Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/jzGTdsvq1G6-oKCC9QFSWwjvVD4.roa
File: jzGTdsvq1G6-oKCC9QFSWwjvVD4.roa (raw, json)
Hash identifier: BxV70NiZk9CUH6DbeSrHB63IEAKrXVLmLXWWTRWc7Ok=
Subject key identifier: 8F:31:93:76:CB:EA:D4:6E:BE:A0:A0:82:F5:01:52:5B:08:EF:54:3E
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0192097CD486E64D5E71BD8E6187CF9C1C64
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/jzGTdsvq1G6-oKCC9QFSWwjvVD4.roa
Signing time: Thu 19 Sep 2024 08:53:48 +0000
ROA not before: Thu 19 Sep 2024 08:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.133.38.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:7c:d4:86:e6:4d:5e:71:bd:8e:61:87:cf:9c:1c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 19 08:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f319376cbead46ebea0a082f501525b08ef543e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ca:7e:e2:79:57:3a:d2:a7:f8:a3:d8:64:0f:
de:c2:e1:77:69:1f:05:65:65:0d:be:69:f6:f7:f8:
08:59:c0:64:5b:69:df:b4:4a:d5:7a:6e:c2:17:95:
e5:b3:4d:87:eb:13:27:12:53:59:42:1c:ad:af:50:
23:4a:62:1a:da:14:08:69:b4:a2:de:a4:ea:94:6c:
51:ae:07:3d:95:a9:44:01:f6:0f:71:18:3b:c2:40:
92:6d:b8:51:4e:ca:ec:80:d4:1c:46:6d:e5:f3:bd:
81:b2:4d:0d:9b:7a:e4:f0:b2:6b:af:72:64:2f:64:
d4:89:22:f6:23:d5:70:76:c1:7e:e4:2b:c9:64:01:
46:fe:ae:1a:b3:4d:3b:cb:d8:fa:7b:9f:91:e7:07:
18:ab:2e:d2:22:c4:81:15:a3:ec:ed:6e:f7:59:c6:
fd:38:0f:77:3c:83:ef:37:2e:6c:0c:b0:6c:94:b1:
e3:e6:a1:40:7c:e5:39:b1:26:5b:8b:40:b0:44:59:
c1:0d:b2:8a:02:ed:29:8d:cd:28:90:c7:22:c0:27:
8a:08:30:86:5e:cd:68:fe:6a:68:01:a4:b5:46:9c:
a7:0e:4a:90:bf:af:69:c5:d1:78:94:84:bd:6a:2e:
98:b5:11:50:9e:2c:98:af:2b:97:39:86:3b:2e:78:
c8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:31:93:76:CB:EA:D4:6E:BE:A0:A0:82:F5:01:52:5B:08:EF:54:3E
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/jzGTdsvq1G6-oKCC9QFSWwjvVD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.38.0/24
185.148.243.0/24
185.169.183.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ea:3c:14:e0:3f:d3:38:8c:7d:e1:f0:11:87:86:b4:8d:dd:
6c:ab:e7:0f:0c:b6:43:f2:d1:99:66:00:57:3c:48:79:09:e6:
fd:34:db:a4:07:7b:31:3a:db:99:33:40:fe:0b:19:5a:ce:50:
91:2f:d3:c9:43:8a:18:ff:9c:8e:5a:80:c6:ae:14:e4:c6:84:
0c:b5:ce:25:e1:33:bd:f7:dc:a3:c3:6a:81:f3:65:55:ae:88:
ce:4a:8a:ab:93:df:91:33:22:04:4f:06:10:bc:60:2f:cd:28:
5f:88:7c:46:cd:49:17:ec:81:17:18:c3:88:c3:67:4d:6c:8c:
34:4b:3d:06:4b:93:6f:28:fe:6c:3d:70:83:9c:55:c2:91:bb:
25:c3:d2:d9:7d:9f:a7:d3:66:cc:4f:9c:06:6b:1a:ef:1a:e1:
61:fc:ab:b0:19:6f:e3:d3:03:e5:3a:de:8b:95:7c:30:a4:73:
52:0e:d1:ab:5c:3d:cf:ae:34:14:f4:4b:b7:1b:d8:7a:63:ed:
f2:76:b4:d4:96:16:9c:83:6b:8f:e8:46:0e:ef:98:80:38:b0:
69:5c:c7:62:5a:80:ed:80:72:8e:1c:b5:54:ec:6e:f5:0b:7c:
a4:45:e4:51:e6:0e:bd:66:d6:fe:d6:d1:8b:63:4f:28:72:5a:
ce:1a:1f:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIJfNSG5k1ecb2OYYfPnBxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwOTE5MDg1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMxOTM3NmNiZWFkNDZlYmVhMGEwODJmNTAxNTI1YjA4ZWY1NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsp+4nlXOtKn+KPYZA/ewuF3aR8F
ZWUNvmn29/gIWcBkW2nftErVem7CF5Xls02H6xMnElNZQhytr1AjSmIa2hQIabSi
3qTqlGxRrgc9lalEAfYPcRg7wkCSbbhRTsrsgNQcRm3l872Bsk0Nm3rk8LJrr3Jk
L2TUiSL2I9VwdsF+5CvJZAFG/q4as007y9j6e5+R5wcYqy7SIsSBFaPs7W73Wcb9
OA93PIPvNy5sDLBslLHj5qFAfOU5sSZbi0CwRFnBDbKKAu0pjc0okMciwCeKCDCG
Xs1o/mpoAaS1RpynDkqQv69pxdF4lIS9ai6YtRFQniyYryuXOYY7LnjI8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI8xk3bL6tRuvqCggvUBUlsI71Q+MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvanpHVGRzdnExRzYtb0tDQzlRRlNXd2p2VkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYUmAwQA
uZTzAwQAuam3AwQAua4UMA0GCSqGSIb3DQEBCwUAA4IBAQA16jwU4D/TOIx94fAR
h4a0jd1sq+cPDLZD8tGZZgBXPEh5Ceb9NNukB3sxOtuZM0D+CxlazlCRL9PJQ4oY
/5yOWoDGrhTkxoQMtc4l4TO999yjw2qB82VVrojOSoqrk9+RMyIETwYQvGAvzShf
iHxGzUkX7IEXGMOIw2dNbIw0Sz0GS5NvKP5sPXCDnFXCkbslw9LZfZ+n02bMT5wG
axrvGuFh/KuwGW/j0wPlOt6LlXwwpHNSDtGrXD3PrjQU9Eu3G9h6Y+3ydrTUlhac
g2uP6EYO75iAOLBpXMdiWoDtgHKOHLVU7G71C3ykReRR5g69Ztb+1tGLY08oclrO
Gh8W
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:10 2024 by rpki-client on console-ams.rpki-client.org