Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/jVzup_KHiGI7PqVdFrKzb-K_1yw.roa
File: jVzup_KHiGI7PqVdFrKzb-K_1yw.roa (raw, json)
Hash identifier: +cjF4+Kf99axiBY1B2VaLb3m4AzNlX8g3h91WAipyUw=
Subject key identifier: 8D:5C:EE:A7:F2:87:88:62:3B:3E:A5:5D:16:B2:B3:6F:E2:BF:D7:2C
Certificate issuer: /CN=19a6046e37c7e2075b41d6fef70d2312303c5f39
Certificate serial: 01923327A505FB158CAEB9CEE0FC77AE7A8A
Authority key identifier: 19:A6:04:6E:37:C7:E2:07:5B:41:D6:FE:F7:0D:23:12:30:3C:5F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/jVzup_KHiGI7PqVdFrKzb-K_1yw.roa
Signing time: Fri 27 Sep 2024 11:04:49 +0000
ROA not before: Fri 27 Sep 2024 11:04:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61371
IP address blocks: 109.95.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:27:a5:05:fb:15:8c:ae:b9:ce:e0:fc:77:ae:7a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a6046e37c7e2075b41d6fef70d2312303c5f39
Validity
Not Before: Sep 27 11:04:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5ceea7f28788623b3ea55d16b2b36fe2bfd72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:16:ab:76:79:8f:cf:c9:a3:cd:98:06:a1:70:
a5:86:d1:bb:19:da:c9:8c:f4:1a:28:3a:53:63:7a:
2f:bc:9c:dd:aa:fb:9d:af:7f:34:3c:b1:4c:3c:06:
a3:9a:74:21:63:d3:fb:f4:b1:1d:11:42:ae:d8:00:
fb:4f:ff:e6:88:a4:d4:47:74:fb:31:d5:f2:f3:11:
62:df:98:a5:42:96:e1:05:e1:01:27:de:f0:a8:11:
60:15:fe:57:b5:2a:cc:52:de:91:c4:7e:92:f8:f3:
e5:3b:56:b4:f8:da:6b:a6:fe:ba:d1:cf:6f:04:1f:
b2:90:60:5c:29:ae:e3:6e:a4:7a:6f:f0:14:0c:91:
dc:1d:ae:39:0a:4b:b6:47:5c:98:d1:1d:0d:8d:54:
94:22:51:56:b0:b3:6e:9b:93:9c:9f:42:aa:ef:65:
2c:b6:f3:86:27:d5:da:f3:56:82:86:d7:14:53:00:
21:7f:4b:79:33:da:9c:8f:33:c2:31:e3:3f:56:06:
4b:89:77:df:bd:b3:d6:b1:72:62:6e:85:8c:11:3e:
61:06:8b:80:94:a7:06:6d:69:2a:f1:b6:4f:1c:32:
3a:e5:95:20:3a:ba:4c:7b:a3:84:d6:a2:01:54:52:
58:7a:43:64:db:3d:c6:7f:e7:31:8a:05:09:58:9c:
07:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:EE:A7:F2:87:88:62:3B:3E:A5:5D:16:B2:B3:6F:E2:BF:D7:2C
X509v3 Authority Key Identifier:
keyid:19:A6:04:6E:37:C7:E2:07:5B:41:D6:FE:F7:0D:23:12:30:3C:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/jVzup_KHiGI7PqVdFrKzb-K_1yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.41.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ab:16:77:62:9c:d9:f0:e5:6c:f9:0d:94:50:29:96:6e:8d:
21:0c:bf:31:a2:b7:45:ed:ff:db:31:d4:65:7f:8d:44:79:45:
f6:ab:e1:4b:90:08:9d:ad:02:5e:82:8b:b2:1e:06:b1:30:ff:
3a:43:4d:1d:fe:91:ab:dd:eb:df:9c:38:d5:5e:41:c7:57:77:
72:a5:8a:7b:26:0b:6c:04:67:53:14:0d:5b:ff:a0:50:ef:8a:
8e:d0:e7:8b:67:4b:75:3d:6a:d0:80:ed:00:5d:32:09:d1:62:
e7:5c:b1:83:d5:d0:60:51:be:5d:12:fc:f3:ca:0b:aa:32:87:
43:b6:88:36:1d:d2:3b:f1:9a:6e:30:c2:fe:16:a4:4b:3d:02:
97:42:24:c7:0b:63:0a:fb:b6:7b:db:73:ac:c7:e4:d9:36:92:
a2:56:0c:f6:ca:16:04:8d:17:57:ef:f2:bb:0d:ca:81:12:28:
f2:3d:00:38:7f:a5:77:6e:30:4d:55:fc:2b:8f:75:dc:4a:b3:
10:fe:a6:2d:ff:39:03:7e:ab:3a:e8:44:46:8f:19:e1:9d:82:
da:7b:5f:0b:ad:26:71:00:17:54:0c:44:04:4d:e6:b7:f3:ce:
14:0e:f2:f4:41:e8:68:41:ad:a8:fe:6c:0f:ca:e6:51:2f:2f:
72:f4:92:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIzJ6UF+xWMrrnO4Px3rnqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTYwNDZlMzdjN2UyMDc1YjQxZDZmZWY3MGQyMzEyMzAz
YzVmMzkwHhcNMjQwOTI3MTEwNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVjZWVhN2YyODc4ODYyM2IzZWE1NWQxNmIyYjM2ZmUyYmZkNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RardnmPz8mjzZgGoXClhtG7GdrJ
jPQaKDpTY3ovvJzdqvudr380PLFMPAajmnQhY9P79LEdEUKu2AD7T//miKTUR3T7
MdXy8xFi35ilQpbhBeEBJ97wqBFgFf5XtSrMUt6RxH6S+PPlO1a0+Nprpv660c9v
BB+ykGBcKa7jbqR6b/AUDJHcHa45Cku2R1yY0R0NjVSUIlFWsLNum5Ocn0Kq72Us
tvOGJ9Xa81aChtcUUwAhf0t5M9qcjzPCMeM/VgZLiXffvbPWsXJiboWMET5hBouA
lKcGbWkq8bZPHDI65ZUgOrpMe6OE1qIBVFJYekNk2z3Gf+cxigUJWJwH/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1c7qfyh4hiOz6lXRays2/iv9csMB8GA1UdIwQY
MBaAFBmmBG43x+IHW0HW/vcNIxIwPF85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FZRWJqZkg0Z2RiUWRiLTl3MGpFakE4WHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83OTllNWMtMTU5NC00MDlmLThjNTQt
M2ZlYzU4NjE0YzRiLzEvalZ6dXBfS0hpR0k3UHFWZEZyS3piLUtfMXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83OTllNWMtMTU5NC00MDlmLThjNTQtM2ZlYzU4NjE0YzRi
LzEvR2FZRWJqZkg0Z2RiUWRiLTl3MGpFakE4WHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbV8pMA0G
CSqGSIb3DQEBCwUAA4IBAQBJqxZ3YpzZ8OVs+Q2UUCmWbo0hDL8xordF7f/bMdRl
f41EeUX2q+FLkAidrQJegouyHgaxMP86Q00d/pGr3evfnDjVXkHHV3dypYp7Jgts
BGdTFA1b/6BQ74qO0OeLZ0t1PWrQgO0AXTIJ0WLnXLGD1dBgUb5dEvzzyguqModD
tog2HdI78ZpuMML+FqRLPQKXQiTHC2MK+7Z723Osx+TZNpKiVgz2yhYEjRdX7/K7
DcqBEijyPQA4f6V3bjBNVfwrj3XcSrMQ/qYt/zkDfqs66ERGjxnhnYLae18LrSZx
ABdUDEQETea3884UDvL0QehoQa2o/mwPyuZRLy9y9JL0
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:53 2024 by rpki-client on console-fra.rpki-client.org