Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/Jn2lqNsrfbERm_6Vzks0-kD-wrw.roa
File: Jn2lqNsrfbERm_6Vzks0-kD-wrw.roa (raw, json)
Hash identifier: 2T0yV0scCMLbDblagfFzCmeWYVFy8vBWpC3ZN+sMyFw=
Subject key identifier: 26:7D:A5:A8:DB:2B:7D:B1:11:9B:FE:95:CE:4B:34:FA:40:FE:C2:BC
Certificate issuer: /CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
Certificate serial: 018CC8DCE856E0726550930E237B1BA3438D
Authority key identifier: B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/Jn2lqNsrfbERm_6Vzks0-kD-wrw.roa
Signing time: Tue 02 Jan 2024 06:29:29 +0000
ROA not before: Tue 02 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200490
IP address blocks: 185.243.20.0/22 maxlen: 22
2001:67c:22f4::/48 maxlen: 48
2a0c:fe80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/sFoGBOdodvoD5q2Gh_odtsY9OQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/sFoGBOdodvoD5q2Gh_odtsY9OQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 15:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e8:56:e0:72:65:50:93:0e:23:7b:1b:a3:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
Validity
Not Before: Jan 2 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=267da5a8db2b7db1119bfe95ce4b34fa40fec2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:5e:5d:73:fc:d0:de:8d:d6:4c:ff:42:1e:3c:
87:78:4f:ad:97:eb:96:ed:d9:41:a9:82:9f:fe:c0:
07:3f:12:86:9a:50:e7:9a:9a:c9:cb:dd:7e:35:8d:
bc:de:b5:98:43:45:18:7c:d5:39:59:41:91:0a:92:
2e:67:20:7b:b1:96:ab:65:be:c8:8b:2b:d1:8f:a1:
72:aa:60:16:10:f1:d3:0f:7f:5f:3e:a6:d4:86:aa:
20:96:4c:41:f1:69:74:e5:91:3d:ac:bb:6b:d2:43:
31:7c:45:a6:cd:a8:99:68:2f:69:67:b4:97:ec:bb:
b3:3a:1d:dc:a4:70:fb:63:ad:d0:87:81:d7:7e:b8:
7d:78:36:14:7f:be:0f:7c:26:23:e4:18:ab:c7:f8:
8b:86:4f:ae:50:a1:db:ca:e1:81:ff:2a:3e:55:4a:
c2:a2:2c:88:13:25:bd:89:1e:a0:90:3a:7b:37:05:
b3:3f:69:07:07:d9:fc:bf:ed:e5:bf:c0:a6:63:60:
1c:b8:e6:e7:1c:57:43:af:6b:25:f4:cf:ca:d7:b4:
24:a3:7a:c6:48:a1:02:8b:67:53:27:e3:1b:34:08:
48:5d:92:4f:e8:4d:43:b1:37:a5:91:17:bc:ed:b9:
20:31:3f:67:3e:41:2c:c7:4b:55:6d:17:2b:1a:58:
f6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7D:A5:A8:DB:2B:7D:B1:11:9B:FE:95:CE:4B:34:FA:40:FE:C2:BC
X509v3 Authority Key Identifier:
keyid:B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/Jn2lqNsrfbERm_6Vzks0-kD-wrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/sFoGBOdodvoD5q2Gh_odtsY9OQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.20.0/22
IPv6:
2001:67c:22f4::/48
2a0c:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
76:90:ee:72:8b:22:c0:53:9f:f6:80:27:c4:55:29:67:b8:cb:
22:fb:88:d1:7a:1c:eb:7f:9d:d9:2a:5a:61:eb:ab:b4:af:4b:
85:5f:92:45:45:86:e6:3a:07:d8:83:6b:5e:e7:a2:f2:45:43:
87:59:dd:0b:bd:e4:41:47:32:53:4d:4d:94:fd:e2:34:f9:a5:
f2:44:2d:e6:44:4b:79:1f:9d:ab:ae:45:51:a4:db:fd:ce:1a:
a0:69:eb:b1:b6:0d:fd:54:5d:51:f4:89:08:fc:bb:0d:8e:e0:
e6:43:c2:c6:24:7e:41:6b:76:06:64:7b:cd:2d:3d:fd:97:f1:
8e:be:36:24:05:53:9d:67:91:03:4e:e9:6e:71:51:1c:7d:22:
1d:83:0d:75:5b:e7:a1:d2:25:7c:39:68:19:38:5c:2f:04:30:
f9:d1:f0:02:b7:45:a5:4d:5d:26:64:e5:0d:01:8c:37:e3:fd:
af:69:2e:40:46:74:19:0d:f8:bd:ff:51:31:1e:5d:05:d8:c7:
f1:51:82:f9:30:43:1a:cb:32:19:25:b6:84:f4:f6:9a:b9:76:
8d:cc:09:a4:93:56:74:13:fc:09:5f:16:bf:6d:12:33:49:fa:
c2:c5:ea:7d:46:b0:39:f7:be:45:00:16:26:5e:7d:4f:fe:a9:
46:39:03:29
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3OhW4HJlUJMOI3sbo0ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWEwNjA0ZTc2ODc2ZmEwM2U2YWQ4Njg3ZmExZGI2YzYz
ZDM5MDgwHhcNMjQwMTAyMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdkYTVhOGRiMmI3ZGIxMTE5YmZlOTVjZTRiMzRmYTQwZmVjMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9F5dc/zQ3o3WTP9CHjyHeE+tl+uW
7dlBqYKf/sAHPxKGmlDnmprJy91+NY283rWYQ0UYfNU5WUGRCpIuZyB7sZarZb7I
iyvRj6FyqmAWEPHTD39fPqbUhqoglkxB8Wl05ZE9rLtr0kMxfEWmzaiZaC9pZ7SX
7LuzOh3cpHD7Y63Qh4HXfrh9eDYUf74PfCYj5Birx/iLhk+uUKHbyuGB/yo+VUrC
oiyIEyW9iR6gkDp7NwWzP2kHB9n8v+3lv8CmY2AcuObnHFdDr2sl9M/K17Qko3rG
SKECi2dTJ+MbNAhIXZJP6E1DsTelkRe87bkgMT9nPkEsx0tVbRcrGlj2twIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCZ9pajbK32xEZv+lc5LNPpA/sK8MB8GA1UdIwQY
MBaAFLBaBgTnaHb6A+athof6HbbGPTkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZvR0JPZG9kdm9ENXEyR2hfb2R0c1k5T1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MWFhNDktOGI0YS00YzI4LWE1Nzgt
YTYwNTcxN2QzNGFlLzEvSm4ybHFOc3JmYkVSbV82VnprczAta0Qtd3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MWFhNDktOGI0YS00YzI4LWE1NzgtYTYwNTcxN2QzNGFl
LzEvc0ZvR0JPZG9kdm9ENXEyR2hfb2R0c1k5T1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCufMUMBYE
AgACMBADBwAgAQZ8IvQDBQMqDP6AMA0GCSqGSIb3DQEBCwUAA4IBAQB2kO5yiyLA
U5/2gCfEVSlnuMsi+4jRehzrf53ZKlph66u0r0uFX5JFRYbmOgfYg2te56LyRUOH
Wd0LveRBRzJTTU2U/eI0+aXyRC3mREt5H52rrkVRpNv9zhqgaeuxtg39VF1R9IkI
/LsNjuDmQ8LGJH5Ba3YGZHvNLT39l/GOvjYkBVOdZ5EDTulucVEcfSIdgw11W+eh
0iV8OWgZOFwvBDD50fACt0WlTV0mZOUNAYw34/2vaS5ARnQZDfi9/1ExHl0F2Mfx
UYL5MEMayzIZJbaE9PaauXaNzAmkk1Z0E/wJXxa/bRIzSfrCxep9RrA5975FABYm
Xn1P/qlGOQMp
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:07:00 2024 by rpki-client on console-fra.rpki-client.org