Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/jaF60da0Fl3jIXw9_dhqtJjav1g.roa
File: jaF60da0Fl3jIXw9_dhqtJjav1g.roa (raw, json)
Hash identifier: Ky382rtvj6F3LwWfjftIfLrjD63Gs5TyaPj4bT8TSvI=
Subject key identifier: 8D:A1:7A:D1:D6:B4:16:5D:E3:21:7C:3D:FD:D8:6A:B4:98:DA:BF:58
Certificate issuer: /CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Certificate serial: 018E66F438517FE67A841376321C32EDAAE0
Authority key identifier: 24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/jaF60da0Fl3jIXw9_dhqtJjav1g.roa
Signing time: Fri 22 Mar 2024 16:17:44 +0000
ROA not before: Fri 22 Mar 2024 16:17:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207291
IP address blocks: 2.57.236.0/24 maxlen: 24
141.136.40.0/24 maxlen: 24
195.191.140.0/24 maxlen: 24
195.191.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:f4:38:51:7f:e6:7a:84:13:76:32:1c:32:ed:aa:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2453da50e879bba7d7cff4f07d2caa5e9c01087d
Validity
Not Before: Mar 22 16:17:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da17ad1d6b4165de3217c3dfdd86ab498dabf58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:04:8c:b3:d4:92:c7:f4:39:59:16:33:58:ed:
bd:d0:4a:02:d1:1c:07:c7:43:9b:25:b2:44:1b:94:
39:30:33:48:45:29:f1:f0:72:74:90:20:b3:56:48:
13:32:58:13:f7:1a:73:be:a7:b9:4e:5e:d4:bb:16:
e0:06:de:f6:34:10:1a:7d:ee:2a:02:f3:bd:9c:3d:
3f:83:22:38:ea:6b:35:ce:c1:c9:78:4a:d7:b3:1a:
5d:e4:10:54:ee:85:c7:e5:c1:46:5b:9a:5d:38:6e:
c8:d6:a6:2c:ac:6e:a9:c2:a4:94:2d:e6:35:db:e1:
8e:34:49:ec:43:49:3c:b7:cf:fc:8e:66:17:69:7e:
e3:fa:5a:d5:a6:0f:ef:50:d6:d3:d4:80:a0:a0:46:
ec:4c:39:23:14:e6:dd:f3:ec:22:67:b7:14:85:aa:
5f:c2:59:fc:7f:ac:76:d3:1e:cc:c1:92:e1:df:9e:
2f:fa:87:82:12:8d:13:1c:99:99:07:b8:5d:14:58:
97:40:81:7a:4c:7d:7c:fd:7d:07:72:01:c6:63:8d:
fb:f9:90:60:7c:54:8b:ad:14:8d:ac:42:c4:66:d1:
1c:a4:2e:ac:e4:7a:a9:07:72:8e:23:04:b3:e1:6a:
68:1e:bf:4f:62:a8:e3:4e:e0:b6:71:b9:24:01:fa:
cc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A1:7A:D1:D6:B4:16:5D:E3:21:7C:3D:FD:D8:6A:B4:98:DA:BF:58
X509v3 Authority Key Identifier:
keyid:24:53:DA:50:E8:79:BB:A7:D7:CF:F4:F0:7D:2C:AA:5E:9C:01:08:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFPaUOh5u6fXz_TwfSyqXpwBCH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/jaF60da0Fl3jIXw9_dhqtJjav1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f78cf-3260-433b-9e91-e43a52b604ca/1/JFPaUOh5u6fXz_TwfSyqXpwBCH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.236.0/24
141.136.40.0/24
195.191.140.0/24
195.191.176.0/24
Signature Algorithm: sha256WithRSAEncryption
24:48:3d:c0:fd:9b:a6:48:89:76:ae:f8:1b:bd:9d:38:28:24:
78:1b:1a:e5:45:36:e3:67:e2:31:23:7f:76:4e:6a:0c:c6:0f:
bd:55:56:ca:e9:bd:f6:4b:39:d3:4a:40:df:6a:f2:be:c1:52:
3c:46:12:35:d1:94:0b:bf:e1:13:4c:73:cc:a1:0f:e2:b6:63:
21:db:78:8d:21:58:fc:44:32:39:9b:be:38:b9:72:01:76:f5:
85:bf:b2:a0:69:4f:b0:25:94:0b:03:0b:47:ee:7d:9d:07:b6:
13:a2:a3:25:77:1d:96:71:ea:82:b0:de:7e:83:50:0e:77:9e:
06:ca:df:39:6f:53:e7:ad:15:bb:02:2b:3a:14:85:8b:22:7f:
41:c7:5a:5b:57:ec:de:f5:3c:53:41:67:cf:6a:ef:02:9a:40:
0e:cd:8a:94:e6:97:e4:cc:c2:4a:60:e3:bd:6b:99:e5:cc:43:
d7:ff:72:04:1b:ab:a9:f8:67:f6:43:52:7f:bf:3d:bf:95:f4:
4b:d2:ae:21:b0:2b:2b:8f:aa:78:5b:a4:bb:c1:b5:c5:13:91:
ec:54:18:a0:37:4d:a2:65:cd:5c:c7:16:f7:82:73:7e:72:fd:
e6:e1:aa:c7:a2:4d:7f:61:76:8d:4f:35:89:ba:46:8a:17:f4:
d5:98:bd:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5m9DhRf+Z6hBN2Mhwy7argMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTNkYTUwZTg3OWJiYTdkN2NmZjRmMDdkMmNhYTVlOWMw
MTA4N2QwHhcNMjQwMzIyMTYxNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGExN2FkMWQ2YjQxNjVkZTMyMTdjM2RmZGQ4NmFiNDk4ZGFiZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgSMs9SSx/Q5WRYzWO290EoC0RwH
x0ObJbJEG5Q5MDNIRSnx8HJ0kCCzVkgTMlgT9xpzvqe5Tl7UuxbgBt72NBAafe4q
AvO9nD0/gyI46ms1zsHJeErXsxpd5BBU7oXH5cFGW5pdOG7I1qYsrG6pwqSULeY1
2+GONEnsQ0k8t8/8jmYXaX7j+lrVpg/vUNbT1ICgoEbsTDkjFObd8+wiZ7cUhapf
wln8f6x20x7MwZLh354v+oeCEo0THJmZB7hdFFiXQIF6TH18/X0HcgHGY437+ZBg
fFSLrRSNrELEZtEcpC6s5HqpB3KOIwSz4WpoHr9PYqjjTuC2cbkkAfrMiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI2hetHWtBZd4yF8Pf3YarSY2r9YMB8GA1UdIwQY
MBaAFCRT2lDoebun18/08H0sql6cAQh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEt
ZTQzYTUyYjYwNGNhLzEvamFGNjBkYTBGbDNqSVh3OV9kaHF0SmphdjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yZjc4Y2YtMzI2MC00MzNiLTllOTEtZTQzYTUyYjYwNGNh
LzEvSkZQYVVPaDV1NmZYel9Ud2ZTeXFYcHdCQ0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjnsAwQA
jYgoAwQAw7+MAwQAw7+wMA0GCSqGSIb3DQEBCwUAA4IBAQAkSD3A/ZumSIl2rvgb
vZ04KCR4GxrlRTbjZ+IxI392TmoMxg+9VVbK6b32SznTSkDfavK+wVI8RhI10ZQL
v+ETTHPMoQ/itmMh23iNIVj8RDI5m744uXIBdvWFv7KgaU+wJZQLAwtH7n2dB7YT
oqMldx2WceqCsN5+g1AOd54Gyt85b1PnrRW7Ais6FIWLIn9Bx1pbV+ze9TxTQWfP
au8CmkAOzYqU5pfkzMJKYOO9a5nlzEPX/3IEG6up+Gf2Q1J/vz2/lfRL0q4hsCsr
j6p4W6S7wbXFE5HsVBigN02iZc1cxxb3gnN+cv3m4arHok1/YXaNTzWJukaKF/TV
mL2k
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:49 2024 by rpki-client on console-fra.rpki-client.org