Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/JfolB_n-uhocLHroadb3eMH01kY.roa
File: JfolB_n-uhocLHroadb3eMH01kY.roa (raw, json)
Hash identifier: 6CAx7n70DTBLTZfBnWwtIDvDbee6NypJJmIRn/Ag2cU=
Subject key identifier: 25:FA:25:07:F9:FE:BA:1A:1C:2C:7A:E8:69:D6:F7:78:C1:F4:D6:46
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 018CC94E08552F089ED1947798995824B4FB
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/JfolB_n-uhocLHroadb3eMH01kY.roa
Signing time: Tue 02 Jan 2024 08:33:03 +0000
ROA not before: Tue 02 Jan 2024 08:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207105
IP address blocks: 194.181.47.0/24 maxlen: 24
2001:a10:185::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:08:55:2f:08:9e:d1:94:77:98:99:58:24:b4:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 2 08:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25fa2507f9feba1a1c2c7ae869d6f778c1f4d646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:83:de:10:73:b2:f4:ad:9b:63:65:dc:f1:3f:
5a:b0:6f:07:39:e8:cb:7e:3c:49:50:1e:5c:16:c9:
b0:d0:00:7a:b9:2e:6b:d4:38:e7:88:23:99:0b:c3:
37:c5:36:ce:2a:b4:bb:53:75:e6:13:be:a7:d3:5a:
b5:e8:c4:c5:e2:bb:be:0c:d5:0c:77:9c:77:0c:86:
0a:25:d1:ad:72:4c:74:80:11:0a:3b:71:9e:5b:3a:
e5:29:67:68:a4:f3:ce:87:48:7e:78:f5:52:3f:2c:
70:e0:06:1d:75:11:b4:b4:ae:e4:86:2a:1c:16:55:
69:9e:06:42:0a:c4:1a:69:be:18:5a:52:72:80:ed:
bf:6f:67:4f:5d:4c:48:4d:0a:35:db:d3:58:06:e0:
4e:0c:4b:3f:e8:05:2b:e7:2c:61:0d:1c:31:8b:03:
71:1d:7f:98:75:96:63:70:09:8f:f7:7c:97:33:82:
97:f2:df:08:4a:91:5f:e9:0c:02:45:d0:1c:14:74:
7b:69:99:56:02:aa:b0:1e:90:03:c5:be:b8:f0:21:
e9:5d:26:60:7b:52:45:a8:8c:66:89:31:13:9a:ac:
dd:44:dc:7f:67:2d:74:d8:c5:d8:49:be:1a:9b:a3:
16:60:72:11:95:ce:4d:19:8e:23:03:11:59:ba:a3:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FA:25:07:F9:FE:BA:1A:1C:2C:7A:E8:69:D6:F7:78:C1:F4:D6:46
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/JfolB_n-uhocLHroadb3eMH01kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.181.47.0/24
IPv6:
2001:a10:185::/48
Signature Algorithm: sha256WithRSAEncryption
77:8b:cd:bb:a6:f7:32:e9:29:a4:3a:fe:d2:65:00:c6:f4:c2:
28:2e:d8:32:b6:11:42:28:c6:55:f1:8f:34:a1:8a:6f:49:24:
35:42:4d:f9:26:20:73:ac:1a:a2:b5:f6:a5:33:40:84:b7:0c:
28:f6:df:46:b0:b5:0a:0d:ab:8f:7e:c3:7d:7d:9e:bd:d6:52:
bd:89:95:bd:f5:2d:12:16:e6:e1:85:66:d5:12:ad:4b:ce:b1:
63:3e:d2:21:4c:4c:61:01:01:55:88:7e:b2:a0:2b:62:83:9a:
55:34:05:17:ce:cd:f9:94:2e:b8:f4:0e:94:96:51:be:c9:31:
91:2c:1a:0b:9c:b3:71:9a:6d:fc:ef:2f:1e:2b:2a:36:6b:68:
46:a8:f1:1b:5e:99:bd:28:8b:d6:25:b1:f3:99:eb:66:2e:36:
39:3b:2b:ff:e5:69:94:fc:ca:10:2f:14:9f:e9:88:cf:e0:bd:
69:15:57:15:43:c6:0c:90:62:98:21:57:65:83:f5:4b:c1:59:
90:6b:65:e8:41:b2:df:03:ca:f6:bf:6b:13:08:e5:2e:b0:5d:
c5:23:a6:a0:fa:dc:7d:12:24:b2:20:5d:c2:47:4d:05:a9:bd:
71:7d:d7:6c:38:7c:6d:e0:28:ef:07:fe:b3:6b:8a:1a:b7:b3:
2e:62:41:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTghVLwie0ZR3mJlYJLT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjQwMTAyMDgzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZhMjUwN2Y5ZmViYTFhMWMyYzdhZTg2OWQ2Zjc3OGMxZjRkNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4PeEHOy9K2bY2Xc8T9asG8HOejL
fjxJUB5cFsmw0AB6uS5r1DjniCOZC8M3xTbOKrS7U3XmE76n01q16MTF4ru+DNUM
d5x3DIYKJdGtckx0gBEKO3GeWzrlKWdopPPOh0h+ePVSPyxw4AYddRG0tK7khioc
FlVpngZCCsQaab4YWlJygO2/b2dPXUxITQo129NYBuBODEs/6AUr5yxhDRwxiwNx
HX+YdZZjcAmP93yXM4KX8t8ISpFf6QwCRdAcFHR7aZlWAqqwHpADxb648CHpXSZg
e1JFqIxmiTETmqzdRNx/Zy102MXYSb4am6MWYHIRlc5NGY4jAxFZuqOrvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCX6JQf5/roaHCx66GnW93jB9NZGMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvSmZvbEJfbi11aG9jTEhyb2FkYjNlTUgwMWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwrUvMA8E
AgACMAkDBwAgAQoQAYUwDQYJKoZIhvcNAQELBQADggEBAHeLzbum9zLpKaQ6/tJl
AMb0wigu2DK2EUIoxlXxjzShim9JJDVCTfkmIHOsGqK19qUzQIS3DCj230awtQoN
q49+w319nr3WUr2Jlb31LRIW5uGFZtUSrUvOsWM+0iFMTGEBAVWIfrKgK2KDmlU0
BRfOzfmULrj0DpSWUb7JMZEsGgucs3GabfzvLx4rKjZraEao8Rtemb0oi9YlsfOZ
62YuNjk7K//laZT8yhAvFJ/piM/gvWkVVxVDxgyQYpghV2WD9UvBWZBrZehBst8D
yva/axMI5S6wXcUjpqD63H0SJLIgXcJHTQWpvXF912w4fG3gKO8H/rNrihq3sy5i
QfE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:27:38 2024 by rpki-client on console-ams.rpki-client.org