Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/JJ70baT2sCrqFpfFsjpE1qYjMqU.roa
File: JJ70baT2sCrqFpfFsjpE1qYjMqU.roa (raw, json)
Hash identifier: 74lzGxjbnJox44nwcMjlRiDztBNS8QXxAyu6GBStlHA=
Subject key identifier: 24:9E:F4:6D:A4:F6:B0:2A:EA:16:97:C5:B2:3A:44:D6:A6:23:32:A5
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 018CC2DB1A65EDC85C49D3B7EA218A8A1FD2
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/JJ70baT2sCrqFpfFsjpE1qYjMqU.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64437
IP address blocks: 37.156.228.0/24 maxlen: 24
37.156.252.0/22 maxlen: 24
37.143.39.0/24 maxlen: 24
5.104.141.0/24 maxlen: 24
5.104.143.0/24 maxlen: 24
5.104.142.0/24 maxlen: 24
185.107.36.0/24 maxlen: 24
185.107.38.0/24 maxlen: 24
212.92.124.0/23 maxlen: 23
89.38.160.0/24 maxlen: 24
37.143.35.0/24 maxlen: 24
37.143.38.0/24 maxlen: 24
185.107.100.0/24 maxlen: 24
185.107.102.0/24 maxlen: 24
185.107.101.0/24 maxlen: 24
185.107.103.0/24 maxlen: 24
176.126.232.0/24 maxlen: 24
176.126.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1a:65:ed:c8:5c:49:d3:b7:ea:21:8a:8a:1f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=249ef46da4f6b02aea1697c5b23a44d6a62332a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:42:2f:51:0e:d3:15:31:8d:49:44:80:45:7f:
be:9c:b6:e0:6f:42:09:97:6e:93:7b:e4:0d:f2:15:
aa:1d:f4:63:ed:f9:11:29:26:81:a3:c2:67:27:00:
b2:d0:de:f6:61:dd:46:06:05:0a:f8:03:0e:9b:3d:
1a:6a:41:d3:d1:29:4d:3e:2d:e8:09:58:82:e2:fe:
02:08:b3:b2:c7:02:6e:5c:76:e6:34:2e:9b:a8:ce:
b1:18:28:e9:81:bb:de:55:b1:bf:d4:ce:1e:c3:3f:
77:79:d8:5e:8c:dc:e5:43:00:5b:17:eb:be:93:00:
c2:ce:ec:35:1e:9a:fa:86:9c:54:ae:d0:5a:03:b0:
2f:53:0f:15:4d:03:0c:cc:8b:f6:07:06:9e:37:ac:
37:bf:91:95:d8:8e:82:5b:0f:52:f8:6a:b1:de:60:
e5:bb:61:5a:fb:1d:5c:b6:a7:e7:32:84:e9:a2:53:
d1:70:5e:b1:6d:a9:fa:87:f8:7d:3d:6e:58:45:4b:
b2:83:9d:75:a0:03:a5:7e:b3:af:bd:b8:cf:e8:19:
f2:36:c1:48:c7:05:8f:22:ad:0a:3c:38:73:bd:87:
27:49:25:d9:df:60:5a:7f:88:51:e4:34:a9:7e:ba:
f9:69:55:a7:9f:3c:0a:2c:ed:ca:d5:3e:42:3c:93:
04:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9E:F4:6D:A4:F6:B0:2A:EA:16:97:C5:B2:3A:44:D6:A6:23:32:A5
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/JJ70baT2sCrqFpfFsjpE1qYjMqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.141.0-5.104.143.255
37.143.35.0/24
37.143.38.0/23
37.156.228.0/24
37.156.252.0/22
89.38.160.0/24
176.126.232.0/23
185.107.36.0/24
185.107.38.0/24
185.107.100.0/22
212.92.124.0/23
Signature Algorithm: sha256WithRSAEncryption
d6:f3:87:c7:ab:e1:f8:3d:0a:6e:b0:e5:8d:ed:00:2e:cc:ff:
3e:82:96:32:a6:0a:b2:30:9e:90:16:f1:1c:c7:7a:da:b4:44:
6f:b7:d1:60:0b:e6:15:0d:df:72:9f:eb:36:94:62:67:78:aa:
36:e9:e3:52:60:0e:10:b5:01:b2:32:1c:6a:cf:7d:74:62:16:
f6:cf:31:88:80:53:b3:f6:76:99:26:0b:ac:ba:92:2a:25:88:
38:2c:94:ab:9e:0c:3d:da:e4:14:ae:84:4f:e5:b4:07:a7:d9:
9d:50:4b:be:55:a9:ab:81:38:0f:66:7a:45:b5:ce:d9:8d:2b:
cf:0e:34:85:43:2b:da:e7:15:ab:25:0b:5d:5c:74:54:11:f8:
1f:27:2f:dc:8d:fe:7f:ed:2e:32:7a:1b:7f:c6:ff:09:2a:8e:
41:03:c8:cd:82:12:62:00:82:ed:9d:67:7c:13:96:7b:07:67:
08:63:13:f4:13:76:a8:ff:79:73:0d:93:2d:ca:d0:b0:05:35:
c1:20:c3:68:da:f0:4b:33:f5:2d:1e:64:cb:e4:53:7e:53:b0:
4c:6d:1a:2c:fb:49:96:5f:c8:50:3d:70:ba:d7:6d:ff:cd:54:
38:66:2e:d1:a3:9f:23:bb:34:15:bb:cb:a6:cf:ae:40:8f:48:
84:45:0e:eb
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzC2xpl7chcSdO36iGKih/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDllZjQ2ZGE0ZjZiMDJhZWExNjk3YzViMjNhNDRkNmE2MjMzMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUIvUQ7TFTGNSUSARX++nLbgb0IJ
l26Te+QN8hWqHfRj7fkRKSaBo8JnJwCy0N72Yd1GBgUK+AMOmz0aakHT0SlNPi3o
CViC4v4CCLOyxwJuXHbmNC6bqM6xGCjpgbveVbG/1M4ewz93edhejNzlQwBbF+u+
kwDCzuw1Hpr6hpxUrtBaA7AvUw8VTQMMzIv2BwaeN6w3v5GV2I6CWw9S+Gqx3mDl
u2Fa+x1ctqfnMoTpolPRcF6xban6h/h9PW5YRUuyg511oAOlfrOvvbjP6BnyNsFI
xwWPIq0KPDhzvYcnSSXZ32Baf4hR5DSpfrr5aVWnnzwKLO3K1T5CPJMEYwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCSe9G2k9rAq6haXxbI6RNamIzKlMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvSko3MGJhVDJzQ3JxRnBmRnNqcEUxcVlqTXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAAFaI0D
BAQFaIADBAAljyMDBAEljyYDBAAlnOQDBAIlnPwDBABZJqADBAGwfugDBAC5ayQD
BAC5ayYDBAK5a2QDBAHUXHwwDQYJKoZIhvcNAQELBQADggEBANbzh8er4fg9Cm6w
5Y3tAC7M/z6CljKmCrIwnpAW8RzHetq0RG+30WAL5hUN33Kf6zaUYmd4qjbp41Jg
DhC1AbIyHGrPfXRiFvbPMYiAU7P2dpkmC6y6kioliDgslKueDD3a5BSuhE/ltAen
2Z1QS75VqauBOA9mekW1ztmNK88ONIVDK9rnFaslC11cdFQR+B8nL9yN/n/tLjJ6
G3/G/wkqjkEDyM2CEmIAgu2dZ3wTlnsHZwhjE/QTdqj/eXMNky3K0LAFNcEgw2ja
8Esz9S0eZMvkU35TsExtGiz7SZZfyFA9cLrXbf/NVDhmLtGjnyO7NBW7y6bPrkCP
SIRFDus=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:21 2024 by rpki-client on console-ams.rpki-client.org