Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/bj2MfnAMygMohk2dqDljyDqFuZ0.roa
File: bj2MfnAMygMohk2dqDljyDqFuZ0.roa (raw, json)
Hash identifier: IhpOiFSXMcsdwHLqp/gcPZ/2tES2whNbujmAr6tzrMQ=
Subject key identifier: 6E:3D:8C:7E:70:0C:CA:03:28:86:4D:9D:A8:39:63:C8:3A:85:B9:9D
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 01904FF3C6DAB25B005F1976F5BD8E2A6CCC
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/bj2MfnAMygMohk2dqDljyDqFuZ0.roa
Signing time: Tue 25 Jun 2024 15:11:34 +0000
ROA not before: Tue 25 Jun 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12570
IP address blocks: 80.78.144.0/20 maxlen: 20
88.83.224.0/19 maxlen: 19
89.190.40.0/21 maxlen: 21
89.190.48.0/20 maxlen: 20
109.105.32.0/19 maxlen: 19
185.8.188.0/22 maxlen: 22
212.4.128.0/19 maxlen: 19
212.96.160.0/19 maxlen: 19
213.211.32.0/19 maxlen: 19
2001:4ba8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:f3:c6:da:b2:5b:00:5f:19:76:f5:bd:8e:2a:6c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jun 25 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e3d8c7e700cca0328864d9da83963c83a85b99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:1b:cd:bd:ce:0a:6b:2f:91:d5:49:a0:10:
1b:6b:c6:d6:9a:1f:cb:11:a0:0a:16:5d:66:ac:4c:
7b:07:bf:2f:f1:10:31:71:14:24:63:95:6e:17:e8:
27:55:2f:af:5c:87:40:be:3b:98:89:f7:c7:71:4e:
67:8b:cc:c2:4a:19:68:84:85:ba:6a:2d:ff:8f:fe:
e3:57:13:5f:30:88:fa:24:9f:4d:88:58:8d:a6:42:
d9:ee:3e:b1:5d:db:59:5c:7f:3d:c0:cc:19:99:15:
58:1e:4d:4c:54:53:a6:73:18:46:54:cd:15:d3:d0:
19:8a:fb:50:2a:90:c6:c9:97:19:7c:2f:ae:85:17:
31:80:41:ba:10:32:16:65:71:56:4d:60:93:76:b2:
b0:4a:36:73:13:d8:80:68:8a:69:fa:ef:d2:fc:c8:
ac:f1:2e:b9:fd:3c:0c:20:33:73:0d:cb:43:e7:d3:
52:e2:1b:d3:ce:9c:cb:ed:6d:3f:09:c9:e5:40:cb:
b3:9d:ab:0f:00:3c:3b:b3:c9:fd:c7:42:99:db:70:
6b:d1:08:e4:82:1c:f3:63:17:4a:ed:d2:19:ae:52:
d6:7c:34:23:51:0a:7b:f7:93:2f:14:0e:f9:8a:7d:
a4:23:60:4c:70:5e:0e:50:7b:5c:49:51:62:0d:16:
53:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3D:8C:7E:70:0C:CA:03:28:86:4D:9D:A8:39:63:C8:3A:85:B9:9D
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/bj2MfnAMygMohk2dqDljyDqFuZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.144.0/20
88.83.224.0/19
89.190.40.0-89.190.63.255
109.105.32.0/19
185.8.188.0/22
212.4.128.0/19
212.96.160.0/19
213.211.32.0/19
IPv6:
2001:4ba8::/29
Signature Algorithm: sha256WithRSAEncryption
42:ff:e9:94:72:c6:91:fb:6b:74:89:17:de:d7:4b:16:4e:95:
b3:b3:a5:c0:65:73:6f:4a:a9:4f:f1:69:a6:b1:76:88:fc:4b:
78:6f:50:8e:7b:29:5c:77:2a:89:d1:5c:70:4f:d8:a8:d7:ef:
34:58:ae:bf:8b:42:70:12:4d:3c:c2:42:8c:28:56:20:d4:11:
08:80:47:e6:45:85:54:64:48:02:23:15:1b:0d:ae:27:ee:0b:
bf:27:3e:02:26:5d:65:6e:fe:47:82:5d:7f:54:9e:c5:22:cf:
d5:89:60:65:28:e9:77:36:bc:20:c8:24:88:48:f6:db:d2:64:
ee:30:20:61:6d:da:a5:54:20:af:96:73:7d:ef:50:da:4c:ba:
0e:54:b5:bc:af:af:1c:90:ee:bb:40:41:6a:5d:c0:6c:17:39:
34:54:6c:d5:4a:92:c3:c3:cb:ec:df:12:61:95:bd:49:84:9d:
cf:c1:46:7d:8c:6d:4e:3a:06:a3:64:03:35:ac:75:8b:92:f0:
d0:ca:e3:ee:70:d4:c1:f6:d3:9e:53:1e:d8:cd:40:fa:42:41:
82:15:f7:38:c4:4b:3d:7e:c5:37:bb:5d:1e:4c:4a:28:86:fb:
b1:f1:b7:c8:81:f5:b2:ae:98:6d:d4:a4:eb:e0:69:3c:a2:2e:
0b:4c:72:6c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZBP88baslsAXxl29b2OKmzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjQwNjI1MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNkOGM3ZTcwMGNjYTAzMjg4NjRkOWRhODM5NjNjODNhODViOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP4bzb3OCmsvkdVJoBAba8bWmh/L
EaAKFl1mrEx7B78v8RAxcRQkY5VuF+gnVS+vXIdAvjuYiffHcU5ni8zCShlohIW6
ai3/j/7jVxNfMIj6JJ9NiFiNpkLZ7j6xXdtZXH89wMwZmRVYHk1MVFOmcxhGVM0V
09AZivtQKpDGyZcZfC+uhRcxgEG6EDIWZXFWTWCTdrKwSjZzE9iAaIpp+u/S/Mis
8S65/TwMIDNzDctD59NS4hvTzpzL7W0/CcnlQMuznasPADw7s8n9x0KZ23Br0Qjk
ghzzYxdK7dIZrlLWfDQjUQp795MvFA75in2kI2BMcF4OUHtcSVFiDRZTGQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG49jH5wDMoDKIZNnag5Y8g6hbmdMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvYmoyTWZuQU15Z01vaGsyZHFEbGp5RHFGdVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQEUE6QAwQF
WFPgMAwDBANZvigDBAZZvgADBAVtaSADBAK5CLwDBAXUBIADBAXUYKADBAXV0yAw
DQQCAAIwBwMFAyABS6gwDQYJKoZIhvcNAQELBQADggEBAEL/6ZRyxpH7a3SJF97X
SxZOlbOzpcBlc29KqU/xaaaxdoj8S3hvUI57KVx3KonRXHBP2KjX7zRYrr+LQnAS
TTzCQowoViDUEQiAR+ZFhVRkSAIjFRsNrifuC78nPgImXWVu/keCXX9UnsUiz9WJ
YGUo6Xc2vCDIJIhI9tvSZO4wIGFt2qVUIK+Wc33vUNpMug5UtbyvrxyQ7rtAQWpd
wGwXOTRUbNVKksPDy+zfEmGVvUmEnc/BRn2MbU46BqNkAzWsdYuS8NDK4+5w1MH2
055THtjNQPpCQYIV9zjESz1+xTe7XR5MSiiG+7Hxt8iB9bKumG3UpOvgaTyiLgtM
cmw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:41 2024 by rpki-client on console-ams.rpki-client.org