Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jFvlHdKnpnK2uescs6JtLnDOayc.roa
File: jFvlHdKnpnK2uescs6JtLnDOayc.roa (raw, json)
Hash identifier: solmtqrhpOf4+LJvhLRS7NGKvrIkhW0yzs+JQzu9otU=
Subject key identifier: 8C:5B:E5:1D:D2:A7:A6:72:B6:B9:EB:1C:B3:A2:6D:2E:70:CE:6B:27
Certificate issuer: /CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Certificate serial: 018CC56E2E369C14E1E2C468D77AE58A4616
Authority key identifier: 2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jFvlHdKnpnK2uescs6JtLnDOayc.roa
Signing time: Mon 01 Jan 2024 14:29:41 +0000
ROA not before: Mon 01 Jan 2024 14:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202629
IP address blocks: 185.138.183.0/24 maxlen: 24
185.138.180.0/24 maxlen: 24
185.138.180.0/22 maxlen: 24
185.138.182.0/24 maxlen: 24
185.138.181.0/24 maxlen: 24
2a07:b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/L0yd_nsacqVRu6FamZpsGTM__5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/L0yd_nsacqVRu6FamZpsGTM__5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2e:36:9c:14:e1:e2:c4:68:d7:7a:e5:8a:46:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Validity
Not Before: Jan 1 14:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c5be51dd2a7a672b6b9eb1cb3a26d2e70ce6b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:a5:0d:62:4d:22:e3:a4:17:2b:00:80:df:
cc:e4:e6:5f:db:81:35:5b:81:8a:c6:56:7a:c7:c5:
93:1d:3f:3a:e7:b6:3a:56:0b:5e:46:6d:24:2a:34:
35:89:94:41:60:9e:1d:16:b3:9e:c3:46:d7:50:5b:
f6:fa:c2:5a:15:40:36:2f:6d:4d:92:62:e7:50:0d:
6c:1c:6a:58:a4:74:6e:0d:f2:fa:22:f5:f4:d4:a6:
50:1d:ec:92:fa:df:79:16:da:5b:18:94:11:7b:96:
4a:a5:26:ca:a4:ce:58:5f:2a:c2:77:15:e3:07:b0:
f4:b5:72:fd:32:a9:08:17:d1:cc:cd:a0:20:33:da:
b0:3b:b2:1e:01:6f:c7:db:50:fd:c2:eb:38:a5:fe:
11:c1:be:90:c6:94:b2:df:58:8e:a7:37:05:fc:d1:
9f:95:79:db:ef:d8:92:2f:eb:7f:ba:6e:11:a8:38:
9f:99:7c:d1:19:92:1e:2c:1c:ef:40:72:99:32:65:
10:8e:23:4a:18:ec:03:c7:c3:11:6b:7b:2a:c0:09:
5c:79:42:b2:62:27:02:93:d8:dc:c0:4a:51:60:06:
b4:8d:fc:9e:78:68:c9:b6:22:29:90:97:16:d1:b1:
72:74:0a:e1:0d:76:e0:f7:2a:7c:93:12:98:15:f5:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5B:E5:1D:D2:A7:A6:72:B6:B9:EB:1C:B3:A2:6D:2E:70:CE:6B:27
X509v3 Authority Key Identifier:
keyid:2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/jFvlHdKnpnK2uescs6JtLnDOayc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/L0yd_nsacqVRu6FamZpsGTM__5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.180.0/22
IPv6:
2a07:b40::/29
Signature Algorithm: sha256WithRSAEncryption
50:61:e1:b9:fd:19:a7:6b:5d:49:04:f7:9a:9f:d0:37:6b:af:
b4:5d:9f:8a:88:c0:ba:05:d7:21:dc:98:4e:3a:87:1a:1b:1d:
5b:a0:51:78:6f:88:f9:be:f5:e5:36:20:6c:07:23:d4:70:78:
8b:8f:21:a8:eb:62:96:bc:1f:14:87:18:d1:6b:45:4c:d2:38:
bc:21:9f:d6:c0:4a:78:7a:08:3d:11:40:47:d7:64:d1:00:ef:
cd:f4:d9:a3:11:cd:95:a3:d2:56:71:68:c0:f5:48:c2:48:28:
7e:b7:ae:83:1d:bb:86:2e:56:06:d6:1a:24:53:0c:b4:6b:57:
e3:3b:5f:bb:fe:ca:16:c6:0e:c9:b8:0d:e0:8d:ec:50:06:66:
0e:29:23:77:0f:2b:c7:2e:b6:f9:91:6f:e4:63:b2:b4:84:6a:
df:49:19:dd:84:8e:01:b4:69:2e:d1:42:16:0a:27:53:f9:90:
d4:0e:4b:72:4b:6a:71:8a:10:7e:a7:b6:75:88:e6:e1:cf:59:
72:33:37:1d:2b:47:70:f5:32:7a:5b:d7:41:58:b4:ae:78:92:
a0:98:2d:a2:38:90:d5:bc:37:b8:a4:a3:c3:bd:29:c1:73:1f:
74:9d:c1:9d:d2:1e:3a:75:cd:28:0b:10:3c:90:fc:c3:fb:bd:
a8:ef:6c:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbi42nBTh4sRo13rlikYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNGM5ZGZlN2IxYTcyYTU1MWJiYTE1YTk5OWE2YzE5MzMz
ZmZmOTYwHhcNMjQwMTAxMTQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzViZTUxZGQyYTdhNjcyYjZiOWViMWNiM2EyNmQyZTcwY2U2YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2ulDWJNIuOkFysAgN/M5OZf24E1
W4GKxlZ6x8WTHT8657Y6VgteRm0kKjQ1iZRBYJ4dFrOew0bXUFv2+sJaFUA2L21N
kmLnUA1sHGpYpHRuDfL6IvX01KZQHeyS+t95FtpbGJQRe5ZKpSbKpM5YXyrCdxXj
B7D0tXL9MqkIF9HMzaAgM9qwO7IeAW/H21D9wus4pf4Rwb6QxpSy31iOpzcF/NGf
lXnb79iSL+t/um4RqDifmXzRGZIeLBzvQHKZMmUQjiNKGOwDx8MRa3sqwAlceUKy
YicCk9jcwEpRYAa0jfyeeGjJtiIpkJcW0bFydArhDXbg9yp8kxKYFfW2gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIxb5R3Sp6ZytrnrHLOibS5wzmsnMB8GA1UdIwQY
MBaAFC9Mnf57GnKlUbuhWpmabBkzP/+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2Yt
ZTllMzg4ODEyNzUyLzEvakZ2bEhkS25wbksydWVzY3M2SnRMbkRPYXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2YtZTllMzg4ODEyNzUy
LzEvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYq0MA0E
AgACMAcDBQMqBwtAMA0GCSqGSIb3DQEBCwUAA4IBAQBQYeG5/Rmna11JBPean9A3
a6+0XZ+KiMC6Bdch3JhOOocaGx1boFF4b4j5vvXlNiBsByPUcHiLjyGo62KWvB8U
hxjRa0VM0ji8IZ/WwEp4egg9EUBH12TRAO/N9NmjEc2Vo9JWcWjA9UjCSCh+t66D
HbuGLlYG1hokUwy0a1fjO1+7/soWxg7JuA3gjexQBmYOKSN3DyvHLrb5kW/kY7K0
hGrfSRndhI4BtGku0UIWCidT+ZDUDktyS2pxihB+p7Z1iObhz1lyMzcdK0dw9TJ6
W9dBWLSueJKgmC2iOJDVvDe4pKPDvSnBcx90ncGd0h46dc0oCxA8kPzD+72o72wR
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:45 2024 by rpki-client on console-fra.rpki-client.org