Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/JJZ1gsvV-qEjqW4ZuxiUx7eptz4.roa
File: JJZ1gsvV-qEjqW4ZuxiUx7eptz4.roa (raw, json)
Hash identifier: v4sNp3ZUmHFWBjHZJU/84D8NjQXvYo/Amc4s383sq3Q=
Subject key identifier: 24:96:75:82:CB:D5:FA:A1:23:A9:6E:19:BB:18:94:C7:B7:A9:B7:3E
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 018CC64B7A8DDEDDC42914D06A86BEE59D4A
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/JJZ1gsvV-qEjqW4ZuxiUx7eptz4.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202314
IP address blocks: 139.28.206.0/24 maxlen: 24
2a0d:1a45:666::/48 maxlen: 48
2a06:1e86::/32 maxlen: 48
2a0d:1a41:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7a:8d:de:dd:c4:29:14:d0:6a:86:be:e5:9d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24967582cbd5faa123a96e19bb1894c7b7a9b73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d9:30:b9:7f:88:34:d3:f2:af:24:ac:63:a7:
98:e9:d0:fa:56:00:b8:c9:7a:b6:92:f1:27:9c:70:
ec:03:48:50:e4:63:08:77:54:6b:b7:a1:c7:ac:6a:
e4:5b:0f:3e:eb:9b:40:c4:ae:88:c8:e8:7c:2f:fe:
cf:4e:f1:96:ec:83:9b:35:ad:92:5b:c3:fd:48:22:
30:98:36:d9:e3:b6:f8:04:05:36:23:67:7e:c2:df:
3b:32:04:5d:ba:c8:cc:f3:85:9d:4d:43:1a:51:77:
88:df:49:fd:21:9f:f0:ca:ad:64:80:dd:29:45:db:
43:61:94:43:47:72:3e:3a:16:7c:ca:43:81:b9:91:
80:95:d6:e2:9f:93:96:e2:b8:6b:1e:85:04:41:48:
08:0c:89:d9:5f:cc:6c:f1:29:53:8c:c8:49:01:9b:
ae:df:78:1c:72:71:2b:8b:b9:6b:52:01:e1:f8:41:
52:6f:22:5c:80:99:97:64:92:62:56:85:c9:81:b0:
65:06:7d:e2:32:6e:c6:72:a1:ce:ca:ef:87:b7:3a:
0e:3a:f4:f7:d6:06:77:e4:62:2c:e2:34:e3:80:33:
bf:7f:fe:f3:ad:5f:99:e4:15:03:20:c5:de:68:b9:
7d:0e:df:a4:92:4a:c7:ff:33:b9:9c:ac:27:02:df:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:96:75:82:CB:D5:FA:A1:23:A9:6E:19:BB:18:94:C7:B7:A9:B7:3E
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/JJZ1gsvV-qEjqW4ZuxiUx7eptz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.206.0/24
IPv6:
2a06:1e86::/32
2a0d:1a41:cafe::/48
2a0d:1a45:666::/48
Signature Algorithm: sha256WithRSAEncryption
83:cc:a3:69:24:86:19:3b:d7:de:5a:f4:df:97:65:d5:75:7b:
fe:73:df:c1:be:fb:d3:6a:b6:cd:3e:11:24:e1:84:fb:4c:a5:
14:d3:18:a0:1c:f8:af:f7:72:1c:af:58:96:6f:79:f3:01:9f:
ab:fa:6c:bc:24:fb:3f:89:b0:41:5a:1e:ae:0a:5e:a0:9f:ba:
00:e6:ff:34:64:4f:50:d1:7a:f6:0f:ba:5b:08:7c:74:fc:aa:
15:99:04:25:ba:05:74:47:08:ae:05:0b:c3:4f:1a:09:6d:88:
eb:a5:28:4c:c6:fe:94:ae:33:17:df:74:fb:02:4d:16:fd:23:
c5:e4:d9:51:6e:d8:17:f7:63:09:9e:92:41:64:0d:79:b3:69:
fe:e5:63:87:3f:b1:22:15:b6:b5:ce:6c:64:f9:27:98:9e:4e:
25:88:2c:12:d1:a0:4b:37:ac:60:64:20:b5:7f:79:30:28:64:
db:f8:85:ec:33:5d:f0:f2:9c:9c:7a:ab:fc:d6:ff:cd:14:e5:
5b:fb:f7:22:2f:13:71:6c:4a:30:97:f3:50:16:f5:ef:e8:7b:
70:e6:f9:1d:fb:1a:0d:ad:6e:cd:11:58:69:b9:83:76:ed:34:
59:b4:ee:93:db:d0:0a:23:13:84:30:fd:bf:10:41:a5:7f:47:
ea:88:af:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGS3qN3t3EKRTQaoa+5Z1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk2NzU4MmNiZDVmYWExMjNhOTZlMTliYjE4OTRjN2I3YTliNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNkwuX+INNPyrySsY6eY6dD6VgC4
yXq2kvEnnHDsA0hQ5GMId1Rrt6HHrGrkWw8+65tAxK6IyOh8L/7PTvGW7IObNa2S
W8P9SCIwmDbZ47b4BAU2I2d+wt87MgRdusjM84WdTUMaUXeI30n9IZ/wyq1kgN0p
RdtDYZRDR3I+OhZ8ykOBuZGAldbin5OW4rhrHoUEQUgIDInZX8xs8SlTjMhJAZuu
33gccnEri7lrUgHh+EFSbyJcgJmXZJJiVoXJgbBlBn3iMm7GcqHOyu+HtzoOOvT3
1gZ35GIs4jTjgDO/f/7zrV+Z5BUDIMXeaLl9Dt+kkkrH/zO5nKwnAt/eWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCSWdYLL1fqhI6luGbsYlMe3qbc+MB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvSkpaMWdzdlYtcUVqcVc0WnV4aVV4N2VwdHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAixzOMB8E
AgACMBkDBQAqBh6GAwcAKg0aQcr+AwcAKg0aRQZmMA0GCSqGSIb3DQEBCwUAA4IB
AQCDzKNpJIYZO9feWvTfl2XVdXv+c9/BvvvTarbNPhEk4YT7TKUU0xigHPiv93Ic
r1iWb3nzAZ+r+my8JPs/ibBBWh6uCl6gn7oA5v80ZE9Q0Xr2D7pbCHx0/KoVmQQl
ugV0RwiuBQvDTxoJbYjrpShMxv6UrjMX33T7Ak0W/SPF5NlRbtgX92MJnpJBZA15
s2n+5WOHP7EiFba1zmxk+SeYnk4liCwS0aBLN6xgZCC1f3kwKGTb+IXsM13w8pyc
eqv81v/NFOVb+/ciLxNxbEowl/NQFvXv6Htw5vkd+xoNrW7NEVhpuYN27TRZtO6T
29AKIxOEMP2/EEGlf0fqiK+g
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:29:24 2024 by rpki-client on console-ams.rpki-client.org