Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/JXA1xtoeSmUMJXek7H5hk0VQusg.roa
File: JXA1xtoeSmUMJXek7H5hk0VQusg.roa (raw, json)
Hash identifier: dYavNU4PJm6hfeeA84nQQWVgkaFfH5jkV6JuX0mfH0o=
Subject key identifier: 25:70:35:C6:DA:1E:4A:65:0C:25:77:A4:EC:7E:61:93:45:50:BA:C8
Certificate issuer: /CN=d3fc2b6fd754bf8f224d289ccf65c38dec272b3d
Certificate serial: 018D5EC2A8DB57F3819B336E985EDDCD1A7F
Authority key identifier: D3:FC:2B:6F:D7:54:BF:8F:22:4D:28:9C:CF:65:C3:8D:EC:27:2B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0_wrb9dUv48iTSicz2XDjewnKz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/JXA1xtoeSmUMJXek7H5hk0VQusg.roa
Signing time: Wed 31 Jan 2024 09:03:51 +0000
ROA not before: Wed 31 Jan 2024 09:03:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 185.84.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/0_wrb9dUv48iTSicz2XDjewnKz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/0_wrb9dUv48iTSicz2XDjewnKz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/0_wrb9dUv48iTSicz2XDjewnKz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:c2:a8:db:57:f3:81:9b:33:6e:98:5e:dd:cd:1a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3fc2b6fd754bf8f224d289ccf65c38dec272b3d
Validity
Not Before: Jan 31 09:03:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=257035c6da1e4a650c2577a4ec7e61934550bac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cf:f3:c6:f0:d7:b4:1b:08:66:12:98:d3:82:
51:22:58:4a:18:90:78:b3:bb:0c:e8:6e:a1:63:69:
c4:d3:15:b4:c5:8b:73:d5:4f:14:47:00:81:80:32:
f5:51:03:f5:1f:a6:df:24:58:f7:9d:58:60:f9:45:
41:c7:f7:42:b8:69:32:84:60:90:05:3c:95:21:44:
69:b8:88:2f:e2:fe:67:0e:cd:d1:19:fb:c0:b7:7f:
71:68:82:46:a2:f2:01:3d:1f:13:2a:40:e5:79:9e:
5c:21:39:d4:a6:2e:04:ce:96:c9:b3:91:a9:4f:4e:
0d:d6:30:70:a0:eb:06:93:c9:cf:f5:23:8d:3a:20:
65:c6:59:5c:e8:c0:48:ec:8b:63:12:70:79:79:53:
51:b4:9a:7c:c4:8f:ac:66:47:0d:2f:74:54:f3:7c:
63:3a:b2:c1:24:1a:94:d3:f4:78:48:be:c4:63:dd:
d4:5b:00:70:8c:80:36:a4:46:16:91:3a:01:c2:cb:
75:e8:b7:ae:1c:f7:82:96:91:3b:24:8b:3d:0c:30:
53:4d:d6:5a:35:e8:95:9f:b8:c2:df:bb:9c:24:ff:
db:57:92:09:b1:b9:b1:92:a8:56:18:bf:22:4d:e2:
15:11:64:bc:22:90:68:66:c2:bd:42:24:46:98:be:
08:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:70:35:C6:DA:1E:4A:65:0C:25:77:A4:EC:7E:61:93:45:50:BA:C8
X509v3 Authority Key Identifier:
keyid:D3:FC:2B:6F:D7:54:BF:8F:22:4D:28:9C:CF:65:C3:8D:EC:27:2B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_wrb9dUv48iTSicz2XDjewnKz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/JXA1xtoeSmUMJXek7H5hk0VQusg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/0_wrb9dUv48iTSicz2XDjewnKz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.225.0/24
Signature Algorithm: sha256WithRSAEncryption
64:54:67:e9:6c:20:3c:8c:78:44:b5:9d:1d:07:cd:0e:3b:b2:
17:86:87:25:b5:e8:b6:c6:83:0c:5c:37:3a:de:dd:48:f0:e8:
f3:df:7b:3a:44:b9:ca:63:d7:17:7d:08:4f:34:9e:f1:0f:75:
b4:05:c9:6b:2d:a3:bd:63:f8:f7:70:4d:96:b3:7b:15:0c:d8:
a4:48:be:bc:26:76:44:c8:21:4c:92:1c:b0:4b:da:7f:f0:dd:
91:3b:3a:7b:86:d7:42:1f:72:d9:d1:74:cc:7d:62:d9:f4:93:
fd:74:4e:e1:36:98:78:fa:d3:8c:e2:be:67:76:0c:c4:a5:31:
79:07:b9:2c:e7:15:77:68:2b:f4:3c:e6:56:d0:3f:05:f3:3a:
2a:d7:22:f1:ce:4b:c4:f9:3b:08:f0:93:44:d1:fb:cb:fd:2b:
d9:e5:2a:a5:cc:1c:85:d1:80:8b:bf:b8:fb:e9:ab:52:79:1a:
9f:e8:24:48:da:ce:7d:b3:2a:6a:2d:88:e2:48:af:37:ed:2c:
f5:da:34:62:5d:b7:13:f7:e4:66:ab:7a:ea:c9:29:87:5c:68:
af:b9:19:f3:ae:e7:e1:85:1b:6f:9a:12:40:97:a5:97:10:8a:
46:f3:da:14:49:fd:41:be:b9:ea:cd:e2:ee:80:41:32:ff:a9:
ee:11:c5:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ewqjbV/OBmzNumF7dzRp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZmMyYjZmZDc1NGJmOGYyMjRkMjg5Y2NmNjVjMzhkZWMy
NzJiM2QwHhcNMjQwMTMxMDkwMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTcwMzVjNmRhMWU0YTY1MGMyNTc3YTRlYzdlNjE5MzQ1NTBiYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs/zxvDXtBsIZhKY04JRIlhKGJB4
s7sM6G6hY2nE0xW0xYtz1U8URwCBgDL1UQP1H6bfJFj3nVhg+UVBx/dCuGkyhGCQ
BTyVIURpuIgv4v5nDs3RGfvAt39xaIJGovIBPR8TKkDleZ5cITnUpi4EzpbJs5Gp
T04N1jBwoOsGk8nP9SONOiBlxllc6MBI7ItjEnB5eVNRtJp8xI+sZkcNL3RU83xj
OrLBJBqU0/R4SL7EY93UWwBwjIA2pEYWkToBwst16LeuHPeClpE7JIs9DDBTTdZa
NeiVn7jC37ucJP/bV5IJsbmxkqhWGL8iTeIVEWS8IpBoZsK9QiRGmL4IQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVwNcbaHkplDCV3pOx+YZNFULrIMB8GA1UdIwQY
MBaAFNP8K2/XVL+PIk0onM9lw43sJys9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF93cmI5ZFV2NDhpVFNpY3oyWERqZXduS3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jZTdkZTMtYmUzMC00MThmLWI5NjUt
YzY5NmE3YjdmYzU3LzEvSlhBMXh0b2VTbVVNSlhlazdINWhrMFZRdXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jZTdkZTMtYmUzMC00MThmLWI5NjUtYzY5NmE3YjdmYzU3
LzEvMF93cmI5ZFV2NDhpVFNpY3oyWERqZXduS3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVThMA0G
CSqGSIb3DQEBCwUAA4IBAQBkVGfpbCA8jHhEtZ0dB80OO7IXhocltei2xoMMXDc6
3t1I8Ojz33s6RLnKY9cXfQhPNJ7xD3W0BclrLaO9Y/j3cE2Ws3sVDNikSL68JnZE
yCFMkhywS9p/8N2ROzp7htdCH3LZ0XTMfWLZ9JP9dE7hNph4+tOM4r5ndgzEpTF5
B7ks5xV3aCv0POZW0D8F8zoq1yLxzkvE+TsI8JNE0fvL/SvZ5SqlzByF0YCLv7j7
6atSeRqf6CRI2s59sypqLYjiSK837Sz12jRiXbcT9+Rmq3rqySmHXGivuRnzrufh
hRtvmhJAl6WXEIpG89oUSf1BvrnqzeLugEEy/6nuEcU1
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:47:32 2024 by rpki-client on console-fra.rpki-client.org