:B6:25:D1:B7:85:F1:A4:55:45:CD:0C:DA:1B:BC:B4:CC:CE:E4
X509v3 Authority Key Identifier:
keyid:B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/JvC2JdG3hfGkVUXNDNobvLTMzuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.141.0-62.65.151.255
62.65.153.0-62.65.158.255
94.78.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:89:e5:f1:f4:e1:ae:e4:32:65:0f:06:09:9d:50:23:8d:cd:
ff:b9:23:1d:f6:9d:6f:fa:47:6f:5b:5e:88:e1:f1:e7:7f:18:
fe:42:97:a8:52:c6:31:1e:6e:8b:07:b6:97:28:17:a5:0f:d3:
5f:14:90:8d:3b:e2:ab:16:bf:e8:e6:05:eb:ac:f9:7d:a3:78:
7d:cd:be:2f:01:b0:ca:15:47:b1:d0:cb:9b:33:e7:5b:9d:3e:
90:8c:b6:8e:26:6f:5f:8c:6d:63:fd:aa:ee:7d:ba:b1:10:4b:
2f:03:93:47:84:ac:f0:c0:99:d4:0b:92:b1:f7:fb:32:48:82:
30:c1:76:f9:91:68:24:d7:c5:36:1c:42:96:ac:44:cc:8b:61:
91:64:5a:f4:fa:5c:8a:40:d4:dd:99:1d:5d:bc:a8:bf:d8:af:
e9:ed:0f:e1:63:b1:b9:cc:64:8b:09:af:14:62:b8:f4:77:aa:
36:88:85:19:fd:7f:d8:61:d7:89:56:69:5a:e4:b7:a8:e6:47:
7e:83:23:0b:5f:69:45:1f:49:d7:88:4a:cc:11:c1:16:65:91:
af:69:da:54:4c:0b:7f:9b:43:ee:c4:b9:bb:4c:88:24:f9:49:
b5:dc:a3:4f:e4:e0:b0:7d:4f:e9:3d:77:c9:67:6e:90:9b:b2:
7c:81:a7:c9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbsbk521ea7oLjEngPw04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjBkMzM0MzJlY2E3N2MwNTRlOGZhODcwNzI0OGRhNGU0
N2RiMGIwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmYwYjYyNWQxYjc4NWYxYTQ1NTQ1Y2QwY2RhMWJiY2I0Y2NjZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkDEL3fWnxgRd3pxBDw+KEg2RQGI
gcyQSxRrwIsNGssZxO91rPUZ+vVdah2aADRf1Y8oSZe+3csKjznLXm4muFeIDuBx
VmKobivb11FM8WuW5Vk+xhKJA/zHSp+QqoI3ov7c5HWSZ+wijFor4Z1ndNmSYi64
HPIKLYDG9ciWQ6RI0RrBQWhplRK/Xft4Iu6RlPs0DKsDPA49DgoaZNnOFL3XQEfK
duXQwjUVs9Gt0ByWWAuex5vQ1VF/GxdVASa2sShrclQnbAYL+UyyV1rCd4dVOhb9
cb77P31lF1QPeshxHUhoQjB8qCHWkyBjcfJaogd+Vx80IBpsEkmRaEjxbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCbwtiXRt4XxpFVFzQzaG7y0zM7kMB8GA1UdIwQY
MBaAFLmw0zQy7Kd8BU6PqHBySNpOR9sLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQt
ZDE5NmY5MjkxNzMyLzEvSnZDMkpkRzNoZkdrVlVYTkROb2J2TFRNenVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQtZDE5NmY5MjkxNzMy
LzEvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAA+QY0D
BAM+QZAwDAMEAD5BmQMEAD5BngMEAV5OAjANBgkqhkiG9w0BAQsFAAOCAQEADInl
8fThruQyZQ8GCZ1QI43N/7kjHfadb/pHb1teiOHx538Y/kKXqFLGMR5uiwe2lygX
pQ/TXxSQjTviqxa/6OYF66z5faN4fc2+LwGwyhVHsdDLmzPnW50+kIy2jiZvX4xt
Y/2q7n26sRBLLwOTR4Ss8MCZ1AuSsff7MkiCMMF2+ZFoJNfFNhxClqxEzIthkWRa
9PpcikDU3ZkdXbyov9iv6e0P4WOxucxkiwmvFGK49HeqNoiFGf1/2GHXiVZpWuS3
qOZHfoMjC19pRR9J14hKzBHBFmWRr2naVEwLf5tD7sS5u0yIJPlJtdyjT+TgsH1P
6T13yWdukJuyfIGnyQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 19:56:54 2024 by rpki-client on console-ams.rpki-client.org