Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/JK19EEqbXQ9atlEg1X2_oRBuohY.roa
File: JK19EEqbXQ9atlEg1X2_oRBuohY.roa (raw, json)
Hash identifier: /ka9ykCrkeCWtDu2jcA/GcQR0k6Umsi+uUDNincdwCM=
Subject key identifier: 24:AD:7D:10:4A:9B:5D:0F:5A:B6:51:20:D5:7D:BF:A1:10:6E:A2:16
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 018E9F93C405FC33025184E7982E1F969B58
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/JK19EEqbXQ9atlEg1X2_oRBuohY.roa
Signing time: Tue 02 Apr 2024 16:10:45 +0000
ROA not before: Tue 02 Apr 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 185.236.22.0/24 maxlen: 24
185.236.23.0/24 maxlen: 24
193.32.177.0/24 maxlen: 24
193.32.178.0/24 maxlen: 24
193.32.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.mft
rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:93:c4:05:fc:33:02:51:84:e7:98:2e:1f:96:9b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Apr 2 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24ad7d104a9b5d0f5ab65120d57dbfa1106ea216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d9:ef:36:dd:3e:a2:a0:29:2a:a0:be:35:78:
f0:12:2d:fe:ab:99:7b:ac:1a:a4:41:0a:22:c8:34:
af:6e:ea:da:28:fe:fd:2a:98:03:8b:05:5d:78:01:
eb:63:d3:06:ca:e5:8e:dc:6b:9d:99:74:40:80:9a:
4e:08:43:9f:60:f3:f9:26:7c:60:92:f3:f9:42:1e:
df:95:3c:49:ef:c6:03:71:29:4c:30:a4:69:fd:56:
11:d8:d8:9c:fb:53:3c:af:f3:85:6b:3b:09:cd:4b:
b6:64:60:d2:3e:46:00:5c:de:6b:fb:8b:5a:14:98:
65:d5:bf:ce:f3:5e:9b:0e:76:38:ad:e9:58:0a:68:
0f:f3:6b:dd:ff:f8:c1:21:35:74:f8:6e:8f:91:d5:
98:31:bc:d4:41:99:f0:2f:9d:08:83:df:7d:3e:20:
95:07:ed:d6:28:bc:c3:f9:ec:ed:7f:f5:1f:c3:c6:
2a:44:59:fd:46:dd:58:52:cc:fd:c2:21:9b:54:4d:
22:f0:1f:64:21:61:e9:af:23:54:73:d8:01:51:30:
d3:26:0c:f3:23:4c:66:a0:82:ed:4e:0d:95:e3:0c:
ca:42:98:6a:d8:a6:fd:1e:8a:1a:54:67:23:be:84:
af:c1:79:ae:b8:3e:51:f4:bc:74:1d:06:40:e6:1f:
f2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AD:7D:10:4A:9B:5D:0F:5A:B6:51:20:D5:7D:BF:A1:10:6E:A2:16
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/JK19EEqbXQ9atlEg1X2_oRBuohY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
193.32.177.0-193.32.179.255
Signature Algorithm: sha256WithRSAEncryption
4c:af:2b:b0:98:ed:a5:6d:59:19:ac:ea:2a:62:8f:e2:f7:6d:
76:00:a8:be:99:cc:cb:17:5d:ec:00:a8:25:2a:78:01:c9:8d:
86:1e:1c:fb:cf:22:25:4b:ee:3e:47:3e:c4:1b:80:b2:35:f9:
be:86:62:55:0f:f0:49:de:6b:cb:36:ee:ca:97:51:40:8a:ec:
6a:84:ac:79:00:29:da:2c:e2:27:ed:57:16:b8:72:df:bc:1a:
7a:d9:4f:f1:b0:2c:e4:6a:e2:40:7f:e8:cc:1c:f7:bc:50:68:
4d:f4:3b:11:ab:24:1c:60:b0:39:2e:75:6e:0e:86:56:b1:8e:
f2:be:dd:54:0e:03:e0:eb:1c:72:3a:cb:67:30:ed:1c:4c:cf:
05:df:dc:6a:77:14:d1:ac:c3:5d:de:7c:4f:ba:1e:65:9a:9f:
b1:9f:59:ce:00:9b:a2:99:0b:9d:61:90:2d:ca:bf:2c:c4:46:
be:bb:1c:c9:8e:47:78:47:8f:41:28:ce:d0:b5:91:94:d9:05:
75:ca:30:c1:8c:60:3b:23:33:38:88:36:14:31:c3:5d:64:be:
5d:f0:d3:04:22:a9:f6:c2:ba:95:54:2e:5d:a5:a9:1b:ea:3b:
ee:10:42:5d:78:f7:76:02:11:5b:3e:ba:c2:d9:fb:12:96:4e:
de:25:14:16
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY6fk8QF/DMCUYTnmC4flptYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjQwNDAyMTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGFkN2QxMDRhOWI1ZDBmNWFiNjUxMjBkNTdkYmZhMTEwNmVhMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodnvNt0+oqApKqC+NXjwEi3+q5l7
rBqkQQoiyDSvburaKP79KpgDiwVdeAHrY9MGyuWO3GudmXRAgJpOCEOfYPP5Jnxg
kvP5Qh7flTxJ78YDcSlMMKRp/VYR2Nic+1M8r/OFazsJzUu2ZGDSPkYAXN5r+4ta
FJhl1b/O816bDnY4relYCmgP82vd//jBITV0+G6PkdWYMbzUQZnwL50Ig999PiCV
B+3WKLzD+eztf/Ufw8YqRFn9Rt1YUsz9wiGbVE0i8B9kIWHpryNUc9gBUTDTJgzz
I0xmoILtTg2V4wzKQphq2Kb9HooaVGcjvoSvwXmuuD5R9Lx0HQZA5h/ysQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCStfRBKm10PWrZRINV9v6EQbqIWMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvSksxOUVFcWJYUTlhdGxFZzFYMl9vUkJ1b2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuewWMAwD
BADBILEDBALBILAwDQYJKoZIhvcNAQELBQADggEBAEyvK7CY7aVtWRms6ipij+L3
bXYAqL6ZzMsXXewAqCUqeAHJjYYeHPvPIiVL7j5HPsQbgLI1+b6GYlUP8Enea8s2
7sqXUUCK7GqErHkAKdos4iftVxa4ct+8GnrZT/GwLORq4kB/6Mwc97xQaE30OxGr
JBxgsDkudW4OhlaxjvK+3VQOA+DrHHI6y2cw7RxMzwXf3Gp3FNGsw13efE+6HmWa
n7GfWc4Am6KZC51hkC3KvyzERr67HMmOR3hHj0EoztC1kZTZBXXKMMGMYDsjMziI
NhQxw11kvl3w0wQiqfbCupVULl2lqRvqO+4QQl1493YCEVs+usLZ+xKWTt4lFBY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:17 2024 by rpki-client on console-ams.rpki-client.org