Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/jt5PCWDmWLz99gs1XurhbIP0KKs.roa
File: jt5PCWDmWLz99gs1XurhbIP0KKs.roa (raw, json)
Hash identifier: EQqxtT3B0wwAcCr0rNM8cudmvjZdzAe/f6KzD4oYE8g=
Subject key identifier: 8E:DE:4F:09:60:E6:58:BC:FD:F6:0B:35:5E:EA:E1:6C:83:F4:28:AB
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 0191C8581AC03DB137EB6F8EC40F02FB5FB2
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/jt5PCWDmWLz99gs1XurhbIP0KKs.roa
Signing time: Fri 06 Sep 2024 17:18:22 +0000
ROA not before: Fri 06 Sep 2024 17:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39409
IP address blocks: 37.153.156.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2001:678:20c::/48 maxlen: 48
2001:678:d58::/48 maxlen: 48
2a10:9906::/48 maxlen: 48
2a10:9906:1001::/48 maxlen: 48
2a10:9906:1002::/48 maxlen: 48
2a10:9906:3010::/48 maxlen: 48
2a10:9906:3020::/48 maxlen: 48
2a10:9906:3050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:58:1a:c0:3d:b1:37:eb:6f:8e:c4:0f:02:fb:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Sep 6 17:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ede4f0960e658bcfdf60b355eeae16c83f428ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:b3:9a:28:ab:dd:a8:90:0a:d4:cb:37:a4:
f9:4f:92:47:e7:07:68:2b:13:5d:d2:20:e4:f4:f9:
df:e8:61:54:27:ad:72:b9:f6:cc:76:2b:43:12:e9:
15:50:d9:ec:08:c8:7a:8c:78:30:1b:d8:99:bc:38:
b4:e6:77:b4:8a:c9:88:69:24:ad:9a:26:bf:4c:33:
fe:de:4f:aa:08:91:2f:ce:57:ec:30:40:5c:b3:2d:
6c:3f:a3:10:2a:6b:55:3d:f7:b7:4f:2d:f5:4b:db:
e5:1a:1d:50:5a:b5:eb:cd:14:92:ad:4d:8a:4e:d1:
4a:4a:b6:07:9a:40:b0:23:51:59:ec:0f:9c:a5:a5:
ca:ea:1c:14:f0:06:d3:f7:0c:fa:ea:6e:e8:9b:22:
b7:b4:1b:f2:3d:14:1f:6f:46:77:e1:5f:71:e7:10:
9a:cf:3b:d4:20:50:67:36:1b:c3:6e:03:b8:e2:8a:
db:1e:3a:d9:fc:ce:a0:e6:60:6e:d7:1f:40:c1:03:
d7:45:a1:0c:6f:71:36:21:b3:1b:5d:d4:a8:dc:f8:
da:88:62:da:e8:eb:d6:03:ed:db:cd:9e:e1:20:15:
9b:5a:20:cd:0d:14:60:4b:a0:12:1f:9c:0f:f4:14:
97:48:3b:72:a2:ba:ca:4f:07:39:36:b6:0a:58:ca:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DE:4F:09:60:E6:58:BC:FD:F6:0B:35:5E:EA:E1:6C:83:F4:28:AB
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/jt5PCWDmWLz99gs1XurhbIP0KKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
185.216.8.0/24
IPv6:
2001:678:20c::/48
2001:678:d58::/48
2a10:9906::/48
2a10:9906:1001::-2a10:9906:1002:ffff:ffff:ffff:ffff:ffff
2a10:9906:3010::/48
2a10:9906:3020::/48
2a10:9906:3050::/48
Signature Algorithm: sha256WithRSAEncryption
1c:34:7d:96:9b:75:bb:06:26:0b:34:dc:21:a2:de:e1:58:47:
41:97:09:f6:ee:c4:85:2a:b8:76:66:23:9a:3b:07:04:db:9e:
1c:b8:84:5a:27:da:11:5d:9a:69:c7:57:d6:e1:64:74:97:5b:
79:5e:27:78:f2:88:0c:20:cf:41:50:8e:b0:67:43:03:9c:ef:
96:3c:93:76:10:c5:da:01:5f:bd:0d:17:13:f0:71:01:13:a3:
0c:97:72:f7:26:66:ae:c9:a8:f7:17:63:c3:ef:9c:21:ee:42:
f5:27:1f:e2:fb:2a:c1:fc:51:1b:51:b0:c5:cb:7c:28:c6:a1:
0f:43:02:25:6a:bb:eb:2d:5a:35:6d:a0:71:b1:fc:bd:73:2a:
5f:23:9f:b1:ca:92:39:34:11:b5:92:e3:61:32:0a:d1:59:83:
39:f2:54:a8:23:3a:d7:a5:ea:d8:a3:d3:4e:7d:89:ec:f3:60:
17:d4:ce:2f:4a:e5:b0:f3:77:dc:be:9c:d5:1a:c3:88:41:82:
3e:bf:fe:06:4a:ad:a2:08:e5:81:4a:6c:46:69:16:a5:45:d8:
73:61:d8:4b:37:ae:63:a7:a2:8e:2f:af:f1:21:8c:34:8a:1a:
27:fa:0e:fd:40:4f:2e:79:e6:e5:3e:3b:94:95:f9:f0:74:d1:
3c:91:d5:b1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZHIWBrAPbE362+OxA8C+1+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjQwOTA2MTcxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWRlNGYwOTYwZTY1OGJjZmRmNjBiMzU1ZWVhZTE2YzgzZjQyOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZezmiir3aiQCtTLN6T5T5JH5wdo
KxNd0iDk9Pnf6GFUJ61yufbMditDEukVUNnsCMh6jHgwG9iZvDi05ne0ismIaSSt
mia/TDP+3k+qCJEvzlfsMEBcsy1sP6MQKmtVPfe3Ty31S9vlGh1QWrXrzRSSrU2K
TtFKSrYHmkCwI1FZ7A+cpaXK6hwU8AbT9wz66m7omyK3tBvyPRQfb0Z34V9x5xCa
zzvUIFBnNhvDbgO44orbHjrZ/M6g5mBu1x9AwQPXRaEMb3E2IbMbXdSo3PjaiGLa
6OvWA+3bzZ7hIBWbWiDNDRRgS6ASH5wP9BSXSDtyorrKTwc5NrYKWMo3fwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFI7eTwlg5li8/fYLNV7q4WyD9CirMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvanQ1UENXRG1XTHo5OWdzMVh1cmhiSVAwS0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjASBAIAATAMAwQAJZmcAwQA
udgIMFAEAgACMEoDBwAgAQZ4AgwDBwAgAQZ4DVgDBwAqEJkGAAAwEgMHACoQmQYQ
AQMHACoQmQYQAgMHACoQmQYwEAMHACoQmQYwIAMHACoQmQYwUDANBgkqhkiG9w0B
AQsFAAOCAQEAHDR9lpt1uwYmCzTcIaLe4VhHQZcJ9u7EhSq4dmYjmjsHBNueHLiE
WifaEV2aacdX1uFkdJdbeV4nePKIDCDPQVCOsGdDA5zvljyTdhDF2gFfvQ0XE/Bx
AROjDJdy9yZmrsmo9xdjw++cIe5C9Scf4vsqwfxRG1Gwxct8KMahD0MCJWq76y1a
NW2gcbH8vXMqXyOfscqSOTQRtZLjYTIK0VmDOfJUqCM616Xq2KPTTn2J7PNgF9TO
L0rlsPN33L6c1RrDiEGCPr/+BkqtogjlgUpsRmkWpUXYc2HYSzeuY6eiji+v8SGM
NIoaJ/oO/UBPLnnm5T47lJX58HTRPJHVsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:16:03 2024 by rpki-client on console-fra.rpki-client.org