Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JeEuWzjT2-fGhdO_Flgp6fzhKjw.roa
File: JeEuWzjT2-fGhdO_Flgp6fzhKjw.roa (raw, json)
Hash identifier: YusWU4Omo3hAMaIxoiVXijWQAEwa25Z8o35sRN63+DE=
Subject key identifier: 25:E1:2E:5B:38:D3:DB:E7:C6:85:D3:BF:16:58:29:E9:FC:E1:2A:3C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D687C5A72F25B79ABC3C2EE1C09065D0F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JeEuWzjT2-fGhdO_Flgp6fzhKjw.roa
Signing time: Fri 02 Feb 2024 06:23:16 +0000
ROA not before: Fri 02 Feb 2024 06:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 195.133.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:7c:5a:72:f2:5b:79:ab:c3:c2:ee:1c:09:06:5d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 06:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25e12e5b38d3dbe7c685d3bf165829e9fce12a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:e6:3c:83:43:82:fd:72:e5:8b:6c:7a:6f:
50:00:aa:c6:51:d0:8b:b4:81:62:0e:7d:e7:04:ff:
23:e3:44:fd:83:93:a8:57:3e:ee:ad:e7:1d:90:c8:
4a:74:0b:11:21:c1:7a:de:8f:4f:67:9e:fa:51:1a:
af:00:9f:d5:07:12:d7:db:33:a5:b6:a0:57:da:aa:
42:26:1f:35:42:38:c2:19:ce:d4:a8:11:ed:f6:36:
9e:b7:53:83:f5:30:62:3e:d5:c5:f5:22:ae:3b:6e:
da:56:07:f5:d1:aa:5e:a8:4d:49:f3:fc:dc:30:1f:
4c:06:5a:be:e5:86:cf:51:30:5c:57:00:a6:a9:3e:
53:f8:65:7d:0c:ce:f3:29:6f:f5:4b:e1:85:ed:ec:
ce:a0:07:e2:8f:7d:2b:94:8a:7f:4f:d9:f7:d1:77:
94:5c:ed:46:7d:2d:2b:c7:8a:27:45:fb:f4:b5:67:
4d:d9:08:bc:24:94:99:e6:71:44:00:70:50:1f:62:
7a:3c:06:45:ce:40:df:33:56:0a:5f:c7:cc:1d:66:
d2:45:0a:ef:cb:e4:58:6a:0f:d4:6c:fe:0e:3f:fb:
07:eb:c2:2a:9f:f4:5b:2b:02:d6:15:02:39:26:91:
7c:55:e3:b8:d4:f8:18:69:8d:44:9c:83:d4:e6:de:
a3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E1:2E:5B:38:D3:DB:E7:C6:85:D3:BF:16:58:29:E9:FC:E1:2A:3C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JeEuWzjT2-fGhdO_Flgp6fzhKjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.36.0/24
Signature Algorithm: sha256WithRSAEncryption
40:56:6f:ab:69:12:e7:91:94:27:29:77:c5:74:39:df:c7:63:
d1:e3:7a:58:db:8c:75:8f:01:38:51:fc:a4:f7:35:56:8f:a8:
a0:05:d1:ba:6d:60:57:fd:85:e7:21:7f:e1:7a:29:7a:98:19:
5a:a1:ac:d9:90:df:6c:3c:fb:3b:5a:ae:88:13:94:c6:7a:52:
b9:19:17:f1:76:22:b6:e2:25:57:75:2e:e3:a3:c8:0f:b8:14:
b5:df:aa:28:fc:79:40:28:c8:f3:69:31:1a:69:e7:cb:82:96:
f6:68:ea:ce:05:13:0c:4c:7a:ae:35:1a:0e:d8:55:dd:16:f0:
c8:09:a6:9d:ae:68:ee:11:2a:a9:36:d4:76:bc:b6:cc:d5:1a:
b3:5e:8e:47:06:12:6c:45:a8:90:cf:6e:78:9c:c8:32:ea:bd:
d3:db:0f:07:33:cc:d3:8c:30:c9:76:1b:07:cf:99:f5:b5:23:
22:76:4d:41:73:5f:79:82:3b:30:28:5f:ad:9f:38:ca:8c:2c:
9d:df:ec:40:3b:c4:02:0f:34:96:4c:f3:fb:96:d4:5c:ff:b6:
69:cc:c7:64:10:eb:cb:bf:4e:7a:6a:c0:2c:5c:55:de:83:97:
d1:10:69:1e:27:b1:9c:38:f8:de:9b:c2:23:cf:6d:90:81:90:
85:4e:05:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ofFpy8lt5q8PC7hwJBl0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAyMDYyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUxMmU1YjM4ZDNkYmU3YzY4NWQzYmYxNjU4MjllOWZjZTEyYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr/mPINDgv1y5Ytsem9QAKrGUdCL
tIFiDn3nBP8j40T9g5OoVz7urecdkMhKdAsRIcF63o9PZ576URqvAJ/VBxLX2zOl
tqBX2qpCJh81QjjCGc7UqBHt9jaet1OD9TBiPtXF9SKuO27aVgf10apeqE1J8/zc
MB9MBlq+5YbPUTBcVwCmqT5T+GV9DM7zKW/1S+GF7ezOoAfij30rlIp/T9n30XeU
XO1GfS0rx4onRfv0tWdN2Qi8JJSZ5nFEAHBQH2J6PAZFzkDfM1YKX8fMHWbSRQrv
y+RYag/UbP4OP/sH68Iqn/RbKwLWFQI5JpF8VeO41PgYaY1EnIPU5t6jCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXhLls409vnxoXTvxZYKen84So8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSmVFdVd6alQyLWZHaGRPX0ZsZ3A2ZnpoS2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UkMA0G
CSqGSIb3DQEBCwUAA4IBAQBAVm+raRLnkZQnKXfFdDnfx2PR43pY24x1jwE4Ufyk
9zVWj6igBdG6bWBX/YXnIX/heil6mBlaoazZkN9sPPs7Wq6IE5TGelK5GRfxdiK2
4iVXdS7jo8gPuBS136oo/HlAKMjzaTEaaefLgpb2aOrOBRMMTHquNRoO2FXdFvDI
CaadrmjuESqpNtR2vLbM1RqzXo5HBhJsRaiQz254nMgy6r3T2w8HM8zTjDDJdhsH
z5n1tSMidk1Bc195gjswKF+tnzjKjCyd3+xAO8QCDzSWTPP7ltRc/7ZpzMdkEOvL
v056asAsXFXeg5fREGkeJ7GcOPjem8Ijz22QgZCFTgX9
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:26:42 2024 by rpki-client on console-fra.rpki-client.org