Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/j9zzElU6fVTYo1sPVw3SBG8rzWA.roa
File: j9zzElU6fVTYo1sPVw3SBG8rzWA.roa (raw, json)
Hash identifier: Ns1mYAo+GoQe3TovK07D8Vt3k5SSRo2w0FOPqENRA5U=
Subject key identifier: 8F:DC:F3:12:55:3A:7D:54:D8:A3:5B:0F:57:0D:D2:04:6F:2B:CD:60
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 01920336152AB39F7E95B5C1B2C506A1627D
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/j9zzElU6fVTYo1sPVw3SBG8rzWA.roa
Signing time: Wed 18 Sep 2024 03:38:48 +0000
ROA not before: Wed 18 Sep 2024 03:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8814
IP address blocks: 194.135.152.0/24 maxlen: 24
194.135.153.0/24 maxlen: 24
194.135.154.0/24 maxlen: 24
194.135.155.0/24 maxlen: 24
194.135.156.0/24 maxlen: 24
194.135.157.0/24 maxlen: 24
194.135.158.0/24 maxlen: 24
194.135.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:03:36:15:2a:b3:9f:7e:95:b5:c1:b2:c5:06:a1:62:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Sep 18 03:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fdcf312553a7d54d8a35b0f570dd2046f2bcd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4b:47:d4:fa:00:18:1f:cd:ed:1a:e1:ff:50:
25:9c:52:5f:65:88:5c:65:5f:d2:d8:ba:21:ed:e1:
a1:5e:8a:0c:64:cf:f7:eb:74:d5:36:d2:08:b5:c5:
33:7f:1c:57:7b:15:1f:02:ea:a6:24:5c:e7:e0:59:
c0:b9:23:c8:c7:e0:c7:6b:58:9d:8b:a6:45:30:66:
5d:d8:ae:22:af:f7:5a:77:2f:2e:1f:1f:a6:64:7c:
c4:1b:be:fd:30:70:47:fe:e1:7d:c7:44:27:7c:89:
01:d6:6d:48:57:db:90:91:57:c2:03:45:79:5c:cc:
85:2a:08:21:9f:bc:13:db:cb:79:cd:3d:ab:c2:15:
b5:71:f4:a9:5c:8f:56:de:9c:6b:d7:47:4d:38:51:
47:21:32:cc:e2:cf:80:3a:22:2f:5a:a2:a7:64:a9:
71:44:98:35:46:1b:92:07:81:20:da:af:6d:4b:88:
78:1f:58:d8:3f:cf:e4:46:f6:46:3d:67:d0:cf:cc:
30:81:14:53:db:20:24:16:bb:01:54:08:90:b2:a6:
4b:1f:b6:de:b4:41:b4:c2:6b:e3:cc:4d:85:99:56:
84:ac:b6:fb:5e:b1:6b:8b:c4:b9:77:e2:f1:34:5d:
d0:ff:5e:66:a7:88:46:ed:eb:e8:db:ce:51:18:f4:
c1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DC:F3:12:55:3A:7D:54:D8:A3:5B:0F:57:0D:D2:04:6F:2B:CD:60
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/j9zzElU6fVTYo1sPVw3SBG8rzWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.152.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:32:76:c0:ab:67:9b:f6:de:ad:a5:2b:6f:6e:b3:84:18:60:
bc:0e:da:23:d1:cf:13:b6:3d:10:47:88:53:84:2a:0e:c6:5d:
03:b7:e9:97:98:7b:6d:53:68:61:bc:3b:45:96:e5:07:05:4c:
2c:2c:ed:dd:88:80:ba:66:6b:5f:14:9d:cf:aa:d5:27:85:5a:
7c:6d:4f:f9:6e:23:23:3d:08:dd:a3:c8:f9:36:0e:98:8e:16:
1f:8b:ac:5d:f7:79:b2:f7:19:b2:29:e4:2a:2b:87:8f:66:ed:
d4:f0:f2:a7:e7:dc:cc:70:86:18:7c:01:b1:9c:be:4d:57:3a:
d9:7b:e9:6d:ba:44:7c:20:4c:05:44:51:3f:b1:94:04:89:07:
01:3e:87:43:ad:45:3e:bf:25:51:4c:23:aa:de:0f:dd:3d:7b:
96:c5:a3:b0:9a:d7:4d:ce:5b:bc:e0:80:f8:d9:2d:d3:5d:cc:
1d:bc:ce:eb:aa:a5:eb:18:b6:79:e4:51:44:09:ec:f2:29:14:
19:e2:a0:b2:9c:9d:a4:39:3e:a5:a5:f1:fa:c8:43:8d:6f:19:
63:e9:d7:80:ae:a9:f0:1d:e6:a9:89:ba:7e:07:57:76:41:f7:
80:ef:a0:98:47:6f:dd:ca:97:6c:3f:ca:c4:74:13:12:0c:c9:
7b:51:7a:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIDNhUqs59+lbXBssUGoWJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjQwOTE4MDMzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmRjZjMxMjU1M2E3ZDU0ZDhhMzViMGY1NzBkZDIwNDZmMmJjZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzktH1PoAGB/N7Rrh/1AlnFJfZYhc
ZV/S2Loh7eGhXooMZM/363TVNtIItcUzfxxXexUfAuqmJFzn4FnAuSPIx+DHa1id
i6ZFMGZd2K4ir/dady8uHx+mZHzEG779MHBH/uF9x0QnfIkB1m1IV9uQkVfCA0V5
XMyFKgghn7wT28t5zT2rwhW1cfSpXI9W3pxr10dNOFFHITLM4s+AOiIvWqKnZKlx
RJg1RhuSB4Eg2q9tS4h4H1jYP8/kRvZGPWfQz8wwgRRT2yAkFrsBVAiQsqZLH7be
tEG0wmvjzE2FmVaErLb7XrFri8S5d+LxNF3Q/15mp4hG7evo285RGPTBeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/c8xJVOn1U2KNbD1cN0gRvK81gMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvajl6ekVsVTZmVlRZbzFzUFZ3M1NCRzhyeldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwoeYMA0G
CSqGSIb3DQEBCwUAA4IBAQCrMnbAq2eb9t6tpStvbrOEGGC8Dtoj0c8Ttj0QR4hT
hCoOxl0Dt+mXmHttU2hhvDtFluUHBUwsLO3diIC6ZmtfFJ3PqtUnhVp8bU/5biMj
PQjdo8j5Ng6YjhYfi6xd93my9xmyKeQqK4ePZu3U8PKn59zMcIYYfAGxnL5NVzrZ
e+ltukR8IEwFRFE/sZQEiQcBPodDrUU+vyVRTCOq3g/dPXuWxaOwmtdNzlu84ID4
2S3TXcwdvM7rqqXrGLZ55FFECezyKRQZ4qCynJ2kOT6lpfH6yEONbxlj6deArqnw
Heapibp+B1d2QfeA76CYR2/dypdsP8rEdBMSDMl7UXq6
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:55 2024 by rpki-client on console-fra.rpki-client.org