Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/JAxFOruxSnWvVw3S7nbaHt27HxM.roa
File: JAxFOruxSnWvVw3S7nbaHt27HxM.roa (raw, json)
Hash identifier: gWJBTTX7k9eAscOO8Tc8xhrjz4kyNzCCVMiiRoDcl6k=
Subject key identifier: 24:0C:45:3A:BB:B1:4A:75:AF:57:0D:D2:EE:76:DA:1E:DD:BB:1F:13
Certificate issuer: /CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Certificate serial: 018CC500CCD619614ABE6DEED68ADAF0A76B
Authority key identifier: 1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/JAxFOruxSnWvVw3S7nbaHt27HxM.roa
Signing time: Mon 01 Jan 2024 12:30:13 +0000
ROA not before: Mon 01 Jan 2024 12:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41897
IP address blocks: 78.109.97.0/24 maxlen: 24
78.109.98.0/24 maxlen: 24
78.109.99.0/24 maxlen: 24
78.109.100.0/23 maxlen: 23
78.109.102.0/23 maxlen: 23
193.42.20.0/24 maxlen: 24
185.90.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 02:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:cc:d6:19:61:4a:be:6d:ee:d6:8a:da:f0:a7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Validity
Not Before: Jan 1 12:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=240c453abbb14a75af570dd2ee76da1eddbb1f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a5:2f:15:78:13:80:ea:ae:24:4f:71:78:46:
52:f3:f2:bd:2f:2c:72:0b:7b:67:ad:f2:33:59:fd:
bf:e1:13:ab:f7:a7:a7:5d:ca:72:fb:5e:84:c3:02:
1e:a3:df:61:56:17:59:90:fe:55:89:b5:58:aa:05:
64:17:ec:3b:b4:cd:9a:22:17:8a:1b:cf:cc:e3:92:
df:24:a6:70:90:47:81:4e:78:b1:bd:e5:9d:81:d7:
6a:f9:31:24:4f:14:f7:e3:e5:27:be:7d:af:4c:0f:
5e:85:d3:68:81:a9:87:25:ac:25:90:e8:ed:e8:83:
7a:ee:ae:1d:01:0f:56:e1:71:42:23:ff:22:3b:0d:
11:95:fd:6f:a9:ec:fa:28:ec:76:2f:9f:7e:ad:2c:
c8:b7:1e:b2:9b:5a:65:02:79:c2:86:05:7e:0d:22:
45:78:7f:45:9a:f2:c2:6b:b4:97:ed:7d:8e:dc:45:
25:f2:6c:2d:c7:4e:b9:d4:af:f4:58:b4:08:cf:c8:
46:1f:14:87:14:ba:28:23:0c:b0:cc:98:c5:d5:a4:
4c:d7:ea:ed:f1:2b:e5:4e:af:4a:54:7b:b8:1e:67:
55:91:36:d0:8c:0f:70:75:2a:18:49:05:d7:25:86:
ac:ab:ba:70:e4:58:e1:69:b8:0f:e8:0b:3a:54:8e:
e7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0C:45:3A:BB:B1:4A:75:AF:57:0D:D2:EE:76:DA:1E:DD:BB:1F:13
X509v3 Authority Key Identifier:
keyid:1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/JAxFOruxSnWvVw3S7nbaHt27HxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.97.0-78.109.103.255
185.90.134.0/23
193.42.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:9b:35:98:00:3b:8a:4e:b7:47:26:51:61:d2:e6:b5:23:37:
0d:52:b6:de:b2:65:3f:29:cb:f9:6a:01:d7:02:b9:6e:22:ab:
b1:ea:b6:1a:b3:f3:fb:77:37:ed:d7:91:73:ff:6f:a7:18:d5:
f0:9e:2d:f0:67:19:e7:46:42:c6:c4:85:e9:6e:a4:f7:c0:10:
10:3d:58:1e:7f:9c:a7:62:b9:90:c9:2f:3b:a5:f1:57:34:de:
bf:77:3e:26:22:eb:41:e9:92:4a:83:b9:24:d2:36:c4:33:ba:
75:38:40:76:2a:43:a5:f6:69:14:d6:ac:62:52:e2:49:e3:05:
c5:2c:8b:f9:bd:c7:c7:62:71:b2:ae:18:a2:fa:bd:0a:2f:c9:
04:14:6b:48:dd:3c:15:08:41:f0:ca:5e:a1:bc:9c:8e:f8:79:
f4:a6:c8:7f:16:30:f5:52:e3:4c:15:9f:6b:26:79:5e:32:4c:
e4:a3:b2:ba:93:70:f2:50:64:0e:73:94:0d:9d:29:1d:b4:75:
64:d4:b2:33:04:a7:22:15:fe:89:83:72:3f:e0:c7:1a:31:43:
47:e1:84:2e:d1:3c:92:68:55:7f:e0:99:e3:27:4c:01:de:7c:
a1:0a:c2:da:b2:0c:f3:0f:5a:83:58:f3:11:9b:d2:0e:a4:82:
be:d0:0c:16
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFAMzWGWFKvm3u1ora8KdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYzE5OTRlYTYzZDUwZGJjOGI0M2FjZWNhZDI4NDJiNGRj
MTU3NTkwHhcNMjQwMTAxMTIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBjNDUzYWJiYjE0YTc1YWY1NzBkZDJlZTc2ZGExZWRkYmIxZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqUvFXgTgOquJE9xeEZS8/K9Lyxy
C3tnrfIzWf2/4ROr96enXcpy+16EwwIeo99hVhdZkP5VibVYqgVkF+w7tM2aIheK
G8/M45LfJKZwkEeBTnixveWdgddq+TEkTxT34+Unvn2vTA9ehdNogamHJawlkOjt
6IN67q4dAQ9W4XFCI/8iOw0Rlf1vqez6KOx2L59+rSzItx6ym1plAnnChgV+DSJF
eH9FmvLCa7SX7X2O3EUl8mwtx0651K/0WLQIz8hGHxSHFLooIwywzJjF1aRM1+rt
8SvlTq9KVHu4HmdVkTbQjA9wdSoYSQXXJYasq7pw5FjhabgP6As6VI7n4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCQMRTq7sUp1r1cN0u522h7dux8TMB8GA1UdIwQY
MBaAFBvBmU6mPVDbyLQ6zsrShCtNwVdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYt
YWY1ODY3NDc2MzA5LzEvSkF4Rk9ydXhTbld2VnczUzduYmFIdDI3SHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYtYWY1ODY3NDc2MzA5
LzEvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABObWED
BANObWADBAG5WoYDBADBKhQwDQYJKoZIhvcNAQELBQADggEBALSbNZgAO4pOt0cm
UWHS5rUjNw1Stt6yZT8py/lqAdcCuW4iq7Hqthqz8/t3N+3XkXP/b6cY1fCeLfBn
GedGQsbEhelupPfAEBA9WB5/nKdiuZDJLzul8Vc03r93PiYi60HpkkqDuSTSNsQz
unU4QHYqQ6X2aRTWrGJS4knjBcUsi/m9x8dicbKuGKL6vQovyQQUa0jdPBUIQfDK
XqG8nI74efSmyH8WMPVS40wVn2smeV4yTOSjsrqTcPJQZA5zlA2dKR20dWTUsjME
pyIV/omDcj/gxxoxQ0fhhC7RPJJoVX/gmeMnTAHefKEKwtqyDPMPWoNY8xGb0g6k
gr7QDBY=
-----END CERTIFICATE-----
Generated at Fri May 17 10:14:43 2024 by rpki-client on console-fra.rpki-client.org