Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jBUxc5WpRwBaQWlMKDAzrSd6QS8.roa
File: jBUxc5WpRwBaQWlMKDAzrSd6QS8.roa (raw, json)
Hash identifier: ElDkmZbjtD8dA6PewuSuacWide/hvU65PgRdtXMpIjs=
Subject key identifier: 8C:15:31:73:95:A9:47:00:5A:41:69:4C:28:30:33:AD:27:7A:41:2F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191CD04B332160E2A24E9240A12DE10AF8B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jBUxc5WpRwBaQWlMKDAzrSd6QS8.roa
Signing time: Sat 07 Sep 2024 15:05:22 +0000
ROA not before: Sat 07 Sep 2024 15:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209945
IP address blocks: 5.182.28.0/22 maxlen: 22
91.201.107.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
185.255.98.0/23 maxlen: 23
195.149.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:04:b3:32:16:0e:2a:24:e9:24:0a:12:de:10:af:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 7 15:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c15317395a947005a41694c283033ad277a412f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bb:cc:0f:18:ac:c9:93:01:b6:56:e7:0e:81:
15:cc:c6:73:90:f1:69:3c:7c:1c:fc:a9:66:95:2c:
53:fe:8e:53:ff:9b:fc:ce:ed:6e:f8:bb:dd:06:32:
8f:2e:d7:dc:e7:2f:71:cc:81:db:98:84:d6:c5:a9:
fb:62:94:db:b6:f9:5c:19:41:57:d4:ca:0f:23:9d:
65:d3:66:fe:9d:b8:34:0a:e9:4b:0e:a1:c2:6c:eb:
60:a0:2e:9b:4b:ed:87:08:c4:d3:7d:0a:0e:98:d6:
64:03:58:2f:13:41:7b:7e:25:1a:4c:9a:db:57:84:
12:5a:3e:ac:e6:9c:17:6e:c6:b5:36:69:de:65:61:
68:ee:0d:79:62:67:ec:5b:d2:fb:c0:e5:94:f4:23:
cf:60:06:29:75:0a:c8:97:38:15:1d:22:de:ff:8a:
67:fb:c6:12:ac:03:fd:70:94:0e:7f:f3:2e:c1:7c:
37:64:2d:d9:6a:c0:22:cd:b2:f7:5a:2c:d6:8d:78:
f3:46:bd:b0:6f:47:ec:b4:f8:a8:32:dd:f3:de:46:
9a:2e:d3:d4:84:40:61:d7:be:c5:1e:d0:ea:2f:18:
77:45:78:83:b9:13:60:0a:7f:6b:97:a1:9e:7d:c8:
d3:3b:26:2c:3e:af:7d:54:9f:7f:86:81:38:94:0f:
a8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:15:31:73:95:A9:47:00:5A:41:69:4C:28:30:33:AD:27:7A:41:2F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jBUxc5WpRwBaQWlMKDAzrSd6QS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
91.201.107.0/24
92.118.108.0/24
185.255.98.0/23
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:7e:6f:a9:dc:bc:78:47:48:c6:e9:1e:e7:d6:41:b1:7d:04:
75:c0:85:01:77:7e:a1:55:95:46:c6:f1:31:4a:6a:2e:9c:81:
8a:40:76:45:7a:7a:94:47:6f:cb:51:f2:54:cb:30:fa:86:bf:
d9:cc:a2:40:a7:11:4b:f1:85:9e:be:01:15:5f:fb:53:8d:2a:
28:2e:03:04:63:03:08:be:d1:c4:25:a2:c6:45:3a:74:1d:8f:
bf:74:23:a4:8f:88:2e:4f:d7:8a:da:03:a2:e3:64:72:5e:41:
bf:dc:e6:9e:5e:9e:21:74:4c:a6:c6:74:4c:30:6a:ce:8f:b7:
c8:2e:69:1c:7f:a0:c6:37:0d:65:33:c3:b2:69:c5:db:bb:f9:
b0:5d:e9:d5:a9:8a:81:2e:20:bc:2a:df:0a:1e:93:cc:d1:21:
e3:af:50:62:6a:86:08:91:bf:9f:24:e9:83:c6:3a:af:a0:26:
60:5c:38:45:66:e2:db:a7:1b:37:66:8b:ee:0b:61:c3:cb:f2:
b2:de:d7:e3:30:e3:cb:b9:6e:36:f6:74:78:98:a5:c8:5c:4e:
1d:fb:f9:11:19:41:f6:65:7b:bb:2c:ae:92:66:b6:fa:08:e3:
cf:89:47:6b:5c:ea:78:28:ce:41:25:3e:5b:2d:5e:81:29:ed:
b9:6f:98:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHNBLMyFg4qJOkkChLeEK+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA3MTUwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE1MzE3Mzk1YTk0NzAwNWE0MTY5NGMyODMwMzNhZDI3N2E0MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LvMDxisyZMBtlbnDoEVzMZzkPFp
PHwc/KlmlSxT/o5T/5v8zu1u+LvdBjKPLtfc5y9xzIHbmITWxan7YpTbtvlcGUFX
1MoPI51l02b+nbg0CulLDqHCbOtgoC6bS+2HCMTTfQoOmNZkA1gvE0F7fiUaTJrb
V4QSWj6s5pwXbsa1NmneZWFo7g15YmfsW9L7wOWU9CPPYAYpdQrIlzgVHSLe/4pn
+8YSrAP9cJQOf/MuwXw3ZC3ZasAizbL3WizWjXjzRr2wb0fstPioMt3z3kaaLtPU
hEBh177FHtDqLxh3RXiDuRNgCn9rl6GefcjTOyYsPq99VJ9/hoE4lA+o9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIwVMXOVqUcAWkFpTCgwM60nekEvMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvakJVeGM1V3BSd0JhUVdsTUtEQXpyU2Q2UVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBbYcAwQA
W8lrAwQAXHZsAwQBuf9iAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQBrfm+p3Lx4
R0jG6R7n1kGxfQR1wIUBd36hVZVGxvExSmounIGKQHZFenqUR2/LUfJUyzD6hr/Z
zKJApxFL8YWevgEVX/tTjSooLgMEYwMIvtHEJaLGRTp0HY+/dCOkj4guT9eK2gOi
42RyXkG/3OaeXp4hdEymxnRMMGrOj7fILmkcf6DGNw1lM8OyacXbu/mwXenVqYqB
LiC8Kt8KHpPM0SHjr1BiaoYIkb+fJOmDxjqvoCZgXDhFZuLbpxs3ZovuC2HDy/Ky
3tfjMOPLuW429nR4mKXIXE4d+/kRGUH2ZXu7LK6SZrb6COPPiUdrXOp4KM5BJT5b
LV6BKe25b5hO
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:12 2024 by rpki-client on console-ams.rpki-client.org