Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JC20gsrYVnlT19eGSJNznpMLEEg.roa
File: JC20gsrYVnlT19eGSJNznpMLEEg.roa (raw, json)
Hash identifier: +vxNN00I5ZMyhZpVE3m/GpsniRWah+9qBQtwwrxvu04=
Subject key identifier: 24:2D:B4:82:CA:D8:56:79:53:D7:D7:86:48:93:73:9E:93:0B:10:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019289F5ADB96FF458F04F26F5007934EEDB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JC20gsrYVnlT19eGSJNznpMLEEg.roa
Signing time: Mon 14 Oct 2024 07:37:12 +0000
ROA not before: Mon 14 Oct 2024 07:37:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 192.124.183.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.57.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:f5:ad:b9:6f:f4:58:f0:4f:26:f5:00:79:34:ee:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 07:37:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=242db482cad8567953d7d7864893739e930b1048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5c:2f:02:8c:51:dd:35:a3:6b:b0:f0:95:7d:
70:29:e8:76:5f:2c:69:19:c0:4d:b4:4e:ea:81:5d:
13:27:06:63:c4:88:0c:00:ed:cc:5d:51:56:0e:8b:
73:46:dc:d2:71:c7:88:a5:64:5e:27:b2:39:a2:36:
a9:31:c9:93:b5:e2:eb:f0:6a:89:84:02:43:c1:3a:
dc:b6:41:7a:67:90:25:14:e8:7f:06:ec:cc:ea:ce:
81:53:9e:1a:c2:9e:fd:c8:47:49:67:56:eb:cc:ab:
1e:c5:83:72:d7:3f:88:51:09:f7:38:90:fd:26:c6:
63:82:e1:a2:ac:09:d6:d5:06:8e:b3:68:4b:9f:c9:
3a:cb:f0:42:3b:44:7a:16:75:da:10:5d:4f:e0:b8:
50:bf:66:9c:a9:e7:6c:48:0a:0e:2f:6c:a3:68:cb:
3d:65:e8:b9:a8:2d:e2:1a:4c:55:7d:6d:aa:3f:5c:
3a:65:d1:7c:f6:d5:f2:cf:3b:dc:0e:f6:31:69:8c:
dd:9f:dc:eb:ce:60:36:44:46:0b:c0:7a:96:4f:b5:
c8:e2:82:f1:f4:97:cf:0a:96:0d:3f:c0:61:2c:51:
7f:62:ff:96:ec:43:66:3b:1d:06:9b:30:7a:cd:0f:
87:05:9b:f7:8c:73:fe:4f:fa:20:4e:82:13:3f:75:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2D:B4:82:CA:D8:56:79:53:D7:D7:86:48:93:73:9E:93:0B:10:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JC20gsrYVnlT19eGSJNznpMLEEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
195.133.56.0/23
195.133.60.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:85:be:1a:d5:fc:cf:f7:31:eb:35:4d:68:e5:96:75:b2:3d:
92:89:1f:cd:7d:e9:95:28:1d:fb:d0:2e:f6:48:6b:3d:a4:68:
f2:46:23:37:11:e8:5e:03:eb:d8:e0:cc:eb:2a:02:a2:74:73:
ab:51:dc:eb:a8:89:dd:d5:ff:05:c4:02:10:9c:7a:f2:42:30:
73:29:67:06:70:26:06:75:17:c0:94:33:cc:a6:63:0f:45:35:
c7:5b:66:87:f4:68:42:9b:21:e1:82:88:79:6c:75:07:01:c8:
39:a3:98:87:6b:84:a6:ff:88:ef:52:5f:73:6f:e3:8d:a2:ba:
35:50:5d:ef:41:90:96:21:63:6c:b0:f5:f0:03:de:fe:cc:52:
54:5a:f3:03:5c:26:39:5e:a0:02:be:43:08:90:cc:f4:9e:c6:
e2:1e:97:12:ac:f9:19:6c:65:57:74:38:b0:8a:e0:bd:1d:81:
2e:f6:b3:f5:98:0b:ce:f5:4a:b4:2c:0c:e5:25:aa:56:7f:ed:
f3:92:80:5b:f0:7a:08:19:99:77:7b:20:81:e2:d5:71:b2:64:
c4:53:7e:ee:6a:49:fd:96:bd:87:e7:87:88:e3:bb:2a:29:d1:
77:3e:d0:45:5a:ce:d7:cf:d0:cf:3b:70:42:f5:a6:6c:81:a9:
d9:fe:0b:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKJ9a25b/RY8E8m9QB5NO7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE0MDczNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJkYjQ4MmNhZDg1Njc5NTNkN2Q3ODY0ODkzNzM5ZTkzMGIxMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlwvAoxR3TWja7DwlX1wKeh2Xyxp
GcBNtE7qgV0TJwZjxIgMAO3MXVFWDotzRtzScceIpWReJ7I5ojapMcmTteLr8GqJ
hAJDwTrctkF6Z5AlFOh/BuzM6s6BU54awp79yEdJZ1brzKsexYNy1z+IUQn3OJD9
JsZjguGirAnW1QaOs2hLn8k6y/BCO0R6FnXaEF1P4LhQv2acqedsSAoOL2yjaMs9
Zei5qC3iGkxVfW2qP1w6ZdF89tXyzzvcDvYxaYzdn9zrzmA2REYLwHqWT7XI4oLx
9JfPCpYNP8BhLFF/Yv+W7ENmOx0GmzB6zQ+HBZv3jHP+T/ogToITP3WYAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCQttILK2FZ5U9fXhkiTc56TCxBIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSkMyMGdzcllWbmxUMTllR1NKTnpucE1MRUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHy3AwQB
w4U4AwQBw4U8MA0GCSqGSIb3DQEBCwUAA4IBAQBvhb4a1fzP9zHrNU1o5ZZ1sj2S
iR/NfemVKB370C72SGs9pGjyRiM3EeheA+vY4MzrKgKidHOrUdzrqInd1f8FxAIQ
nHryQjBzKWcGcCYGdRfAlDPMpmMPRTXHW2aH9GhCmyHhgoh5bHUHAcg5o5iHa4Sm
/4jvUl9zb+ONoro1UF3vQZCWIWNssPXwA97+zFJUWvMDXCY5XqACvkMIkMz0nsbi
HpcSrPkZbGVXdDiwiuC9HYEu9rP1mAvO9Uq0LAzlJapWf+3zkoBb8HoIGZl3eyCB
4tVxsmTEU37uakn9lr2H54eI47sqKdF3PtBFWs7Xz9DPO3BC9aZsganZ/gtj
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:51:55 2024 by rpki-client on console-ams.rpki-client.org