Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/JP8GFfIjtcLaWAeZJCZiKgUtUhM.roa
File: JP8GFfIjtcLaWAeZJCZiKgUtUhM.roa (raw, json)
Hash identifier: 50zYqbl0Ndjdexl4YDgb72EOH5If1i84ioyBl3h1iYc=
Subject key identifier: 24:FF:06:15:F2:23:B5:C2:DA:58:07:99:24:26:62:2A:05:2D:52:13
Certificate issuer: /CN=5227b36e829e4d8565ed65748e1b1c93ccd00cee
Certificate serial: 01919E832E378D9731AA4512717B264C06B7
Authority key identifier: 52:27:B3:6E:82:9E:4D:85:65:ED:65:74:8E:1B:1C:93:CC:D0:0C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiezboKeTYVl7WV0jhsck8zQDO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/JP8GFfIjtcLaWAeZJCZiKgUtUhM.roa
Signing time: Thu 29 Aug 2024 14:21:22 +0000
ROA not before: Thu 29 Aug 2024 14:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48940
IP address blocks: 95.181.248.0/21 maxlen: 21
95.181.248.0/22 maxlen: 22
95.181.248.0/23 maxlen: 23
95.181.250.0/23 maxlen: 23
95.181.252.0/22 maxlen: 22
95.181.252.0/23 maxlen: 23
95.181.254.0/23 maxlen: 23
185.78.32.0/22 maxlen: 22
185.78.32.0/23 maxlen: 23
185.78.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/UiezboKeTYVl7WV0jhsck8zQDO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/UiezboKeTYVl7WV0jhsck8zQDO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UiezboKeTYVl7WV0jhsck8zQDO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:83:2e:37:8d:97:31:aa:45:12:71:7b:26:4c:06:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5227b36e829e4d8565ed65748e1b1c93ccd00cee
Validity
Not Before: Aug 29 14:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24ff0615f223b5c2da5807992426622a052d5213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:90:b1:41:69:2a:25:1f:7d:8b:b9:fe:8a:
51:24:4e:91:4f:62:af:d2:9f:f6:97:38:1c:30:62:
e9:1d:3c:bf:52:ad:c1:b0:e9:64:b8:e0:e5:c6:9d:
59:0c:2b:c7:1a:b4:77:65:e0:6e:bb:9f:43:e2:9f:
e6:5e:2e:81:cd:08:a8:4c:b3:4f:61:a3:f9:e3:80:
ee:16:94:87:61:c7:86:ef:c3:32:c6:a3:63:2f:21:
93:df:41:a7:60:8d:ba:31:cd:bd:4c:d0:5c:48:d0:
20:84:e6:8e:c0:2c:f3:0d:4f:d2:b3:96:34:09:9c:
be:c5:54:4e:b1:1e:a8:18:08:e3:98:ac:77:f3:04:
6b:fd:a5:34:b8:76:4b:68:da:92:f4:08:f1:95:6c:
80:8d:a1:7f:07:91:3c:6a:7b:a1:fe:4f:74:dc:2e:
4a:11:a8:1f:df:a9:35:10:f4:2c:5b:1a:35:7e:19:
79:99:8e:34:84:b7:f4:fc:15:45:3a:94:b8:b9:21:
a4:f6:b5:d3:bb:e7:b5:3c:c9:d5:42:4c:30:78:46:
80:79:b6:42:aa:77:04:eb:17:46:b6:5b:56:32:52:
8e:ef:c7:b3:2b:11:f7:4d:99:4a:e4:d5:f1:e7:db:
42:ef:39:ac:85:34:c8:8a:8d:78:82:06:9d:8d:6b:
50:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FF:06:15:F2:23:B5:C2:DA:58:07:99:24:26:62:2A:05:2D:52:13
X509v3 Authority Key Identifier:
keyid:52:27:B3:6E:82:9E:4D:85:65:ED:65:74:8E:1B:1C:93:CC:D0:0C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiezboKeTYVl7WV0jhsck8zQDO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/JP8GFfIjtcLaWAeZJCZiKgUtUhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/a7ae11-121a-4f22-be3f-e907af07ff11/1/UiezboKeTYVl7WV0jhsck8zQDO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.248.0/21
185.78.32.0/22
Signature Algorithm: sha256WithRSAEncryption
46:46:b5:76:c5:8c:53:f3:84:89:62:15:51:be:28:52:34:bb:
31:2d:45:00:4b:83:80:f1:88:3a:4c:64:dd:b2:ca:98:56:73:
25:f0:aa:b5:17:95:91:0d:c9:4b:32:29:fb:ad:33:3b:28:c9:
74:0e:6f:6f:20:e3:84:f5:8b:55:90:04:6e:6f:44:2f:d1:db:
a8:35:70:04:b8:9f:5b:64:21:e4:ff:2c:78:b9:4b:ee:8f:ad:
4d:e9:b2:2f:06:72:a3:29:27:2f:87:3d:01:ef:ec:8f:5b:dc:
4f:67:ca:cf:96:5d:bd:24:65:5b:9e:ec:95:a0:60:30:58:12:
93:26:d3:1d:60:80:c2:62:51:a2:3e:1a:fb:de:a9:65:03:dd:
13:10:db:f9:27:c0:2f:0e:38:3c:b9:fd:8b:3a:ef:7a:d2:15:
19:27:bc:55:ca:7c:66:8c:32:4c:e7:26:28:0e:1e:69:93:bd:
80:7b:14:0d:dd:b1:7e:7c:5e:58:89:82:40:f2:1d:22:f6:2f:
1c:6c:09:c7:83:c5:c8:08:92:3f:0e:83:39:ed:e2:55:97:72:
dd:6d:b6:47:ea:a7:1d:d1:1f:a6:ce:c4:b5:a7:73:a5:ce:5d:
9e:8c:3d:12:ad:16:b8:95:83:20:29:b6:d3:91:7f:9a:9a:11:
6b:23:b0:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGegy43jZcxqkUScXsmTAa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMjdiMzZlODI5ZTRkODU2NWVkNjU3NDhlMWIxYzkzY2Nk
MDBjZWUwHhcNMjQwODI5MTQyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZmMDYxNWYyMjNiNWMyZGE1ODA3OTkyNDI2NjIyYTA1MmQ1MjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAGQsUFpKiUffYu5/opRJE6RT2Kv
0p/2lzgcMGLpHTy/Uq3BsOlkuODlxp1ZDCvHGrR3ZeBuu59D4p/mXi6BzQioTLNP
YaP544DuFpSHYceG78MyxqNjLyGT30GnYI26Mc29TNBcSNAghOaOwCzzDU/Ss5Y0
CZy+xVROsR6oGAjjmKx38wRr/aU0uHZLaNqS9AjxlWyAjaF/B5E8anuh/k903C5K
Eagf36k1EPQsWxo1fhl5mY40hLf0/BVFOpS4uSGk9rXTu+e1PMnVQkwweEaAebZC
qncE6xdGtltWMlKO78ezKxH3TZlK5NXx59tC7zmshTTIio14ggadjWtQawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCT/BhXyI7XC2lgHmSQmYioFLVITMB8GA1UdIwQY
MBaAFFIns26Cnk2FZe1ldI4bHJPM0AzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWllemJvS2VUWVZsN1dWMGpoc2NrOHpRRE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hN2FlMTEtMTIxYS00ZjIyLWJlM2Yt
ZTkwN2FmMDdmZjExLzEvSlA4R0ZmSWp0Y0xhV0FlWkpDWmlLZ1V0VWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hN2FlMTEtMTIxYS00ZjIyLWJlM2YtZTkwN2FmMDdmZjEx
LzEvVWllemJvS2VUWVZsN1dWMGpoc2NrOHpRRE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX7X4AwQC
uU4gMA0GCSqGSIb3DQEBCwUAA4IBAQBGRrV2xYxT84SJYhVRvihSNLsxLUUAS4OA
8Yg6TGTdssqYVnMl8Kq1F5WRDclLMin7rTM7KMl0Dm9vIOOE9YtVkARub0Qv0duo
NXAEuJ9bZCHk/yx4uUvuj61N6bIvBnKjKScvhz0B7+yPW9xPZ8rPll29JGVbnuyV
oGAwWBKTJtMdYIDCYlGiPhr73qllA90TENv5J8AvDjg8uf2LOu960hUZJ7xVynxm
jDJM5yYoDh5pk72AexQN3bF+fF5YiYJA8h0i9i8cbAnHg8XICJI/DoM57eJVl3Ld
bbZH6qcd0R+mzsS1p3Olzl2ejD0SrRa4lYMgKbbTkX+amhFrI7B3
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:23:32 2024 by rpki-client on console-fra.rpki-client.org