Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/Jquj_zoNFEFcWLZSHua1AR76m1A.roa
File: Jquj_zoNFEFcWLZSHua1AR76m1A.roa (raw, json)
Hash identifier: MAEcH8psAaEIRkat7gG1D2A7dK+lUeqkDacAkGkbm4g=
Subject key identifier: 26:AB:A3:FF:3A:0D:14:41:5C:58:B6:52:1E:E6:B5:01:1E:FA:9B:50
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 018CC3B6D9B0767C60743F9BE5DBCAF06A82
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/Jquj_zoNFEFcWLZSHua1AR76m1A.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42000
IP address blocks: 185.99.68.0/22 maxlen: 22
2a00:1790::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d9:b0:76:7c:60:74:3f:9b:e5:db:ca:f0:6a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26aba3ff3a0d14415c58b6521ee6b5011efa9b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:da:df:7f:da:f3:65:1f:3f:40:3e:4e:05:3d:
0f:f5:b8:f2:e7:81:4f:b7:27:38:0c:f0:cd:e9:f0:
c2:22:cd:e8:62:e8:33:f5:94:fc:1c:7d:98:16:a9:
49:3e:5d:18:e4:2c:d3:95:dd:67:f8:ce:d6:11:ca:
8e:0a:9d:bb:6e:9e:c2:d0:ed:b2:dd:3e:2b:d1:2a:
bd:48:89:a8:6d:35:d0:0b:00:fa:2b:4e:c5:48:72:
ef:ca:54:6f:4a:b7:56:bc:4d:88:1c:08:e4:8a:7d:
67:47:2c:36:23:f8:aa:c2:cf:09:cf:6c:5c:08:c3:
c0:bf:66:b4:95:88:fc:8b:04:6e:45:77:aa:99:ee:
85:16:2f:90:5e:b8:3d:3e:33:da:69:d5:7f:f8:fb:
6c:9b:69:30:38:45:15:1d:92:0c:91:01:d7:f7:fa:
af:95:54:20:ba:9d:55:12:8d:b9:c1:97:e4:9b:17:
70:12:cc:59:87:1f:c1:0d:9b:00:38:b9:02:6f:f9:
8a:85:49:22:8f:31:83:f8:66:38:9f:74:a2:87:3e:
8a:b5:dd:50:c8:62:0c:28:00:12:72:c5:82:6e:9e:
91:13:4e:b8:61:ee:fb:1f:a8:9f:8c:b4:e6:e3:6c:
bb:81:d8:09:21:cc:62:b2:bf:14:30:d5:31:e3:d5:
96:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AB:A3:FF:3A:0D:14:41:5C:58:B6:52:1E:E6:B5:01:1E:FA:9B:50
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/Jquj_zoNFEFcWLZSHua1AR76m1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.68.0/22
IPv6:
2a00:1790::/29
Signature Algorithm: sha256WithRSAEncryption
20:55:b2:cf:90:af:2b:92:d1:24:f2:59:a2:a3:41:ea:b0:2a:
1b:97:37:7e:e3:3f:c7:96:40:e2:b5:b4:1d:b2:9d:0b:5c:07:
7d:47:95:30:6f:32:8e:b3:03:07:5a:c3:74:70:5d:7f:f8:f9:
5e:50:d3:43:9a:d4:0c:23:98:49:43:4f:d0:55:4f:7a:d8:70:
b2:c5:dc:15:45:fb:0b:95:d8:d8:6f:fe:a3:ac:11:02:02:a6:
e4:ff:12:42:f7:7e:07:f5:a5:e1:f7:37:8b:11:f6:b9:06:0c:
0e:e3:56:34:83:4a:7b:ae:92:8b:1e:72:1d:f3:17:20:13:ae:
97:e7:3f:a1:0f:aa:ac:a8:55:5d:87:18:3a:c4:b6:fe:9b:b6:
79:ff:62:be:3f:f3:67:94:03:45:88:fa:50:79:63:d4:3a:67:
e6:a2:f5:14:72:f9:40:10:2c:44:2a:a2:22:9b:4e:68:33:c2:
58:67:a8:06:6c:90:d0:81:85:68:ca:b5:37:a7:3a:3c:b6:de:
21:65:f9:07:d7:10:ef:e6:c3:08:32:57:35:1f:15:fe:e8:b9:
14:9e:ec:d7:0c:ea:8a:81:e8:41:19:ee:e5:32:6f:00:dc:2b:
cd:15:98:33:1c:68:db:71:ca:f4:4c:47:1b:2b:9c:26:e5:b2:
22:94:9e:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDttmwdnxgdD+b5dvK8GqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFiYTNmZjNhMGQxNDQxNWM1OGI2NTIxZWU2YjUwMTFlZmE5YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9rff9rzZR8/QD5OBT0P9bjy54FP
tyc4DPDN6fDCIs3oYugz9ZT8HH2YFqlJPl0Y5CzTld1n+M7WEcqOCp27bp7C0O2y
3T4r0Sq9SImobTXQCwD6K07FSHLvylRvSrdWvE2IHAjkin1nRyw2I/iqws8Jz2xc
CMPAv2a0lYj8iwRuRXeqme6FFi+QXrg9PjPaadV/+Ptsm2kwOEUVHZIMkQHX9/qv
lVQgup1VEo25wZfkmxdwEsxZhx/BDZsAOLkCb/mKhUkijzGD+GY4n3Sihz6Ktd1Q
yGIMKAAScsWCbp6RE064Ye77H6ifjLTm42y7gdgJIcxisr8UMNUx49WWSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCaro/86DRRBXFi2Uh7mtQEe+ptQMB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvSnF1al96b05GRUZjV0xaU0h1YTFBUjc2bTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWNEMA0E
AgACMAcDBQMqABeQMA0GCSqGSIb3DQEBCwUAA4IBAQAgVbLPkK8rktEk8lmio0Hq
sCoblzd+4z/HlkDitbQdsp0LXAd9R5UwbzKOswMHWsN0cF1/+PleUNNDmtQMI5hJ
Q0/QVU962HCyxdwVRfsLldjYb/6jrBECAqbk/xJC934H9aXh9zeLEfa5BgwO41Y0
g0p7rpKLHnId8xcgE66X5z+hD6qsqFVdhxg6xLb+m7Z5/2K+P/NnlANFiPpQeWPU
OmfmovUUcvlAECxEKqIim05oM8JYZ6gGbJDQgYVoyrU3pzo8tt4hZfkH1xDv5sMI
Mlc1HxX+6LkUnuzXDOqKgehBGe7lMm8A3CvNFZgzHGjbccr0TEcbK5wm5bIilJ4z
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:24:50 2024 by rpki-client on console-ams.rpki-client.org