Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/JVocQaz43ru0EgnrxVAQfCmXIac.roa
File: JVocQaz43ru0EgnrxVAQfCmXIac.roa (raw, json)
Hash identifier: na0YmFEXnbPtyx2psP2QATfD8DCAdLNOIEHuqoBIfB0=
Subject key identifier: 25:5A:1C:41:AC:F8:DE:BB:B4:12:09:EB:C5:50:10:7C:29:97:21:A7
Certificate issuer: /CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Certificate serial: 018CC6B9425A2BE885F83806A371FE947F34
Authority key identifier: 06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/JVocQaz43ru0EgnrxVAQfCmXIac.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56803
IP address blocks: 185.195.71.0/24 maxlen: 24
91.201.56.252/32 maxlen: 32
91.201.56.247/32 maxlen: 32
2a05:ad00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:42:5a:2b:e8:85:f8:38:06:a3:71:fe:94:7f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=255a1c41acf8debbb41209ebc550107c299721a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c2:3a:f1:5e:da:fb:66:77:ab:77:c7:32:2f:
c7:12:58:c2:27:7f:af:22:95:69:05:a8:2a:30:1f:
ce:c1:5f:c9:a2:f8:38:e5:ed:32:16:67:88:c1:fb:
aa:25:83:d2:f7:77:3f:0b:9b:ff:5e:b7:7d:52:ab:
db:80:e6:f8:3d:f4:91:99:2b:ea:3e:d0:ec:d9:e1:
9f:43:1d:aa:65:ce:9b:82:3d:b5:59:08:d9:e3:08:
18:c1:f6:55:57:5b:0c:fb:ef:06:84:32:be:49:a9:
44:06:6e:f5:7c:78:53:d5:d0:5e:a6:15:87:d9:73:
f7:b0:18:28:24:30:59:a8:dc:ff:aa:9a:b3:26:8d:
af:1f:aa:ad:f7:ef:b3:7f:24:8a:b7:d4:69:a6:71:
a0:8c:8f:ab:7a:01:2b:fe:6b:ab:df:2a:2b:a8:d1:
26:37:c1:e0:c5:33:08:59:8f:31:f2:7e:9b:68:fc:
98:7f:6a:5d:45:e4:73:d6:55:4f:2c:b6:58:32:4f:
63:a8:68:a5:25:34:10:0c:41:12:8d:c8:d3:5d:53:
bb:6b:d2:b6:71:98:a3:f9:1a:1f:ed:de:4b:d4:d5:
a7:04:03:42:8d:c1:36:1b:f6:fc:1d:42:f7:d0:52:
d3:fd:c0:a5:07:12:98:10:52:79:2c:f7:af:b5:73:
75:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5A:1C:41:AC:F8:DE:BB:B4:12:09:EB:C5:50:10:7C:29:97:21:A7
X509v3 Authority Key Identifier:
keyid:06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/JVocQaz43ru0EgnrxVAQfCmXIac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.56.247/32
91.201.56.252/32
185.195.71.0/24
IPv6:
2a05:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
3e:4f:77:fd:f4:86:cb:8e:a3:39:15:46:b4:0a:24:b6:71:f8:
4e:d1:aa:ed:76:07:f1:a2:36:bb:7e:a0:21:6f:58:33:f0:a9:
f3:8f:bd:e1:e4:5e:71:37:c0:a8:e0:34:78:b3:f3:91:2a:b1:
3c:80:7e:bc:64:8c:85:bc:f0:91:c6:97:a9:ea:f1:84:81:e3:
f5:d6:96:a4:97:ce:f2:2f:89:f6:81:49:e7:58:09:f4:ca:08:
44:b9:d8:32:99:96:45:09:7b:da:fa:84:01:aa:15:79:95:84:
cc:b2:a9:9a:1a:35:70:f3:4c:c4:7e:53:4c:24:82:d9:04:fe:
a5:bd:10:99:07:7a:6f:57:e5:ff:da:85:f1:0a:93:c7:94:a2:
8d:f6:73:22:68:a7:d5:fe:3b:63:14:fb:bd:0c:ca:76:3e:ff:
62:a8:9e:78:a3:2f:48:e2:89:33:dd:32:5f:f1:83:85:2d:fa:
d7:90:de:3e:85:7a:ef:3e:62:5e:cd:51:10:e3:9d:01:36:18:
b4:e9:5d:af:12:53:d7:dd:04:b4:6f:6d:42:67:99:ed:b4:e9:
3d:b3:d0:e4:bc:ea:55:ed:23:cf:e9:68:32:e6:4c:69:a5:f2:
cf:96:eb:76:43:5a:55:9d:7e:89:64:f3:35:02:f4:a3:fe:b2:
92:f1:55:ee
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGuUJaK+iF+DgGo3H+lH80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGExYzZiMWE2NWY3YTNkOTdmOWJkNzVlN2NhYzMxMzUy
NDZmYTUwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVhMWM0MWFjZjhkZWJiYjQxMjA5ZWJjNTUwMTA3YzI5OTcyMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosI68V7a+2Z3q3fHMi/HEljCJ3+v
IpVpBagqMB/OwV/Jovg45e0yFmeIwfuqJYPS93c/C5v/Xrd9UqvbgOb4PfSRmSvq
PtDs2eGfQx2qZc6bgj21WQjZ4wgYwfZVV1sM++8GhDK+SalEBm71fHhT1dBephWH
2XP3sBgoJDBZqNz/qpqzJo2vH6qt9++zfySKt9RppnGgjI+regEr/mur3yorqNEm
N8HgxTMIWY8x8n6baPyYf2pdReRz1lVPLLZYMk9jqGilJTQQDEESjcjTXVO7a9K2
cZij+Rof7d5L1NWnBANCjcE2G/b8HUL30FLT/cClBxKYEFJ5LPevtXN1+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCVaHEGs+N67tBIJ68VQEHwplyGnMB8GA1UdIwQY
MBaAFAbaHGsaZfej2X+b1158rDE1JG+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjIt
NDVlYjczOGNiOWM4LzEvSlZvY1FhejQzcnUwRWducnhWQVFmQ21YSWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjItNDVlYjczOGNiOWM4
LzEvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwUAW8k49wMF
AFvJOPwDBAC5w0cwDQQCAAIwBwMFAyoFrQAwDQYJKoZIhvcNAQELBQADggEBAD5P
d/30hsuOozkVRrQKJLZx+E7Rqu12B/GiNrt+oCFvWDPwqfOPveHkXnE3wKjgNHiz
85EqsTyAfrxkjIW88JHGl6nq8YSB4/XWlqSXzvIvifaBSedYCfTKCES52DKZlkUJ
e9r6hAGqFXmVhMyyqZoaNXDzTMR+U0wkgtkE/qW9EJkHem9X5f/ahfEKk8eUoo32
cyJop9X+O2MU+70MynY+/2KonnijL0jiiTPdMl/xg4Ut+teQ3j6Feu8+Yl7NURDj
nQE2GLTpXa8SU9fdBLRvbUJnme206T2z0OS86lXtI8/paDLmTGml8s+W63ZDWlWd
folk8zUC9KP+spLxVe4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:26 2024 by rpki-client on console-fra.rpki-client.org