Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/JDgoSG4Gm5mRrsOW6a5reMjHods.roa
File: JDgoSG4Gm5mRrsOW6a5reMjHods.roa (raw, json)
Hash identifier: iIVy15KZVm+4APma0pRDWPbbYPKLU+oi2nxsDe2h62Q=
Subject key identifier: 24:38:28:48:6E:06:9B:99:91:AE:C3:96:E9:AE:6B:78:C8:C7:A1:DB
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018CC6B93F9F37F71E120B2C2F5176E10F89
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/JDgoSG4Gm5mRrsOW6a5reMjHods.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200940
IP address blocks: 213.16.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3f:9f:37:f7:1e:12:0b:2c:2f:51:76:e1:0f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=243828486e069b9991aec396e9ae6b78c8c7a1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:46:5c:78:f3:a2:e0:45:f4:2f:a6:eb:a5:
33:6f:36:1e:e9:4f:e5:52:d2:99:91:37:cf:35:45:
c8:46:56:50:ad:d5:b9:01:13:d9:cf:45:f2:38:a5:
03:5e:00:3d:ea:93:0c:be:1a:eb:d6:4f:f5:69:41:
a2:66:95:42:16:50:97:52:1b:7e:91:f8:2c:6e:90:
8b:33:14:d7:c8:9b:6d:fa:47:1d:61:17:aa:a1:88:
9a:f3:b9:6d:b9:53:40:94:54:eb:c2:51:74:03:f1:
a8:6c:39:b1:4d:aa:35:b3:34:a1:a5:03:fc:45:9a:
b3:2b:73:51:6d:e9:6e:f0:4a:c8:c3:b3:99:8d:9f:
11:3b:e3:05:0f:74:5b:41:b4:c5:53:d3:2c:80:2a:
c7:86:3e:01:3b:31:a7:61:17:de:a9:8c:79:2b:03:
b2:a3:0b:ec:d7:8e:0f:42:ad:9d:04:00:9d:40:cf:
06:e0:86:5f:dd:05:8d:dc:d2:91:30:a1:ee:08:7a:
d6:a5:5f:05:8f:41:b4:8f:96:1f:96:a1:b9:cf:77:
3d:60:6e:57:51:e7:9c:43:98:4b:4e:d3:6c:ee:d6:
e3:ee:dd:1f:9a:9a:73:a9:81:0b:be:92:3c:ce:da:
26:0d:94:f2:c6:2d:62:46:06:63:85:85:fa:49:69:
f3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:38:28:48:6E:06:9B:99:91:AE:C3:96:E9:AE:6B:78:C8:C7:A1:DB
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/JDgoSG4Gm5mRrsOW6a5reMjHods.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.16.92.0/22
Signature Algorithm: sha256WithRSAEncryption
20:f8:12:01:c0:13:79:21:8c:0b:c9:61:40:38:47:13:e9:7e:
83:ee:5f:2b:c4:0b:57:05:13:57:9f:1e:2e:6c:e6:22:bf:0d:
43:f4:ba:9e:5f:56:f4:29:0a:dc:91:5f:20:e1:01:93:d6:b1:
3a:d0:dc:c7:31:a5:05:ea:4a:a3:80:74:e1:08:fa:e5:49:2d:
9a:20:4f:cb:e0:ed:cd:a6:95:c5:91:a7:af:36:55:9e:0d:4f:
79:69:82:6d:16:12:20:de:e0:a9:2d:0a:e3:ad:25:0e:7f:3d:
a4:86:12:8c:b6:e3:00:f4:75:3a:22:dc:21:be:76:d0:8f:be:
01:0e:00:cf:b7:70:a9:ca:36:7e:e0:fd:73:ac:20:04:c5:1b:
31:fb:ff:80:01:41:93:fd:a0:b8:06:cd:c8:c8:d0:d2:24:53:
76:42:c7:5b:cf:10:a0:db:40:4e:36:e9:c6:f7:81:17:64:95:
f2:38:d7:76:56:52:c5:ba:3e:28:a4:e4:1d:77:bf:87:94:cf:
61:68:61:b8:1c:ac:86:57:a9:17:26:ed:6b:ba:08:5f:ea:25:
a0:b2:fa:b6:b4:0f:75:f0:1c:a1:db:98:11:19:4b:a1:6b:ab:
54:5c:c6:3e:44:78:3e:f6:9d:71:8d:a9:88:eb:a7:07:d6:29:
ac:8f:4e:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuT+fN/ceEgssL1F24Q+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDM4Mjg0ODZlMDY5Yjk5OTFhZWMzOTZlOWFlNmI3OGM4YzdhMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6FGXHjzouBF9C+m66UzbzYe6U/l
UtKZkTfPNUXIRlZQrdW5ARPZz0XyOKUDXgA96pMMvhrr1k/1aUGiZpVCFlCXUht+
kfgsbpCLMxTXyJtt+kcdYReqoYia87ltuVNAlFTrwlF0A/GobDmxTao1szShpQP8
RZqzK3NRbelu8ErIw7OZjZ8RO+MFD3RbQbTFU9MsgCrHhj4BOzGnYRfeqYx5KwOy
owvs144PQq2dBACdQM8G4IZf3QWN3NKRMKHuCHrWpV8Fj0G0j5YflqG5z3c9YG5X
UeecQ5hLTtNs7tbj7t0fmppzqYELvpI8ztomDZTyxi1iRgZjhYX6SWnzHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQ4KEhuBpuZka7Dlumua3jIx6HbMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvSkRnb1NHNEdtNW1ScnNPVzZhNXJlTWpIb2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1RBcMA0G
CSqGSIb3DQEBCwUAA4IBAQAg+BIBwBN5IYwLyWFAOEcT6X6D7l8rxAtXBRNXnx4u
bOYivw1D9LqeX1b0KQrckV8g4QGT1rE60NzHMaUF6kqjgHThCPrlSS2aIE/L4O3N
ppXFkaevNlWeDU95aYJtFhIg3uCpLQrjrSUOfz2khhKMtuMA9HU6ItwhvnbQj74B
DgDPt3CpyjZ+4P1zrCAExRsx+/+AAUGT/aC4Bs3IyNDSJFN2QsdbzxCg20BONunG
94EXZJXyONd2VlLFuj4opOQdd7+HlM9haGG4HKyGV6kXJu1rughf6iWgsvq2tA91
8Byh25gRGUuha6tUXMY+RHg+9p1xjamI66cH1imsj07X
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:39 2024 by rpki-client on console-fra.rpki-client.org