Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/JvZ9mhFC5tKUpjgm-iTMKSAdAog.roa
File: JvZ9mhFC5tKUpjgm-iTMKSAdAog.roa (raw, json)
Hash identifier: DHfsqaOu5uYOf2dOc8SDqI0VFfmJZt2kBwKBhvw8zxg=
Subject key identifier: 26:F6:7D:9A:11:42:E6:D2:94:A6:38:26:FA:24:CC:29:20:1D:02:88
Certificate issuer: /CN=dfb8d9140502c9e035305189bf658234db14f54c
Certificate serial: 018CCA99D02B451715DBD682E16D005D62CE
Authority key identifier: DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/JvZ9mhFC5tKUpjgm-iTMKSAdAog.roa
Signing time: Tue 02 Jan 2024 14:35:27 +0000
ROA not before: Tue 02 Jan 2024 14:35:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212175
IP address blocks: 194.110.239.0/24 maxlen: 24
185.225.9.0/24 maxlen: 24
2a12:df40::/29 maxlen: 64
2a10:9e80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 22:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:d0:2b:45:17:15:db:d6:82:e1:6d:00:5d:62:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8d9140502c9e035305189bf658234db14f54c
Validity
Not Before: Jan 2 14:35:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26f67d9a1142e6d294a63826fa24cc29201d0288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:bb:3a:0a:57:69:5b:21:96:08:f7:3d:d6:
b6:54:10:8c:d3:00:87:10:bf:08:81:35:dc:e0:ef:
e2:37:f5:bb:36:9b:6d:96:c8:b3:00:c8:34:87:91:
55:f3:b8:fb:f8:7b:51:8c:2e:e1:15:de:98:23:85:
8a:c4:5c:b9:d3:47:d2:73:0c:15:da:62:5c:04:9f:
d4:ef:e6:2b:64:a7:c9:2a:73:f5:24:a5:b9:a8:6b:
94:6b:00:26:3f:5a:cb:5e:19:6f:01:86:e2:53:5f:
e7:64:69:79:d8:8e:e1:59:3a:43:55:21:98:6b:62:
77:a3:ec:43:c5:86:fa:23:5f:d8:0c:76:07:84:4c:
b1:ab:0c:1a:c6:1f:1c:0b:35:c5:d5:26:4e:7d:32:
69:bd:b0:83:fb:25:db:19:b1:44:08:d3:07:d4:13:
cb:3b:a4:c5:49:a7:b6:da:d4:97:00:d8:d5:26:54:
86:11:cb:56:7a:df:5c:a1:12:05:95:be:2d:c0:8a:
cd:61:78:ed:d6:58:9f:8f:d1:cb:3a:f0:45:3d:91:
76:a8:f5:f8:5a:c4:e1:6c:a6:59:d3:e7:22:e5:4d:
41:e5:56:d1:66:07:7a:ae:51:46:a7:be:2e:6a:dc:
0f:7f:e8:c9:90:5a:53:30:a0:a9:3c:26:2e:ed:4e:
12:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F6:7D:9A:11:42:E6:D2:94:A6:38:26:FA:24:CC:29:20:1D:02:88
X509v3 Authority Key Identifier:
keyid:DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/JvZ9mhFC5tKUpjgm-iTMKSAdAog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.9.0/24
194.110.239.0/24
IPv6:
2a10:9e80::/29
2a12:df40::/29
Signature Algorithm: sha256WithRSAEncryption
1a:20:6f:78:87:bc:37:36:cf:66:d6:3a:1e:b0:25:05:56:53:
96:83:64:dd:d2:26:f6:f6:28:e3:29:32:7c:54:95:0f:61:a3:
f6:17:ec:cc:c9:19:39:7f:da:28:31:d0:70:b9:9f:31:8d:08:
7e:4c:1c:0b:cf:64:2e:ab:20:40:fa:71:8e:20:01:a9:47:e9:
50:57:f2:98:53:7b:cd:a7:8b:95:51:8e:f6:6a:ed:78:d0:45:
74:9a:ef:91:38:b0:19:20:62:05:a0:c3:7b:2a:37:bc:a7:03:
7f:2c:23:be:5d:c5:a9:54:09:67:58:99:b9:f6:e7:d6:e1:b9:
c7:95:65:38:dc:7e:a1:a7:f1:45:4e:70:23:62:db:da:c6:03:
a1:a5:16:27:b8:9e:62:3d:90:f0:cf:f3:c4:fc:6d:af:be:ab:
a4:08:94:8f:ac:e2:bf:ef:90:a2:e4:66:1c:55:df:86:d5:1b:
b8:77:ec:60:45:9d:60:bd:48:ab:5b:d3:8d:48:39:11:83:60:
82:e6:fb:f3:e4:90:bb:fa:62:29:57:31:68:4f:fc:02:ef:5a:
5f:39:5d:90:57:87:93:1a:17:26:10:a3:cf:7c:19:33:43:f0:
ec:5f:78:0b:ee:12:b2:bd:b4:25:09:ef:b5:35:57:7b:11:0d:
09:cd:74:22
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzKmdArRRcV29aC4W0AXWLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhkOTE0MDUwMmM5ZTAzNTMwNTE4OWJmNjU4MjM0ZGIx
NGY1NGMwHhcNMjQwMTAyMTQzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY2N2Q5YTExNDJlNmQyOTRhNjM4MjZmYTI0Y2MyOTIwMWQwMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HW7OgpXaVshlgj3Pda2VBCM0wCH
EL8IgTXc4O/iN/W7NpttlsizAMg0h5FV87j7+HtRjC7hFd6YI4WKxFy500fScwwV
2mJcBJ/U7+YrZKfJKnP1JKW5qGuUawAmP1rLXhlvAYbiU1/nZGl52I7hWTpDVSGY
a2J3o+xDxYb6I1/YDHYHhEyxqwwaxh8cCzXF1SZOfTJpvbCD+yXbGbFECNMH1BPL
O6TFSae22tSXANjVJlSGEctWet9coRIFlb4twIrNYXjt1lifj9HLOvBFPZF2qPX4
WsThbKZZ0+ci5U1B5VbRZgd6rlFGp74uatwPf+jJkFpTMKCpPCYu7U4SdQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCb2fZoRQubSlKY4JvokzCkgHQKIMB8GA1UdIwQY
MBaAFN+42RQFAsngNTBRib9lgjTbFPVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgt
NDFlNzNjMWViYWUxLzEvSnZaOW1oRkM1dEtVcGpnbS1pVE1LU0FkQW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgtNDFlNzNjMWViYWUx
LzEvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAueEJAwQA
wm7vMBQEAgACMA4DBQMqEJ6AAwUDKhLfQDANBgkqhkiG9w0BAQsFAAOCAQEAGiBv
eIe8NzbPZtY6HrAlBVZTloNk3dIm9vYo4ykyfFSVD2Gj9hfszMkZOX/aKDHQcLmf
MY0IfkwcC89kLqsgQPpxjiABqUfpUFfymFN7zaeLlVGO9mrteNBFdJrvkTiwGSBi
BaDDeyo3vKcDfywjvl3FqVQJZ1iZufbn1uG5x5VlONx+oafxRU5wI2Lb2sYDoaUW
J7ieYj2Q8M/zxPxtr76rpAiUj6ziv++QouRmHFXfhtUbuHfsYEWdYL1Iq1vTjUg5
EYNggub78+SQu/piKVcxaE/8Au9aXzldkFeHkxoXJhCjz3wZM0Pw7F94C+4Ssr20
JQnvtTVXexENCc10Ig==
-----END CERTIFICATE-----
Generated at Fri May 17 04:55:27 2024 by rpki-client on console-ams.rpki-client.org