Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/cj-gipgwAayXHIUXQjVwK12HSDA.roa
File: cj-gipgwAayXHIUXQjVwK12HSDA.roa (raw, json)
Hash identifier: VeEcRxnxsMnsIMrOJWxETyl8KIs4uc3wLwLFQTWPmLw=
Subject key identifier: 72:3F:A0:8A:98:30:01:AC:97:1C:85:17:42:35:70:2B:5D:87:48:30
Certificate issuer: /CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Certificate serial: 018CC42450A36516D03EA5A00D63F63723F7
Authority key identifier: C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/cj-gipgwAayXHIUXQjVwK12HSDA.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49871
IP address blocks: 195.234.129.0/24 maxlen: 32
193.104.9.0/24 maxlen: 32
193.109.236.0/24 maxlen: 32
195.66.154.0/23 maxlen: 32
194.29.56.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:50:a3:65:16:d0:3e:a5:a0:0d:63:f6:37:23:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5de32bb9cc99e115ddbaf6b7fa23051789f2f61
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=723fa08a983001ac971c85174235702b5d874830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4e:71:be:5b:14:60:79:cc:44:3a:ef:0b:ac:
31:5c:2b:b9:62:95:cd:01:51:f1:c2:06:9b:73:42:
e7:78:7c:5b:f0:79:1e:b2:ce:59:4f:1c:e6:f6:31:
dc:1f:3d:d3:21:be:56:9c:88:57:4b:fa:d2:f4:25:
04:00:d5:cf:69:df:00:4d:7d:01:80:96:76:12:fe:
4c:a4:6f:7d:6b:1e:5b:b1:59:b7:53:a9:a1:9f:31:
3b:30:af:03:f0:e8:3b:1b:74:96:71:dc:7b:5e:1e:
a3:e0:22:aa:23:f1:9c:f6:3f:c9:3f:3c:fa:ea:77:
66:5e:97:d1:54:65:ec:d4:54:79:c6:36:67:2e:c7:
b6:3d:5b:3a:e1:d5:eb:32:0a:b2:06:09:99:b4:4e:
e8:58:99:2f:42:86:f5:ed:9d:7c:cd:10:d4:05:c0:
36:56:e2:9f:f2:f9:a3:31:66:37:0e:65:43:9f:3f:
a1:13:1d:fa:5e:80:a7:d0:54:0a:af:8a:f3:46:bd:
f9:59:e7:34:5a:6b:0a:ba:61:bd:45:61:96:4c:85:
a0:98:ef:91:18:c9:0f:4d:ef:36:e4:79:38:6e:f4:
0b:52:52:53:88:20:bf:93:b8:03:3b:03:af:dd:85:
e1:5a:48:0a:08:e3:c5:6e:23:95:59:fa:72:3b:01:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3F:A0:8A:98:30:01:AC:97:1C:85:17:42:35:70:2B:5D:87:48:30
X509v3 Authority Key Identifier:
keyid:C5:DE:32:BB:9C:C9:9E:11:5D:DB:AF:6B:7F:A2:30:51:78:9F:2F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xd4yu5zJnhFd269rf6IwUXifL2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/cj-gipgwAayXHIUXQjVwK12HSDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bd09e7-c40b-47a6-8a2e-0636753679b6/1/xd4yu5zJnhFd269rf6IwUXifL2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.9.0/24
193.109.236.0/24
194.29.56.0/22
195.66.154.0/23
195.234.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e0:4e:b3:19:f0:eb:19:2c:bc:e7:5a:06:30:d4:f1:45:1c:
1c:2e:22:ce:74:26:f5:d1:8d:04:67:29:3b:6d:60:2f:cf:da:
38:29:e3:a8:14:41:6c:6f:b6:e9:58:f6:db:b4:c3:84:a6:0d:
5c:b2:b0:03:85:3f:3c:26:7c:73:3b:da:48:12:f8:e0:8e:cc:
23:74:3a:27:60:20:4e:b6:01:ad:b8:fd:c6:76:3a:1b:55:32:
b6:f3:3e:01:4b:32:96:a4:9c:bd:aa:0f:41:ba:5a:63:55:81:
67:14:ee:25:2d:69:d2:19:d0:5a:4a:c6:54:28:7e:db:b2:da:
89:65:d4:62:7d:bd:bc:a2:23:34:bf:85:bb:60:eb:06:e7:dd:
3b:4d:7d:99:b0:e9:3f:fc:85:bc:9d:5c:a5:32:1b:f3:b2:b5:
47:19:df:68:b8:93:58:81:e2:18:2e:d2:1f:23:3c:a2:9b:da:
ac:89:3e:37:f2:96:c5:13:29:d8:71:14:94:52:a3:17:d8:f8:
ea:90:b0:fc:88:a0:11:b4:3e:da:0d:ab:5c:9e:a7:0b:6b:ee:
b6:f7:04:1d:9f:43:87:f3:86:c1:f6:be:65:ad:86:02:2f:25:
eb:2d:22:10:7b:9d:c8:b5:f2:94:5c:da:49:09:b2:cd:3a:87:
db:55:b9:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJFCjZRbQPqWgDWP2NyP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZGUzMmJiOWNjOTllMTE1ZGRiYWY2YjdmYTIzMDUxNzg5
ZjJmNjEwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjNmYTA4YTk4MzAwMWFjOTcxYzg1MTc0MjM1NzAyYjVkODc0ODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U5xvlsUYHnMRDrvC6wxXCu5YpXN
AVHxwgabc0LneHxb8Hkess5ZTxzm9jHcHz3TIb5WnIhXS/rS9CUEANXPad8ATX0B
gJZ2Ev5MpG99ax5bsVm3U6mhnzE7MK8D8Og7G3SWcdx7Xh6j4CKqI/Gc9j/JPzz6
6ndmXpfRVGXs1FR5xjZnLse2PVs64dXrMgqyBgmZtE7oWJkvQob17Z18zRDUBcA2
VuKf8vmjMWY3DmVDnz+hEx36XoCn0FQKr4rzRr35Wec0WmsKumG9RWGWTIWgmO+R
GMkPTe825Hk4bvQLUlJTiCC/k7gDOwOv3YXhWkgKCOPFbiOVWfpyOwEvDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHI/oIqYMAGslxyFF0I1cCtdh0gwMB8GA1UdIwQY
MBaAFMXeMrucyZ4RXduva3+iMFF4ny9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUt
MDYzNjc1MzY3OWI2LzEvY2otZ2lwZ3dBYXlYSElVWFFqVndLMTJIU0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZDA5ZTctYzQwYi00N2E2LThhMmUtMDYzNjc1MzY3OWI2
LzEveGQ0eXU1ekpuaEZkMjY5cmY2SXdVWGlmTDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwWgJAwQA
wW3sAwQCwh04AwQBw0KaAwQAw+qBMA0GCSqGSIb3DQEBCwUAA4IBAQBK4E6zGfDr
GSy851oGMNTxRRwcLiLOdCb10Y0EZyk7bWAvz9o4KeOoFEFsb7bpWPbbtMOEpg1c
srADhT88JnxzO9pIEvjgjswjdDonYCBOtgGtuP3GdjobVTK28z4BSzKWpJy9qg9B
ulpjVYFnFO4lLWnSGdBaSsZUKH7bstqJZdRifb28oiM0v4W7YOsG5907TX2ZsOk/
/IW8nVylMhvzsrVHGd9ouJNYgeIYLtIfIzyim9qsiT438pbFEynYcRSUUqMX2Pjq
kLD8iKARtD7aDatcnqcLa+629wQdn0OH84bB9r5lrYYCLyXrLSIQe53ItfKUXNpJ
CbLNOofbVbkR
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:49:13 2024 by rpki-client on console-ams.rpki-client.org