Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JF321FV34j_Iyfuazd4ttZ8TWOk.roa
File: JF321FV34j_Iyfuazd4ttZ8TWOk.roa (raw, json)
Hash identifier: m8wE/wLPtJvsuv6KiGyq7sS1Lc2WOWBAwv1x+baJIXs=
Subject key identifier: 24:5D:F6:D4:55:77:E2:3F:C8:C9:FB:9A:CD:DE:2D:B5:9F:13:58:E9
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0192D2737DA935BA2A07246989E9BD356750
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JF321FV34j_Iyfuazd4ttZ8TWOk.roa
Signing time: Mon 28 Oct 2024 09:27:17 +0000
ROA not before: Mon 28 Oct 2024 09:27:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202592
IP address blocks: 45.12.100.0/22 maxlen: 24
185.96.56.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
2a05:ff00::/29 maxlen: 48
2a07:5b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:73:7d:a9:35:ba:2a:07:24:69:89:e9:bd:35:67:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 28 09:27:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=245df6d45577e23fc8c9fb9acdde2db59f1358e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6e:a4:6c:d0:87:90:60:0b:10:6a:cd:74:c8:
bb:8e:8f:cc:d2:40:82:26:e6:27:8c:e3:b5:4d:5b:
ed:f5:3c:c5:51:5b:e5:9b:91:0d:31:b6:46:3d:2d:
38:8d:6c:77:72:0d:90:83:b4:b8:55:d1:52:f1:2e:
bc:b5:61:5f:38:38:6c:80:a0:50:ce:4a:ba:c9:ab:
9c:09:52:91:b1:08:a8:fb:a5:88:ac:80:40:b0:44:
e4:6f:1e:0b:95:d3:66:84:6a:32:23:1c:a4:fa:d5:
ec:71:d9:78:0a:ce:68:ca:27:10:8a:c9:b0:35:88:
df:2b:34:84:bf:15:be:dd:c6:b9:fb:b8:84:df:62:
2d:24:8d:6a:db:d7:c9:4b:9d:18:54:4e:63:20:4e:
04:d5:58:cd:05:cb:1c:79:1e:d8:ab:22:e4:0a:e2:
b4:75:27:f9:32:c9:1b:d7:b8:e4:e6:ba:85:74:e7:
8f:25:de:44:a6:db:56:2e:a5:f3:54:5d:6d:5a:5f:
b2:8c:b9:6a:de:ed:db:26:54:5b:0a:82:dc:a8:67:
fa:94:66:9f:98:a2:b3:59:cc:bf:12:78:97:13:02:
2c:96:c9:68:43:a8:0f:95:0c:29:ad:35:e4:e7:24:
95:03:1b:52:79:63:cd:7e:4c:c0:b3:20:c6:77:d7:
ae:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5D:F6:D4:55:77:E2:3F:C8:C9:FB:9A:CD:DE:2D:B5:9F:13:58:E9
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JF321FV34j_Iyfuazd4ttZ8TWOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
12:ed:c1:72:a4:6f:4b:e5:79:51:7d:f2:0e:4a:5f:19:ec:2b:
dc:3b:44:76:7f:e3:b7:aa:a2:36:0e:c4:e7:0a:e6:2f:0e:f2:
4b:9b:75:14:2f:43:1c:0d:59:54:84:79:b1:f1:53:b2:a4:d3:
11:5f:3d:35:b5:9a:21:d0:aa:f7:c7:3d:66:a2:64:90:47:bc:
22:6c:58:c7:e4:9d:64:4d:95:f4:a6:97:66:c3:12:59:b6:2a:
f6:b2:03:67:f0:24:96:cd:dc:0f:ed:f9:ee:61:39:d6:9d:3a:
43:eb:16:46:6a:7f:12:60:b2:75:63:78:c1:71:6e:0f:f7:dd:
3c:05:b8:15:22:bf:6c:51:7a:58:9e:6d:5d:52:ff:2d:62:a2:
06:41:7e:ee:fd:d6:83:57:2c:6e:33:18:6e:85:3b:6f:f1:f2:
15:6e:56:bb:5f:57:70:bc:78:38:e2:fb:ae:36:1f:d1:0c:35:
0f:26:9b:9d:5e:ab:f4:dd:c9:e4:5a:54:d7:17:bd:5f:90:99:
5b:62:a8:39:b9:45:19:54:3c:20:51:d3:ee:66:e3:8a:2f:df:
4d:58:bf:4b:f4:e6:8b:48:ad:5a:c8:3e:d3:0b:5a:64:85:c6:
d0:61:30:74:8b:7b:6c:dd:0c:51:3c:18:b9:4a:bc:f8:e0:5f:
50:84:b5:cd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZLSc32pNboqByRpiem9NWdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDI4MDkyNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDVkZjZkNDU1NzdlMjNmYzhjOWZiOWFjZGRlMmRiNTlmMTM1OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W6kbNCHkGALEGrNdMi7jo/M0kCC
JuYnjOO1TVvt9TzFUVvlm5ENMbZGPS04jWx3cg2Qg7S4VdFS8S68tWFfODhsgKBQ
zkq6yaucCVKRsQio+6WIrIBAsETkbx4LldNmhGoyIxyk+tXscdl4Cs5oyicQismw
NYjfKzSEvxW+3ca5+7iE32ItJI1q29fJS50YVE5jIE4E1VjNBcsceR7YqyLkCuK0
dSf5Mskb17jk5rqFdOePJd5EpttWLqXzVF1tWl+yjLlq3u3bJlRbCoLcqGf6lGaf
mKKzWcy/EniXEwIslsloQ6gPlQwprTXk5ySVAxtSeWPNfkzAsyDGd9euzQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCRd9tRVd+I/yMn7ms3eLbWfE1jpMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvSkYzMjFGVjM0al9JeWZ1YXpkNHR0WjhUV09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQxkAwQC
uWA4AwQCuYgQMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAEu3BcqRvS+V5UX3yDkpfGewr3DtEdn/jt6qiNg7E5wrmLw7yS5t1FC9DHA1Z
VIR5sfFTsqTTEV89NbWaIdCq98c9ZqJkkEe8ImxYx+SdZE2V9KaXZsMSWbYq9rID
Z/Akls3cD+357mE51p06Q+sWRmp/EmCydWN4wXFuD/fdPAW4FSK/bFF6WJ5tXVL/
LWKiBkF+7v3Wg1csbjMYboU7b/HyFW5Wu19XcLx4OOL7rjYf0Qw1DyabnV6r9N3J
5FpU1xe9X5CZW2KoOblFGVQ8IFHT7mbjii/fTVi/S/Tmi0itWsg+0wtaZIXG0GEw
dIt7bN0MUTwYuUq8+OBfUIS1zQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:39:43 2024 by rpki-client on console-ams.rpki-client.org