Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/jsLKF-RcC5I4Ji3q3FPuwpySogY.roa
File: jsLKF-RcC5I4Ji3q3FPuwpySogY.roa (raw, json)
Hash identifier: Qjz83MrOCMNBhpm4HJ0CGqzOhPkIhzetTQGLW7dC/Kg=
Subject key identifier: 8E:C2:CA:17:E4:5C:0B:92:38:26:2D:EA:DC:53:EE:C2:9C:92:A2:06
Certificate issuer: /CN=25a89539520004270d34253bdc16d87784156e1a
Certificate serial: 018CC72765F97995F9597DE2A264776BCA89
Authority key identifier: 25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/jsLKF-RcC5I4Ji3q3FPuwpySogY.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210236
IP address blocks: 212.48.111.152/29 maxlen: 29
212.48.111.144/29 maxlen: 29
212.53.178.0/24 maxlen: 24
212.53.193.0/24 maxlen: 24
212.53.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 22:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:65:f9:79:95:f9:59:7d:e2:a2:64:77:6b:ca:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a89539520004270d34253bdc16d87784156e1a
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ec2ca17e45c0b9238262deadc53eec29c92a206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f9:bb:cf:8f:f6:9b:72:f7:dc:97:d8:b9:7c:
67:2d:a2:48:4b:93:26:bb:6f:b2:46:87:9c:bd:cc:
54:8f:74:48:d7:fa:7c:6d:05:e9:cd:1c:a4:a1:e2:
cd:34:95:ef:ba:26:a8:d5:a6:e2:77:d8:11:2a:9d:
08:7c:c2:b4:a8:a5:bf:b9:9a:27:4f:5c:66:4e:1f:
98:e9:01:a6:89:a5:c4:4d:b8:d4:8e:f5:46:9e:22:
1d:c5:8b:d8:75:24:1f:66:39:fb:1f:20:b1:80:3c:
de:77:53:ed:05:ef:71:dd:59:69:62:c7:4a:48:b1:
cc:d9:30:b7:bb:09:25:31:7d:19:40:43:a9:5c:be:
6e:e1:76:48:92:31:7d:3c:8f:34:ea:79:06:7f:28:
16:ab:f8:87:12:b1:a5:7a:4a:bd:5e:fc:ce:b5:c2:
ff:00:52:14:5c:f3:31:50:99:7d:91:05:11:48:71:
2f:0e:30:5d:2c:67:3d:71:1f:cd:4a:3a:d6:4c:76:
a7:e3:ee:14:ed:0a:d0:94:33:f7:e9:28:0d:00:37:
9e:54:86:8a:96:ac:a8:cf:e1:92:30:5b:12:b0:f5:
8f:f0:e9:9d:cc:57:cf:d6:72:63:ab:c4:b2:fc:53:
72:0e:6f:70:8c:c3:10:25:fc:f6:ac:8b:77:b7:5b:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C2:CA:17:E4:5C:0B:92:38:26:2D:EA:DC:53:EE:C2:9C:92:A2:06
X509v3 Authority Key Identifier:
keyid:25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/jsLKF-RcC5I4Ji3q3FPuwpySogY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.48.111.144/28
212.53.147.0/24
212.53.178.0/24
212.53.193.0/24
Signature Algorithm: sha256WithRSAEncryption
21:d3:b7:68:e2:2f:c4:09:b6:cf:64:83:0d:34:ee:72:8d:c0:
de:cc:34:1f:aa:99:c5:9f:db:87:0c:08:6e:86:bc:a0:a8:64:
1e:7c:a6:da:a3:b9:03:73:09:e3:b0:06:33:c5:b0:1c:90:9f:
b1:c2:08:11:98:1a:4f:18:07:96:c9:fb:1f:0b:9f:34:25:f2:
6c:c3:74:5a:e0:60:01:52:91:15:a9:93:75:77:9b:d1:ff:ac:
bb:78:3a:36:51:72:b8:fc:fc:26:d8:33:71:c5:87:d9:0f:77:
42:3b:d9:32:7a:84:ad:0e:6a:28:11:30:25:85:24:82:3b:5f:
e9:79:d5:70:9a:8f:73:1b:02:d7:77:96:c2:86:0b:cf:ef:83:
9c:f6:c3:f2:97:ba:51:4a:bb:3f:86:fc:f4:39:b4:8c:6f:92:
13:a6:4e:2f:51:26:5d:25:86:b0:ea:48:7b:61:c8:d6:7d:cb:
5a:f5:f6:99:a0:61:6a:df:13:e9:71:5d:19:79:6d:fa:b4:6d:
7e:a7:3d:63:08:ec:38:74:5c:f5:cd:46:56:af:ac:1a:00:df:
e2:16:44:e1:b5:20:4c:4c:33:3f:a1:f3:25:d9:0a:3e:dc:73:
af:13:f1:7f:70:6d:79:28:26:06:68:ec:9a:f3:90:5b:a1:fe:
f8:fa:0c:15
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzHJ2X5eZX5WX3iomR3a8qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTg5NTM5NTIwMDA0MjcwZDM0MjUzYmRjMTZkODc3ODQx
NTZlMWEwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWMyY2ExN2U0NWMwYjkyMzgyNjJkZWFkYzUzZWVjMjljOTJhMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/m7z4/2m3L33JfYuXxnLaJIS5Mm
u2+yRoecvcxUj3RI1/p8bQXpzRykoeLNNJXvuiao1abid9gRKp0IfMK0qKW/uZon
T1xmTh+Y6QGmiaXETbjUjvVGniIdxYvYdSQfZjn7HyCxgDzed1PtBe9x3VlpYsdK
SLHM2TC3uwklMX0ZQEOpXL5u4XZIkjF9PI806nkGfygWq/iHErGlekq9XvzOtcL/
AFIUXPMxUJl9kQURSHEvDjBdLGc9cR/NSjrWTHan4+4U7QrQlDP36SgNADeeVIaK
lqyoz+GSMFsSsPWP8OmdzFfP1nJjq8Sy/FNyDm9wjMMQJfz2rIt3t1ucVwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFI7CyhfkXAuSOCYt6txT7sKckqIGMB8GA1UdIwQY
MBaAFCWolTlSAAQnDTQlO9wW2HeEFW4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgt
ZDAwNTI2YjkxNjA1LzEvanNMS0YtUmNDNUk0SmkzcTNGUHV3cHlTb2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgtZDAwNTI2YjkxNjA1
LzEvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwUE1DBvkAME
ANQ1kwMEANQ1sgMEANQ1wTANBgkqhkiG9w0BAQsFAAOCAQEAIdO3aOIvxAm2z2SD
DTTuco3A3sw0H6qZxZ/bhwwIboa8oKhkHnym2qO5A3MJ47AGM8WwHJCfscIIEZga
TxgHlsn7HwufNCXybMN0WuBgAVKRFamTdXeb0f+su3g6NlFyuPz8JtgzccWH2Q93
QjvZMnqErQ5qKBEwJYUkgjtf6XnVcJqPcxsC13eWwoYLz++DnPbD8pe6UUq7P4b8
9Dm0jG+SE6ZOL1EmXSWGsOpIe2HI1n3LWvX2maBhat8T6XFdGXlt+rRtfqc9Ywjs
OHRc9c1GVq+sGgDf4hZE4bUgTEwzP6HzJdkKPtxzrxPxf3BteSgmBmjsmvOQW6H+
+PoMFQ==
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:40:49 2024 by rpki-client on console-ams.rpki-client.org