Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/JyKHZXYbB6GYnvNzfwt4FsQoSNw.roa
File: JyKHZXYbB6GYnvNzfwt4FsQoSNw.roa (raw, json)
Hash identifier: TZ+/q4tTPqJF89a/HfAm5i/+kzyqA0/H42s3b3xUbgU=
Subject key identifier: 27:22:87:65:76:1B:07:A1:98:9E:F3:73:7F:0B:78:16:C4:28:48:DC
Certificate issuer: /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial: 018CC8DEDA59B6CF46257C4E37656109F059
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/JyKHZXYbB6GYnvNzfwt4FsQoSNw.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 89.28.232.0/21 maxlen: 21
95.130.96.0/21 maxlen: 21
158.255.8.0/21 maxlen: 21
77.93.128.0/19 maxlen: 19
193.27.212.0/23 maxlen: 23
193.189.140.0/24 maxlen: 24
185.101.44.0/22 maxlen: 22
79.99.144.0/22 maxlen: 22
79.99.144.0/21 maxlen: 21
2a00:1c40::/29 maxlen: 29
2a02:6f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:da:59:b6:cf:46:25:7c:4e:37:65:61:09:f0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27228765761b07a1989ef3737f0b7816c42848dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:87:0c:07:eb:15:2c:bf:68:bd:4a:cf:14:7b:
56:cf:d7:46:06:4f:5f:54:09:49:9a:97:ae:6d:68:
f9:19:d2:aa:8e:8d:15:a4:fd:58:1a:b8:7b:30:0a:
58:54:d9:b0:de:9e:14:f4:9e:6b:91:fd:4e:7d:a4:
b9:a4:25:07:1e:d1:79:91:79:04:12:1b:f9:fb:6a:
38:10:46:4a:69:1f:c7:00:33:08:f7:e3:9f:ba:01:
1c:de:4a:cf:3d:2f:c0:b9:0b:e5:2a:4a:d6:ce:03:
ca:91:b0:e6:73:c8:67:6d:ef:24:4d:74:c4:2a:8f:
f7:c0:43:d5:56:79:b0:ef:43:fd:55:10:03:81:24:
90:e3:46:20:15:82:75:89:26:b0:79:b6:57:af:3d:
a0:6a:f1:95:ba:03:28:f8:bc:cf:44:b5:af:e0:97:
bd:81:c8:88:d3:4b:08:74:23:35:04:38:da:77:86:
65:d3:fd:2a:42:49:0d:ac:8d:de:f1:c9:f8:e4:80:
30:d9:88:a4:0a:19:30:a2:6b:35:d3:d1:1c:cf:be:
d7:e9:54:ad:73:64:b0:78:b9:ab:2e:61:4a:73:c5:
3a:83:ef:fb:e1:39:ee:d5:65:8f:bc:8a:f1:95:74:
d9:be:a5:a7:b7:e4:3d:58:de:ce:27:a1:14:02:14:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:22:87:65:76:1B:07:A1:98:9E:F3:73:7F:0B:78:16:C4:28:48:DC
X509v3 Authority Key Identifier:
keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/JyKHZXYbB6GYnvNzfwt4FsQoSNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.128.0/19
79.99.144.0/21
89.28.232.0/21
95.130.96.0/21
158.255.8.0/21
185.101.44.0/22
193.27.212.0/23
193.189.140.0/24
IPv6:
2a00:1c40::/29
2a02:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:75:97:fd:ad:33:1e:79:84:7e:46:e0:37:3a:9a:f7:a7:4d:
80:9f:fd:a6:c8:12:ef:9a:c0:68:79:3a:bb:f7:d0:5d:0c:ed:
57:7e:ff:34:c9:69:ed:95:0a:d6:4a:28:aa:7f:8d:cf:55:31:
29:49:4a:d9:eb:af:e9:40:f6:9a:a9:c1:f7:3e:55:bd:42:69:
d6:7e:48:f4:8b:70:36:8b:96:ae:48:a9:9a:d5:8d:51:4b:ea:
c7:41:46:f4:ad:53:1d:1e:00:6a:28:0d:1f:25:47:5b:6a:f9:
b2:98:88:8f:7f:2e:c9:e3:8e:3a:de:a2:37:ff:34:59:13:40:
ef:68:3b:f8:30:eb:3d:a6:ea:a8:66:98:9b:0a:e7:1a:79:ce:
f6:55:e9:d6:9d:e3:19:41:5c:9f:13:77:6b:da:a5:92:59:6c:
b7:a7:56:4e:ae:60:ba:9e:36:a5:70:53:00:78:f3:5d:85:ec:
17:a4:31:c0:6c:13:8b:cb:06:43:82:22:c1:68:14:e2:d6:e4:
3d:6a:3c:66:2e:dd:dc:1c:59:0f:b0:19:34:f3:a7:1f:b2:db:
b9:6e:15:90:f9:15:2a:d9:22:1e:2b:da:d9:59:78:00:0a:c8:
e9:63:20:73:3e:8e:e9:b0:34:b7:0c:1b:1f:06:73:aa:b6:68:
cb:c6:58:1a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzI3tpZts9GJXxON2VhCfBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzIyODc2NTc2MWIwN2ExOTg5ZWYzNzM3ZjBiNzgxNmM0Mjg0OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqocMB+sVLL9ovUrPFHtWz9dGBk9f
VAlJmpeubWj5GdKqjo0VpP1YGrh7MApYVNmw3p4U9J5rkf1OfaS5pCUHHtF5kXkE
Ehv5+2o4EEZKaR/HADMI9+OfugEc3krPPS/AuQvlKkrWzgPKkbDmc8hnbe8kTXTE
Ko/3wEPVVnmw70P9VRADgSSQ40YgFYJ1iSawebZXrz2gavGVugMo+LzPRLWv4Je9
gciI00sIdCM1BDjad4Zl0/0qQkkNrI3e8cn45IAw2YikChkwoms109Ecz77X6VSt
c2SweLmrLmFKc8U6g+/74Tnu1WWPvIrxlXTZvqWnt+Q9WN7OJ6EUAhSQEQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCcih2V2GwehmJ7zc38LeBbEKEjcMB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvSnlLSFpYWWJCNkdZbnZOemZ3dDRGc1FvU053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFTV2AAwQD
T2OQAwQDWRzoAwQDX4JgAwQDnv8IAwQCuWUsAwQBwRvUAwQAwb2MMBQEAgACMA4D
BQMqABxAAwUDKgJvgDANBgkqhkiG9w0BAQsFAAOCAQEACnWX/a0zHnmEfkbgNzqa
96dNgJ/9psgS75rAaHk6u/fQXQztV37/NMlp7ZUK1kooqn+Nz1UxKUlK2euv6UD2
mqnB9z5VvUJp1n5I9ItwNouWrkipmtWNUUvqx0FG9K1THR4AaigNHyVHW2r5spiI
j38uyeOOOt6iN/80WRNA72g7+DDrPabqqGaYmwrnGnnO9lXp1p3jGUFcnxN3a9ql
kllst6dWTq5gup42pXBTAHjzXYXsF6QxwGwTi8sGQ4IiwWgU4tbkPWo8Zi7d3BxZ
D7AZNPOnH7LbuW4VkPkVKtkiHiva2Vl4AArI6WMgcz6O6bA0twwbHwZzqrZoy8ZY
Gg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:00 2024 by rpki-client on console-ams.rpki-client.org