Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/JPm2yackomAR-H-UrUuFUr7nUKY.roa
File: JPm2yackomAR-H-UrUuFUr7nUKY.roa (raw, json)
Hash identifier: fTIKqs9EM7F+9BEEmVXrKB1SEfO0ckO6QpiFnl15vTE=
Subject key identifier: 24:F9:B6:C9:A7:24:A2:60:11:F8:7F:94:AD:4B:85:52:BE:E7:50:A6
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018CC4922E7728A110E90C796134EA0C9DF3
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/JPm2yackomAR-H-UrUuFUr7nUKY.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49434
IP address blocks: 185.177.45.0/24 maxlen: 24
185.177.46.0/24 maxlen: 24
185.177.47.0/24 maxlen: 24
2a0a:2f82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2e:77:28:a1:10:e9:0c:79:61:34:ea:0c:9d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24f9b6c9a724a26011f87f94ad4b8552bee750a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d5:bf:38:5b:ed:3b:05:cc:d7:9e:64:05:fa:
68:74:80:60:01:1b:d5:76:f1:78:05:58:a0:6a:e1:
b9:79:6c:6a:35:61:09:1e:6b:b9:2f:af:5e:36:28:
4b:3f:f1:64:ee:a4:23:8a:c9:4a:a9:61:ba:c9:67:
e8:58:c1:da:35:67:6e:28:3c:be:74:3d:4c:21:e2:
d7:3f:f6:6f:e2:d5:55:39:06:93:98:fb:12:05:5c:
cb:86:85:86:76:ee:b1:dc:24:2a:66:20:f2:6c:34:
13:2f:de:f4:e2:ae:89:97:19:67:ca:f3:9a:fb:a1:
ed:b1:cf:bc:e4:8e:97:ed:52:ca:8f:6b:44:b8:c4:
cc:36:6e:eb:b2:b9:99:ce:25:d8:17:a5:03:d7:78:
35:8f:8c:f1:b9:d6:14:35:82:79:5b:8c:61:bc:44:
07:bc:6f:70:3e:1f:1a:ec:1e:26:d2:f8:59:8e:a4:
9b:1c:0d:25:9c:51:f2:45:af:cb:e0:1d:d7:e7:1f:
fa:a8:fb:b2:e5:92:c6:94:c6:3c:9b:1a:1d:c3:88:
f9:ce:37:c6:9a:37:fa:be:55:71:00:3a:15:b8:6c:
12:90:a0:58:0f:69:4a:45:65:ce:ca:1d:64:75:4e:
70:33:1f:12:5d:89:18:85:4b:1b:1a:1f:6a:7f:7b:
e6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F9:B6:C9:A7:24:A2:60:11:F8:7F:94:AD:4B:85:52:BE:E7:50:A6
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/JPm2yackomAR-H-UrUuFUr7nUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.45.0-185.177.47.255
IPv6:
2a0a:2f82::/32
Signature Algorithm: sha256WithRSAEncryption
17:0a:46:d5:7e:85:ae:fc:1c:c3:49:04:91:fc:d5:d7:ee:0d:
f2:7c:57:fd:db:24:85:27:74:1f:18:47:d4:65:53:79:13:58:
c0:0e:34:34:df:25:b0:45:fe:b8:37:81:40:09:86:a0:1f:14:
ee:4d:fa:8c:51:87:55:22:a7:65:94:e3:18:16:8e:0b:cf:e2:
b9:ec:70:72:1e:c1:fc:8b:5f:d7:4c:13:62:37:07:5b:66:bf:
29:76:b0:c6:27:7e:49:9b:f2:21:95:01:f4:13:f3:18:77:1a:
2c:5e:fb:f7:fb:5d:48:56:07:e5:4f:c6:27:a1:64:84:3e:e8:
ec:a9:4e:be:10:78:5c:b3:a0:09:76:f9:2e:b5:33:42:4a:ed:
d0:8c:a0:13:35:e0:b0:65:8b:29:bc:49:76:8f:d3:72:47:cf:
0f:cc:77:cc:f7:63:79:87:13:ec:29:38:a3:32:ce:b7:e2:a2:
40:76:61:a4:7c:e8:27:1e:c9:22:83:73:de:ca:69:fd:a7:fa:
35:d1:bb:f6:19:6f:61:9c:ca:16:ae:75:33:16:0a:0c:64:50:
e9:15:2f:e8:9e:51:6b:79:69:dd:c0:ca:e6:55:0b:2a:53:1f:
90:a1:69:6f:ac:6d:b8:b8:12:5c:72:ec:60:95:8c:24:fb:e0:
e3:48:75:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEki53KKEQ6Qx5YTTqDJ3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY5YjZjOWE3MjRhMjYwMTFmODdmOTRhZDRiODU1MmJlZTc1MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttW/OFvtOwXM155kBfpodIBgARvV
dvF4BVigauG5eWxqNWEJHmu5L69eNihLP/Fk7qQjislKqWG6yWfoWMHaNWduKDy+
dD1MIeLXP/Zv4tVVOQaTmPsSBVzLhoWGdu6x3CQqZiDybDQTL9704q6JlxlnyvOa
+6Htsc+85I6X7VLKj2tEuMTMNm7rsrmZziXYF6UD13g1j4zxudYUNYJ5W4xhvEQH
vG9wPh8a7B4m0vhZjqSbHA0lnFHyRa/L4B3X5x/6qPuy5ZLGlMY8mxodw4j5zjfG
mjf6vlVxADoVuGwSkKBYD2lKRWXOyh1kdU5wMx8SXYkYhUsbGh9qf3vmsQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCT5tsmnJKJgEfh/lK1LhVK+51CmMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvSlBtMnlhY2tvbUFSLUgtVXJVdUZVcjduVUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5sS0D
BAS5sSAwDQQCAAIwBwMFACoKL4IwDQYJKoZIhvcNAQELBQADggEBABcKRtV+ha78
HMNJBJH81dfuDfJ8V/3bJIUndB8YR9RlU3kTWMAONDTfJbBF/rg3gUAJhqAfFO5N
+oxRh1Uip2WU4xgWjgvP4rnscHIewfyLX9dME2I3B1tmvyl2sMYnfkmb8iGVAfQT
8xh3Gixe+/f7XUhWB+VPxiehZIQ+6OypTr4QeFyzoAl2+S61M0JK7dCMoBM14LBl
iym8SXaP03JHzw/Md8z3Y3mHE+wpOKMyzrfiokB2YaR86CceySKDc97Kaf2n+jXR
u/YZb2GcyhaudTMWCgxkUOkVL+ieUWt5ad3AyuZVCypTH5ChaW+sbbi4Elxy7GCV
jCT74ONIddg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:06:41 2024 by rpki-client on console-fra.rpki-client.org