Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/lJG89qxA-JBc5ovMYTRW_EvCWns.roa
File: lJG89qxA-JBc5ovMYTRW_EvCWns.roa (raw, json)
Hash identifier: b7DY4/yfYSbytkHF2nO2l9LM0mMPUCZeCuC+Y0cYA7Q=
Subject key identifier: 94:91:BC:F6:AC:40:F8:90:5C:E6:8B:CC:61:34:56:FC:4B:C2:5A:7B
Certificate issuer: /CN=25e1b659862d15a51cb5ff34de7223c69e48126a
Certificate serial: 0190BB02FFBEF06BD4C7AE2E672AD9E82431
Authority key identifier: 25:E1:B6:59:86:2D:15:A5:1C:B5:FF:34:DE:72:23:C6:9E:48:12:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeG2WYYtFaUctf803nIjxp5IEmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/lJG89qxA-JBc5ovMYTRW_EvCWns.roa
Signing time: Tue 16 Jul 2024 10:07:34 +0000
ROA not before: Tue 16 Jul 2024 10:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204638
IP address blocks: 185.75.56.0/24 maxlen: 24
185.75.57.0/24 maxlen: 24
185.75.58.0/24 maxlen: 24
185.75.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/JeG2WYYtFaUctf803nIjxp5IEmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/JeG2WYYtFaUctf803nIjxp5IEmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeG2WYYtFaUctf803nIjxp5IEmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:02:ff:be:f0:6b:d4:c7:ae:2e:67:2a:d9:e8:24:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e1b659862d15a51cb5ff34de7223c69e48126a
Validity
Not Before: Jul 16 10:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9491bcf6ac40f8905ce68bcc613456fc4bc25a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5d:a5:6e:5d:c9:9e:9d:b2:47:87:12:f2:b9:
cd:20:9f:5f:f7:41:fb:53:82:e0:f9:64:50:b0:d1:
67:23:0b:d1:8d:d1:99:9e:f7:8d:e9:13:b6:d2:fe:
1a:cc:2e:d2:45:f2:51:7c:de:51:d0:d7:c6:71:19:
7b:e4:75:ca:25:0d:b9:9d:8f:a4:a4:66:d3:b9:d2:
0a:44:da:d7:20:13:73:38:3b:0e:eb:5e:be:fb:31:
08:8e:31:01:a7:db:a5:92:32:88:d6:32:b3:d4:11:
4d:17:bc:6d:93:f4:fb:48:9d:cb:4e:db:6d:a2:ac:
44:a3:f2:be:8b:f3:c5:2b:6b:22:5a:b7:bb:97:f6:
64:cf:63:a4:bb:70:0f:33:2c:9c:a1:76:24:90:db:
a0:46:4f:39:08:db:7b:95:0a:c5:de:15:1d:8d:bd:
72:78:dd:84:09:22:2c:af:57:7b:38:a6:08:2d:3e:
0a:2b:32:85:e1:cd:52:1b:6c:ff:51:a7:47:10:5e:
a7:d5:4b:78:7b:bc:21:76:a6:d2:c5:98:8e:f3:8a:
de:c3:7f:66:04:41:af:89:27:a0:e1:25:4b:c0:f7:
2e:0f:aa:c6:fb:b8:ef:84:ec:f1:75:29:2e:b0:b4:
05:64:03:ff:fc:e7:c9:28:ff:c6:75:cc:2a:7c:ef:
c5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:91:BC:F6:AC:40:F8:90:5C:E6:8B:CC:61:34:56:FC:4B:C2:5A:7B
X509v3 Authority Key Identifier:
keyid:25:E1:B6:59:86:2D:15:A5:1C:B5:FF:34:DE:72:23:C6:9E:48:12:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeG2WYYtFaUctf803nIjxp5IEmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/lJG89qxA-JBc5ovMYTRW_EvCWns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/JeG2WYYtFaUctf803nIjxp5IEmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.56.0/22
Signature Algorithm: sha256WithRSAEncryption
28:66:d4:28:47:26:74:c0:9c:44:e0:77:db:87:d4:c2:01:ad:
cc:a2:1f:e9:9b:f5:66:47:4a:90:00:f8:a6:57:62:26:cc:20:
de:6d:29:da:21:f6:36:cb:d3:56:05:c1:b8:9d:61:a9:61:24:
00:a4:c3:a1:bc:56:ca:19:e6:ea:19:ef:2c:03:22:b1:31:e2:
b9:0c:3f:50:33:88:eb:25:3c:66:7b:dd:53:72:34:36:67:66:
78:82:80:e4:79:cd:b9:6e:59:ce:aa:1f:74:63:14:d0:de:3f:
7f:2f:71:10:75:64:45:cc:15:4c:66:58:9a:7e:b9:dc:d5:1f:
64:fa:e1:03:e3:5e:eb:b2:5f:6d:67:8a:11:ff:f0:f7:96:40:
8a:92:64:43:89:68:fd:04:5e:4b:dc:99:38:4b:14:55:f2:3f:
76:bd:4b:69:9a:38:50:ba:7b:85:e9:d0:a2:41:a5:03:c6:a2:
d4:94:59:a1:69:1c:4e:d3:a0:11:04:17:95:2a:ae:e0:54:b8:
8c:d2:23:f5:97:3c:7b:ad:17:f9:6a:fa:9c:e3:84:09:f7:90:
29:8b:13:fb:a3:55:a3:62:9c:7b:3f:1d:e9:ad:50:c4:3d:bc:
fd:89:20:90:24:aa:11:65:f8:1a:83:83:f4:f6:19:32:b0:a1:
26:18:3c:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC7Av++8GvUx64uZyrZ6CQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTFiNjU5ODYyZDE1YTUxY2I1ZmYzNGRlNzIyM2M2OWU0
ODEyNmEwHhcNMjQwNzE2MTAwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkxYmNmNmFjNDBmODkwNWNlNjhiY2M2MTM0NTZmYzRiYzI1YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt12lbl3Jnp2yR4cS8rnNIJ9f90H7
U4Lg+WRQsNFnIwvRjdGZnveN6RO20v4azC7SRfJRfN5R0NfGcRl75HXKJQ25nY+k
pGbTudIKRNrXIBNzODsO616++zEIjjEBp9ulkjKI1jKz1BFNF7xtk/T7SJ3LTttt
oqxEo/K+i/PFK2siWre7l/Zkz2Oku3APMyycoXYkkNugRk85CNt7lQrF3hUdjb1y
eN2ECSIsr1d7OKYILT4KKzKF4c1SG2z/UadHEF6n1Ut4e7whdqbSxZiO84rew39m
BEGviSeg4SVLwPcuD6rG+7jvhOzxdSkusLQFZAP//OfJKP/GdcwqfO/FtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSRvPasQPiQXOaLzGE0VvxLwlp7MB8GA1UdIwQY
MBaAFCXhtlmGLRWlHLX/NN5yI8aeSBJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVHMldZWXRGYVVjdGY4MDNuSWp4cDVJRW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjNiNmMtNmRiMy00ODIxLTlhNDAt
ZTNjN2Q0ZTY1OThmLzEvbEpHODlxeEEtSkJjNW92TVlUUldfRXZDV25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjNiNmMtNmRiMy00ODIxLTlhNDAtZTNjN2Q0ZTY1OThm
LzEvSmVHMldZWXRGYVVjdGY4MDNuSWp4cDVJRW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUs4MA0G
CSqGSIb3DQEBCwUAA4IBAQAoZtQoRyZ0wJxE4Hfbh9TCAa3Moh/pm/VmR0qQAPim
V2ImzCDebSnaIfY2y9NWBcG4nWGpYSQApMOhvFbKGebqGe8sAyKxMeK5DD9QM4jr
JTxme91TcjQ2Z2Z4goDkec25blnOqh90YxTQ3j9/L3EQdWRFzBVMZliafrnc1R9k
+uED417rsl9tZ4oR//D3lkCKkmRDiWj9BF5L3Jk4SxRV8j92vUtpmjhQunuF6dCi
QaUDxqLUlFmhaRxO06ARBBeVKq7gVLiM0iP1lzx7rRf5avqc44QJ95ApixP7o1Wj
Ypx7Px3prVDEPbz9iSCQJKoRZfgag4P09hkysKEmGDxG
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:29 2024 by rpki-client on console-ams.rpki-client.org