Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jwfrcBCg6MoNhSy3KxKnQj8V_II.roa
File: jwfrcBCg6MoNhSy3KxKnQj8V_II.roa (raw, json)
Hash identifier: z5q2uwN5T07R2skggzSIvtjbYq/0ixhJfTSaucS8h6Y=
Subject key identifier: 8F:07:EB:70:10:A0:E8:CA:0D:85:2C:B7:2B:12:A7:42:3F:15:FC:82
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 018CC7259B260066F58C241EAEC578E847F2
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jwfrcBCg6MoNhSy3KxKnQj8V_II.roa
Signing time: Mon 01 Jan 2024 22:29:39 +0000
ROA not before: Mon 01 Jan 2024 22:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51698
IP address blocks: 91.227.152.0/24 maxlen: 24
91.227.152.0/23 maxlen: 23
91.227.153.0/24 maxlen: 24
178.159.254.0/23 maxlen: 23
178.159.254.0/24 maxlen: 24
178.159.255.0/24 maxlen: 24
185.65.138.0/23 maxlen: 24
178.159.248.0/21 maxlen: 21
178.159.250.0/23 maxlen: 23
178.159.250.0/24 maxlen: 24
178.159.251.0/24 maxlen: 24
178.159.252.0/24 maxlen: 24
178.159.252.0/23 maxlen: 23
178.159.253.0/24 maxlen: 24
178.159.248.0/23 maxlen: 23
185.47.154.0/23 maxlen: 24
2a01:9160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:9b:26:00:66:f5:8c:24:1e:ae:c5:78:e8:47:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Jan 1 22:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f07eb7010a0e8ca0d852cb72b12a7423f15fc82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:b9:c6:e8:6f:45:59:6f:23:48:6e:64:93:
a8:0f:fd:cd:f4:e3:0a:cf:c7:68:fd:66:24:d5:5e:
84:35:05:32:25:62:a1:47:24:a0:fb:d0:de:15:a8:
be:4c:8e:3c:77:4f:af:9e:fa:73:cb:4a:0b:2a:60:
a9:0f:a0:db:47:6f:ae:40:e4:f5:fe:a3:21:2a:15:
7f:e7:00:50:76:a3:1d:3d:7e:5c:9d:dd:c7:93:73:
52:3d:44:1e:4a:cd:f8:68:ae:d9:8b:b0:d8:fa:b4:
6c:a9:95:7c:42:73:9d:6b:1b:6e:26:bb:18:b2:f8:
37:6c:70:50:e0:d8:b0:8a:ec:b9:17:24:ac:f1:7d:
66:10:11:b6:00:a7:77:e9:60:98:6a:3c:fa:56:51:
b6:be:de:7f:8f:06:2c:17:36:c6:46:ee:23:e9:55:
db:45:fd:d2:d9:81:39:67:4e:93:71:d7:03:0f:34:
08:3e:20:46:af:48:57:ab:a0:5e:5e:3b:1d:3c:c0:
85:a4:4f:50:01:f8:c6:18:4e:2b:89:26:db:98:df:
e1:6a:9f:1a:0f:c2:ee:d9:ea:3f:99:90:19:6b:58:
08:f3:b6:0a:af:6c:ec:1d:16:4b:d5:eb:7b:94:ea:
53:90:a4:c2:9b:4c:ca:74:54:f4:b7:8f:3c:be:94:
33:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:07:EB:70:10:A0:E8:CA:0D:85:2C:B7:2B:12:A7:42:3F:15:FC:82
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jwfrcBCg6MoNhSy3KxKnQj8V_II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.152.0/23
178.159.248.0/21
185.47.154.0/23
185.65.138.0/23
IPv6:
2a01:9160::/48
Signature Algorithm: sha256WithRSAEncryption
5d:69:19:f6:20:8e:25:55:9d:a8:8f:af:0b:50:87:a2:29:80:
ad:b9:19:65:06:cd:f1:8a:ee:87:8b:20:36:6c:4d:94:5d:93:
22:fc:9a:db:41:8c:76:cd:6f:72:2f:67:59:4c:04:93:df:86:
09:1c:5c:12:88:dd:20:2e:6d:d1:3d:2d:ab:35:cb:a2:39:2d:
1d:2f:bd:fb:20:7d:ec:8d:6c:39:5b:3c:36:44:82:fe:fa:40:
9f:28:0a:42:f2:a0:bb:cb:2b:d0:7f:c8:6a:d9:85:83:e9:0b:
09:84:25:c0:1b:bc:5a:11:9e:50:62:e1:51:82:2d:b8:1c:cc:
a2:fc:81:d1:d3:1c:f8:75:3a:a4:fb:35:92:ef:cd:c4:e9:23:
14:f9:12:a5:37:46:70:3a:6b:a9:14:a3:f3:a5:61:79:ae:76:
50:1c:53:44:49:c8:ac:91:ec:3b:e1:03:3c:3a:33:e6:b5:a5:
a6:7e:c1:2f:36:69:df:33:1f:80:ea:8d:a6:68:6e:f2:66:7e:
64:34:df:62:c0:37:8e:68:6a:b9:72:36:12:d3:62:1e:93:28:
16:e2:e4:3d:bc:42:63:1f:3a:f5:da:94:df:93:ea:6d:d7:c9:
7d:d3:99:7f:8a:49:23:ff:73:d4:e8:96:71:0c:e8:26:e0:4a:
76:15:8a:cd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHJZsmAGb1jCQersV46EfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjQwMTAxMjIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA3ZWI3MDEwYTBlOGNhMGQ4NTJjYjcyYjEyYTc0MjNmMTVmYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup25xuhvRVlvI0huZJOoD/3N9OMK
z8do/WYk1V6ENQUyJWKhRySg+9DeFai+TI48d0+vnvpzy0oLKmCpD6DbR2+uQOT1
/qMhKhV/5wBQdqMdPX5cnd3Hk3NSPUQeSs34aK7Zi7DY+rRsqZV8QnOdaxtuJrsY
svg3bHBQ4Niwiuy5FySs8X1mEBG2AKd36WCYajz6VlG2vt5/jwYsFzbGRu4j6VXb
Rf3S2YE5Z06TcdcDDzQIPiBGr0hXq6BeXjsdPMCFpE9QAfjGGE4riSbbmN/hap8a
D8Lu2eo/mZAZa1gI87YKr2zsHRZL1et7lOpTkKTCm0zKdFT0t488vpQzQwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFI8H63AQoOjKDYUstysSp0I/FfyCMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvandmcmNCQ2c2TW9OaFN5M0t4S25RajhWX0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBW+OYAwQD
sp/4AwQBuS+aAwQBuUGKMA8EAgACMAkDBwAqAZFgAAAwDQYJKoZIhvcNAQELBQAD
ggEBAF1pGfYgjiVVnaiPrwtQh6IpgK25GWUGzfGK7oeLIDZsTZRdkyL8mttBjHbN
b3IvZ1lMBJPfhgkcXBKI3SAubdE9Las1y6I5LR0vvfsgfeyNbDlbPDZEgv76QJ8o
CkLyoLvLK9B/yGrZhYPpCwmEJcAbvFoRnlBi4VGCLbgczKL8gdHTHPh1OqT7NZLv
zcTpIxT5EqU3RnA6a6kUo/OlYXmudlAcU0RJyKyR7DvhAzw6M+a1paZ+wS82ad8z
H4DqjaZobvJmfmQ032LAN45oarlyNhLTYh6TKBbi5D28QmMfOvXalN+T6m3XyX3T
mX+KSSP/c9TolnEM6CbgSnYVis0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:48 2024 by rpki-client on console-fra.rpki-client.org