Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa
File: jVS-psEkgmewep4eNpGoff7C6bw.roa (raw, json)
Hash identifier: m/zDWJXSK8D+J8qlT8NdO0YS4EWl56lVQMN30+iwzvQ=
Subject key identifier: 8D:54:BE:A6:C1:24:82:67:B0:7A:9E:1E:36:91:A8:7D:FE:C2:E9:BC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018ED6C56E8C50233D1982E57432687719C1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa
Signing time: Sat 13 Apr 2024 09:24:06 +0000
ROA not before: Sat 13 Apr 2024 09:24:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:c5:6e:8c:50:23:3d:19:82:e5:74:32:68:77:19:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 13 09:24:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d54bea6c1248267b07a9e1e3691a87dfec2e9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2d:68:a2:7f:0e:c2:be:e4:93:ca:7a:5b:3b:
99:e7:1e:06:cd:3b:04:47:90:81:60:f1:c8:c5:9d:
b6:71:f9:fe:a2:e7:73:44:ab:fb:d4:af:9e:b9:22:
62:de:09:2c:29:6a:bb:2e:2d:ba:b9:fe:e4:8e:71:
06:eb:13:fe:c0:a8:ef:39:3b:c5:40:41:05:cc:0b:
af:43:18:fa:54:19:ee:71:49:cf:c8:68:c3:f3:4a:
56:5e:02:3d:d5:f7:6f:8e:40:d1:20:e2:03:9d:54:
1f:51:55:ce:1d:cc:5a:fb:ea:e3:52:a9:87:18:4b:
b3:fb:91:bd:3a:c2:4c:45:65:a3:8d:23:7a:33:7f:
1d:f1:6f:f0:4b:b5:9a:dd:83:1d:c9:37:a4:1b:b6:
3f:48:02:d5:56:ee:fa:91:f5:ee:2d:da:ad:b1:09:
cc:ff:46:c3:c4:63:4e:01:2b:ce:2c:dd:4d:ad:e4:
c1:3f:ac:76:8c:ff:d6:9d:35:bd:90:bd:fb:91:b0:
59:1c:e3:ae:d1:c4:75:38:d8:c2:7e:02:02:de:39:
da:62:4d:d3:e7:27:31:d0:19:7f:75:c1:3a:69:f1:
10:ca:aa:df:6b:b0:7e:fe:73:4a:7d:1a:f1:a3:c5:
4b:05:99:53:6c:a2:bc:b1:e4:e7:4b:5c:1d:ca:25:
f2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:54:BE:A6:C1:24:82:67:B0:7A:9E:1E:36:91:A8:7D:FE:C2:E9:BC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jVS-psEkgmewep4eNpGoff7C6bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.94.170.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:6f:f8:32:dc:a5:97:f3:cf:6b:8a:5f:84:e2:5a:a3:4a:2a:
33:8a:7f:09:80:ca:75:b8:3c:14:42:53:db:13:09:57:ab:25:
21:f1:fd:77:f5:3a:9d:32:fd:7a:f3:42:68:8c:c4:cd:e4:1d:
9c:c9:17:8f:76:31:6e:4e:17:38:e7:82:d7:3d:53:58:8f:8e:
1a:07:84:6b:c6:6d:96:21:61:c3:47:9a:72:e0:3b:39:2e:ad:
d7:39:37:ab:63:93:77:4a:ac:fd:ba:42:25:dd:44:1d:dd:fe:
e0:6d:52:78:db:76:c3:ad:1f:db:ee:d1:78:6f:ba:43:8d:f7:
69:0d:51:cf:62:e9:4e:bd:00:e5:05:1c:e4:75:07:09:a3:c1:
11:74:4f:37:a4:12:f2:cc:31:1a:ec:c3:b6:34:15:77:16:80:
7c:1e:92:6a:1a:a5:c8:b5:46:0e:0f:f3:7f:ae:8e:5f:9c:c5:
a4:3e:9d:bc:d3:d5:1d:d9:66:ce:6f:85:be:6a:96:c5:8f:b6:
8a:0f:cd:ff:c1:ab:32:08:3b:3e:a2:24:e0:bd:ef:c3:20:c5:
d6:96:ed:35:cd:1b:cf:b3:fa:53:46:72:c2:1a:87:67:d9:15:
ff:9c:e3:6b:ee:e6:1e:fd:4f:a4:57:79:84:7a:91:d0:bb:4b:
3a:10:d7:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7WxW6MUCM9GYLldDJodxnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDEzMDkyNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDU0YmVhNmMxMjQ4MjY3YjA3YTllMWUzNjkxYTg3ZGZlYzJlOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy1oon8Owr7kk8p6WzuZ5x4GzTsE
R5CBYPHIxZ22cfn+oudzRKv71K+euSJi3gksKWq7Li26uf7kjnEG6xP+wKjvOTvF
QEEFzAuvQxj6VBnucUnPyGjD80pWXgI91fdvjkDRIOIDnVQfUVXOHcxa++rjUqmH
GEuz+5G9OsJMRWWjjSN6M38d8W/wS7Wa3YMdyTekG7Y/SALVVu76kfXuLdqtsQnM
/0bDxGNOASvOLN1NreTBP6x2jP/WnTW9kL37kbBZHOOu0cR1ONjCfgIC3jnaYk3T
5ycx0Bl/dcE6afEQyqrfa7B+/nNKfRrxo8VLBZlTbKK8seTnS1wdyiXy/wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI1UvqbBJIJnsHqeHjaRqH3+wum8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvalZTLXBzRWtnbWV3ZXA0ZU5wR29mZjdDNmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbVUAwQA
BbVXAwQALV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQCwb/gy3KWX889ril+E4lqjSiozin8JgMp1uDwUQlPbEwlXqyUh8f139Tqd
Mv1680JojMTN5B2cyRePdjFuThc454LXPVNYj44aB4Rrxm2WIWHDR5py4Ds5Lq3X
OTerY5N3Sqz9ukIl3UQd3f7gbVJ423bDrR/b7tF4b7pDjfdpDVHPYulOvQDlBRzk
dQcJo8ERdE83pBLyzDEa7MO2NBV3FoB8HpJqGqXItUYOD/N/ro5fnMWkPp2809Ud
2WbOb4W+apbFj7aKD83/wasyCDs+oiTgve/DIMXWlu01zRvPs/pTRnLCGodn2RX/
nONr7uYe/U+kV3mEepHQu0s6ENf6
-----END CERTIFICATE-----
Generated at Thu Apr 25 12:36:26 2024 by rpki-client on console-fra.rpki-client.org