Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/jgzcxshs5_2lsSpNKLN01jwgTbw.roa
File: jgzcxshs5_2lsSpNKLN01jwgTbw.roa (raw, json)
Hash identifier: zxFtGUv9gtTJouptLoDWkeXrvgIAv2iIL4uylfQJw4M=
Subject key identifier: 8E:0C:DC:C6:C8:6C:E7:FD:A5:B1:2A:4D:28:B3:74:D6:3C:20:4D:BC
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 018CC80127460438663951438C4C88FA87F7
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/jgzcxshs5_2lsSpNKLN01jwgTbw.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202348
IP address blocks: 91.240.89.0/24 maxlen: 24
2a13:141:4::/48 maxlen: 48
2a13:141:2::/48 maxlen: 48
2a13:141:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 01:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:27:46:04:38:66:39:51:43:8c:4c:88:fa:87:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e0cdcc6c86ce7fda5b12a4d28b374d63c204dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7f:ed:72:75:3c:88:7c:2d:c7:20:ab:63:29:
9e:ef:ae:d1:66:eb:2a:75:1d:00:63:ab:fd:f8:54:
0f:59:f5:be:d2:51:4e:74:28:c5:cc:42:78:4a:2a:
d5:a0:8d:f3:ca:ff:57:ac:15:f2:18:26:02:20:77:
77:d9:ad:1f:e6:f1:28:7b:c5:22:60:53:30:a0:0d:
e2:e5:cc:87:ae:5a:b8:b9:96:45:c9:2d:e5:99:88:
8e:68:f5:5f:64:51:38:b4:03:95:fe:15:d6:ef:84:
a8:45:3b:92:b5:c2:c3:39:95:cd:9d:3b:5a:48:fa:
16:3d:1c:94:ac:fa:b4:6b:19:19:6e:fe:1c:41:fc:
a3:75:81:3a:d1:2d:f5:5d:b1:bb:f1:a3:37:79:d5:
ab:c8:d7:15:d9:99:bd:62:ae:41:7a:4f:fa:55:a0:
be:25:17:96:be:d9:d4:80:3e:51:70:b5:70:e8:7b:
2f:22:b7:e0:37:d9:2a:37:d7:65:88:41:09:bd:d6:
98:6d:db:1b:c1:36:c3:6d:f8:8b:3b:3f:51:11:b4:
39:0e:25:02:59:3f:03:1c:a5:8d:e6:76:e0:1c:a8:
45:da:aa:6b:f2:53:1b:68:82:42:c1:a8:d3:e9:e8:
1a:6d:d3:55:a2:af:d2:45:69:76:a9:ef:7b:91:f5:
43:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0C:DC:C6:C8:6C:E7:FD:A5:B1:2A:4D:28:B3:74:D6:3C:20:4D:BC
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/jgzcxshs5_2lsSpNKLN01jwgTbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.89.0/24
IPv6:
2a13:141:2::/48
2a13:141:4::/48
2a13:141:11::/48
Signature Algorithm: sha256WithRSAEncryption
9e:5c:9a:25:fe:7d:07:20:26:80:0a:6f:8c:9c:a2:03:b3:aa:
bd:ae:ff:c9:6e:b3:89:fd:58:e9:5a:59:01:97:58:63:1f:d4:
ea:5d:73:d8:ed:5f:54:01:b5:ad:43:c8:86:19:aa:2e:01:f4:
47:11:3b:dc:8b:ca:35:79:3f:60:b7:11:09:fc:ff:bb:71:6d:
a7:d6:7c:12:6c:31:3d:ac:94:e1:81:7d:29:b1:70:36:78:e4:
63:f4:aa:7b:c5:fe:51:54:5d:c1:de:65:a0:b3:42:7c:6e:51:
7c:1d:cb:4e:4f:bd:1f:22:07:e8:42:04:43:33:c2:ee:78:bd:
d9:47:a3:63:ef:d9:21:ed:0c:9e:f1:10:06:54:87:e4:c8:94:
4f:61:6d:5c:0f:ef:dc:5c:33:dd:97:86:e6:e7:a0:48:5f:9d:
dd:47:2f:a1:47:db:e6:ae:cb:ff:d0:f9:37:54:5b:56:47:5a:
1d:43:0a:17:66:31:b5:fa:58:37:aa:31:02:ab:2b:12:71:c4:
0c:07:4a:0c:78:f4:8a:cf:d1:29:3c:bd:9e:c4:b6:3d:74:f7:
96:b5:a5:bc:01:b9:ed:33:40:fc:20:d1:37:d2:fd:d0:6c:dd:
a4:09:52:22:2f:26:78:3c:f4:51:3b:0a:fb:ad:2a:4e:6f:77:
4f:84:b4:7f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzIASdGBDhmOVFDjEyI+of3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBjZGNjNmM4NmNlN2ZkYTViMTJhNGQyOGIzNzRkNjNjMjA0ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon/tcnU8iHwtxyCrYyme767RZusq
dR0AY6v9+FQPWfW+0lFOdCjFzEJ4SirVoI3zyv9XrBXyGCYCIHd32a0f5vEoe8Ui
YFMwoA3i5cyHrlq4uZZFyS3lmYiOaPVfZFE4tAOV/hXW74SoRTuStcLDOZXNnTta
SPoWPRyUrPq0axkZbv4cQfyjdYE60S31XbG78aM3edWryNcV2Zm9Yq5Bek/6VaC+
JReWvtnUgD5RcLVw6HsvIrfgN9kqN9dliEEJvdaYbdsbwTbDbfiLOz9REbQ5DiUC
WT8DHKWN5nbgHKhF2qpr8lMbaIJCwajT6egabdNVoq/SRWl2qe97kfVDzwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFI4M3MbIbOf9pbEqTSizdNY8IE28MB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvamd6Y3hzaHM1XzJsc1NwTktMTjAxandnVGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAW/BZMCEE
AgACMBsDBwAqEwFBAAIDBwAqEwFBAAQDBwAqEwFBABEwDQYJKoZIhvcNAQELBQAD
ggEBAJ5cmiX+fQcgJoAKb4ycogOzqr2u/8lus4n9WOlaWQGXWGMf1Opdc9jtX1QB
ta1DyIYZqi4B9EcRO9yLyjV5P2C3EQn8/7txbafWfBJsMT2slOGBfSmxcDZ45GP0
qnvF/lFUXcHeZaCzQnxuUXwdy05PvR8iB+hCBEMzwu54vdlHo2Pv2SHtDJ7xEAZU
h+TIlE9hbVwP79xcM92XhubnoEhfnd1HL6FH2+auy//Q+TdUW1ZHWh1DChdmMbX6
WDeqMQKrKxJxxAwHSgx49IrP0Sk8vZ7Etj1095a1pbwBue0zQPwg0TfS/dBs3aQJ
UiIvJng89FE7CvutKk5vd0+EtH8=
-----END CERTIFICATE-----
Generated at Fri May 3 06:39:05 2024 by rpki-client on console-fra.rpki-client.org