Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/JiB3FXwp2QWtIqsnoszc93ADycI.roa
File: JiB3FXwp2QWtIqsnoszc93ADycI.roa (raw, json)
Hash identifier: ZI764dph9CL9w4eK7Sdu3kG8HQl6P3MnmJTq5j604Ac=
Subject key identifier: 26:20:77:15:7C:29:D9:05:AD:22:AB:27:A2:CC:DC:F7:70:03:C9:C2
Certificate issuer: /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial: 018CC9BCC23ACFA1B49338832C546D702034
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/JiB3FXwp2QWtIqsnoszc93ADycI.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199788
IP address blocks: 185.57.40.0/22 maxlen: 22
2a01:5ba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c2:3a:cf:a1:b4:93:38:83:2c:54:6d:70:20:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=262077157c29d905ad22ab27a2ccdcf77003c9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2a:7a:a1:5a:e0:57:80:7d:f5:73:86:f5:fd:
eb:91:3c:cd:69:15:f6:a8:ec:0c:6f:e3:bc:68:f1:
9b:7f:7b:81:58:77:be:4f:8e:0a:8c:5e:a8:91:7a:
7a:74:2c:e2:c3:50:92:1c:e7:4b:88:3e:44:8d:de:
de:ac:7d:9c:7d:7b:36:97:90:65:e1:11:2b:e1:7c:
9f:6b:a0:1f:3a:b0:59:ea:28:73:52:ea:e2:02:a1:
a9:18:5e:08:c7:31:1d:ca:1e:43:29:70:9f:5e:70:
3e:6e:c1:36:8b:c0:4e:db:ed:2d:ac:21:12:c8:3d:
00:01:b9:48:5c:c4:32:cb:13:b6:f5:2d:62:f8:a5:
ee:ab:5b:a1:5b:ba:a9:f6:c4:c6:e6:7f:f4:a1:a9:
d6:85:72:5e:38:75:d5:4f:29:47:19:a7:55:5c:00:
1f:c1:fc:28:35:27:f3:01:5c:ce:65:3d:5a:cf:24:
b4:79:f0:cd:b0:bf:2b:36:a1:10:ae:ef:44:fc:54:
a7:4b:22:15:82:66:eb:d9:d6:53:2f:a2:8c:4b:2d:
88:7d:88:b9:1f:7a:42:b0:44:6c:a7:7f:2b:92:6f:
9f:47:fe:aa:53:87:b2:95:15:0e:03:aa:2f:08:58:
b4:a8:e1:d7:93:9f:4b:78:0d:d2:09:aa:01:25:10:
32:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:20:77:15:7C:29:D9:05:AD:22:AB:27:A2:CC:DC:F7:70:03:C9:C2
X509v3 Authority Key Identifier:
keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/JiB3FXwp2QWtIqsnoszc93ADycI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.40.0/22
IPv6:
2a01:5ba0::/32
Signature Algorithm: sha256WithRSAEncryption
27:b1:ed:4e:61:0d:25:97:97:25:d4:93:bb:48:bb:a0:d7:83:
40:2f:fd:12:f0:08:4c:42:49:fe:15:27:72:3c:3b:cd:62:46:
a1:87:cd:4b:c3:23:c7:9b:85:31:00:ee:93:b3:e9:14:91:15:
64:fd:74:9d:b8:9c:30:65:31:7d:8e:54:46:59:0b:5a:57:74:
44:73:e0:48:ec:c3:49:c0:18:92:3a:4e:29:f8:df:ec:39:f8:
fe:ac:8a:7a:cb:3e:e7:67:19:69:46:b1:28:0b:dc:a2:60:48:
82:79:ee:88:d9:e4:af:c3:b8:9d:84:fc:bc:fc:85:e2:34:05:
e6:94:0d:72:5c:f6:eb:85:52:19:2c:b1:ce:15:a6:f7:42:c4:
96:e3:6d:73:2c:82:00:4b:ce:13:a9:1b:a0:85:d1:ab:96:f3:
af:70:ab:26:90:50:86:5e:62:53:8a:69:06:1b:39:fa:66:84:
57:9e:8c:be:52:ea:b3:1a:be:3a:06:aa:3b:6e:78:fe:13:fc:
9e:8a:7e:58:31:2e:68:47:28:07:14:f2:dc:42:9a:25:a5:d2:
7b:f3:3b:85:c7:95:c9:d8:72:88:32:42:14:bc:ae:57:a3:42:
b8:6d:c7:28:78:74:ce:9e:49:00:0a:d3:8d:6c:4d:92:d4:17:
b0:74:f6:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvMI6z6G0kziDLFRtcCA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIwNzcxNTdjMjlkOTA1YWQyMmFiMjdhMmNjZGNmNzcwMDNjOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCp6oVrgV4B99XOG9f3rkTzNaRX2
qOwMb+O8aPGbf3uBWHe+T44KjF6okXp6dCziw1CSHOdLiD5Ejd7erH2cfXs2l5Bl
4REr4Xyfa6AfOrBZ6ihzUuriAqGpGF4IxzEdyh5DKXCfXnA+bsE2i8BO2+0trCES
yD0AAblIXMQyyxO29S1i+KXuq1uhW7qp9sTG5n/0oanWhXJeOHXVTylHGadVXAAf
wfwoNSfzAVzOZT1azyS0efDNsL8rNqEQru9E/FSnSyIVgmbr2dZTL6KMSy2IfYi5
H3pCsERsp38rkm+fR/6qU4eylRUOA6ovCFi0qOHXk59LeA3SCaoBJRAypwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCYgdxV8KdkFrSKrJ6LM3PdwA8nCMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEvSmlCM0ZYd3AyUVd0SXFzbm9zemM5M0FEeWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTkoMA0E
AgACMAcDBQAqAVugMA0GCSqGSIb3DQEBCwUAA4IBAQAnse1OYQ0ll5cl1JO7SLug
14NAL/0S8AhMQkn+FSdyPDvNYkahh81LwyPHm4UxAO6Ts+kUkRVk/XSduJwwZTF9
jlRGWQtaV3REc+BI7MNJwBiSOk4p+N/sOfj+rIp6yz7nZxlpRrEoC9yiYEiCee6I
2eSvw7idhPy8/IXiNAXmlA1yXPbrhVIZLLHOFab3QsSW421zLIIAS84TqRughdGr
lvOvcKsmkFCGXmJTimkGGzn6ZoRXnoy+UuqzGr46Bqo7bnj+E/yein5YMS5oRygH
FPLcQpolpdJ78zuFx5XJ2HKIMkIUvK5Xo0K4bccoeHTOnkkACtONbE2S1BewdPYx
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:54:02 2024 by rpki-client on console-fra.rpki-client.org