Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/J1uk3AeynBXMMtIuSSNkGgZJOLg.roa
File: J1uk3AeynBXMMtIuSSNkGgZJOLg.roa (raw, json)
Hash identifier: lACUqTNKkDnhF0lhKQ9/HN46DSL7xQHIKNUVEx0Jrj8=
Subject key identifier: 27:5B:A4:DC:07:B2:9C:15:CC:32:D2:2E:49:23:64:1A:06:49:38:B8
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 018CC8DFAF8AEB05D5AA02DE21946BCCB9D4
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/J1uk3AeynBXMMtIuSSNkGgZJOLg.roa
Signing time: Tue 02 Jan 2024 06:32:31 +0000
ROA not before: Tue 02 Jan 2024 06:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 193.243.150.0/23 maxlen: 24
80.253.192.0/20 maxlen: 24
45.134.192.0/22 maxlen: 24
94.247.160.0/21 maxlen: 24
46.247.160.0/19 maxlen: 24
185.117.36.0/22 maxlen: 24
94.143.80.0/21 maxlen: 24
185.48.48.0/22 maxlen: 24
194.105.58.0/23 maxlen: 24
194.105.62.0/23 maxlen: 24
176.53.128.0/22 maxlen: 24
185.8.240.0/22 maxlen: 24
185.12.96.0/22 maxlen: 24
193.239.190.0/23 maxlen: 24
37.26.176.0/21 maxlen: 24
185.50.76.0/22 maxlen: 24
2a04:b440::/29 maxlen: 48
2a03:bd00::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
2a01:9720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:af:8a:eb:05:d5:aa:02:de:21:94:6b:cc:b9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Jan 2 06:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=275ba4dc07b29c15cc32d22e4923641a064938b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:58:23:da:32:58:54:b4:9e:13:87:d0:16:
7d:87:42:8c:32:33:80:8e:71:da:79:fe:cf:01:00:
b3:8a:fd:a0:be:55:3d:8f:79:06:12:69:51:94:40:
9c:6e:b8:2b:6a:10:ff:d4:2d:b5:f3:f7:fa:67:f8:
89:2c:c4:e2:c9:f1:82:1e:d1:21:35:de:fc:bf:d4:
6c:b9:a3:93:4f:51:27:f9:68:d2:ab:15:e4:37:3f:
66:0f:c8:ab:d5:51:6d:d9:f1:2f:31:45:19:09:4f:
ee:0b:04:99:43:b1:81:49:a9:28:41:ce:2f:d8:df:
f5:48:c4:bc:cc:b6:d4:27:48:00:fb:c1:a1:e3:a4:
ae:bd:33:b8:4f:05:3a:8a:2d:cb:25:c9:bd:21:ec:
b3:1f:5a:1b:de:72:0d:45:5d:78:68:49:26:a2:79:
1c:4a:d4:86:4b:e2:e9:41:93:82:ae:c4:45:2b:a6:
42:89:04:a4:47:5e:91:bc:0b:f5:f6:b7:c0:fb:01:
48:1f:f0:f7:ab:f6:a6:db:68:00:4d:4c:46:46:08:
5e:81:b1:66:db:30:4d:62:62:41:62:e8:f7:fb:d1:
85:2f:31:cb:c9:2f:5a:55:16:e4:63:a4:40:14:af:
f1:e1:49:99:24:98:c1:da:64:98:80:61:22:c8:a4:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5B:A4:DC:07:B2:9C:15:CC:32:D2:2E:49:23:64:1A:06:49:38:B8
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/J1uk3AeynBXMMtIuSSNkGgZJOLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
80.253.192.0/20
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.8.240.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
185.117.36.0/22
193.239.190.0/23
193.243.150.0/23
194.105.58.0/23
194.105.62.0/23
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
2a04:b440::/29
Signature Algorithm: sha256WithRSAEncryption
78:ec:64:6f:cd:73:4f:0d:77:c8:f2:57:7a:79:cc:19:0e:4e:
9c:68:79:de:28:56:20:99:17:30:4a:0e:42:1b:04:b0:2b:ad:
aa:a9:a0:69:b2:db:29:94:40:2c:aa:8f:26:aa:85:30:b0:d3:
bd:4e:47:ba:56:ae:0f:0a:1d:8c:60:a5:62:1c:6b:be:48:3e:
a4:91:0c:d2:6d:b2:ba:0b:a8:d0:94:71:a0:58:ad:3f:92:37:
4a:57:49:bf:69:42:d3:f4:9c:eb:e9:11:9d:a2:57:7b:2e:ef:
eb:d6:76:e7:94:e3:4c:5e:6f:e5:57:a7:3f:1f:16:ab:a1:9b:
81:fc:9c:cb:0a:1e:7a:02:de:d8:38:26:41:4d:54:81:1d:6a:
74:00:d7:d1:8c:8e:ad:b3:de:a3:4d:1f:3c:9f:32:54:ec:e9:
bc:e9:15:80:4d:b3:63:6e:c9:33:00:8a:33:36:81:1d:cc:5d:
82:ef:3f:16:4a:27:e0:d3:38:83:3a:90:71:33:1b:75:e0:dd:
af:1a:71:7f:b3:3a:52:e7:f3:fe:e0:65:b3:cc:ba:0b:75:8a:
d5:e9:e9:de:85:8e:81:0a:25:71:d8:b2:ca:e4:dd:93:bb:76:
50:6f:ac:32:22:05:51:cf:6f:07:b3:4e:dc:fa:f1:a8:4b:57:
ec:0c:3c:44
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzI36+K6wXVqgLeIZRrzLnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjQwMTAyMDYzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzViYTRkYzA3YjI5YzE1Y2MzMmQyMmU0OTIzNjQxYTA2NDkzOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkxYI9oyWFS0nhOH0BZ9h0KMMjOA
jnHaef7PAQCziv2gvlU9j3kGEmlRlECcbrgrahD/1C218/f6Z/iJLMTiyfGCHtEh
Nd78v9RsuaOTT1En+WjSqxXkNz9mD8ir1VFt2fEvMUUZCU/uCwSZQ7GBSakoQc4v
2N/1SMS8zLbUJ0gA+8Gh46SuvTO4TwU6ii3LJcm9IeyzH1ob3nINRV14aEkmonkc
StSGS+LpQZOCrsRFK6ZCiQSkR16RvAv19rfA+wFIH/D3q/am22gATUxGRghegbFm
2zBNYmJBYuj3+9GFLzHLyS9aVRbkY6RAFK/x4UmZJJjB2mSYgGEiyKTozQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCdbpNwHspwVzDLSLkkjZBoGSTi4MB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvSjF1azNBZXluQlhNTXRJdVNTTmtHZ1pKT0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUtOWQ1NjU3NTEzZTIw
LzEvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBmBAIAATBgAwQDJRqw
AwQCLYbAAwQFLvegAwQEUP3AAwQDXo9QAwQDXvegAwQCsDWAAwQCuQjwAwQCuQxg
AwQCuTAwAwQCuTJMAwQCuXUkAwQBwe++AwQBwfOWAwQBwmk6AwQBwmk+MCIEAgAC
MBwDBQAqAZcgAwUAKgGqYAMFACoDvQADBQMqBLRAMA0GCSqGSIb3DQEBCwUAA4IB
AQB47GRvzXNPDXfI8ld6ecwZDk6caHneKFYgmRcwSg5CGwSwK62qqaBpstsplEAs
qo8mqoUwsNO9Tke6Vq4PCh2MYKViHGu+SD6kkQzSbbK6C6jQlHGgWK0/kjdKV0m/
aULT9Jzr6RGdold7Lu/r1nbnlONMXm/lV6c/HxaroZuB/JzLCh56At7YOCZBTVSB
HWp0ANfRjI6ts96jTR88nzJU7Om86RWATbNjbskzAIozNoEdzF2C7z8WSifg0ziD
OpBxMxt14N2vGnF/szpS5/P+4GWzzLoLdYrV6enehY6BCiVx2LLK5N2Tu3ZQb6wy
IgVRz28Hs07c+vGoS1fsDDxE
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:59:22 2024 by rpki-client on console-ams.rpki-client.org