Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JEPxDUvX72VwHxVIo0s35H-piD0.roa
File: JEPxDUvX72VwHxVIo0s35H-piD0.roa (raw, json)
Hash identifier: btWSTl04LfqmPat6o+ZRfrLso1rrxL9Sw7N7h4W1UXo=
Subject key identifier: 24:43:F1:0D:4B:D7:EF:65:70:1F:15:48:A3:4B:37:E4:7F:A9:88:3D
Certificate issuer: /CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Certificate serial: 018CC5DBEC86E87795C07F9FFB49A29F2C9C
Authority key identifier: CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JEPxDUvX72VwHxVIo0s35H-piD0.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45033
IP address blocks: 185.138.196.0/24 maxlen: 24
185.138.197.0/24 maxlen: 24
185.138.198.0/24 maxlen: 24
185.138.199.0/24 maxlen: 24
185.43.131.0/24 maxlen: 24
185.43.128.0/24 maxlen: 24
185.43.130.0/24 maxlen: 24
2a07:f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.mft
rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ec:86:e8:77:95:c0:7f:9f:fb:49:a2:9f:2c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2443f10d4bd7ef65701f1548a34b37e47fa9883d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d6:87:b8:85:53:92:eb:4b:82:36:e5:11:4d:
39:2d:95:2d:7d:56:b2:1c:b3:f1:75:64:c9:2f:e2:
5c:0b:5b:65:71:b1:4e:12:a7:b8:da:07:df:dd:7f:
28:b6:be:2e:85:61:c4:0d:f1:89:9e:19:30:2d:d3:
07:4a:a4:9f:35:86:60:e6:55:c0:9b:73:5d:ca:a9:
d1:e0:dd:3c:14:6d:19:56:92:ab:08:91:d5:4f:ed:
6e:7d:9b:f1:35:57:88:7e:e1:c7:5c:24:8b:35:cd:
b3:de:bf:28:d4:82:6f:4a:5b:dc:e8:c1:12:8e:03:
66:99:6f:05:22:b6:c1:c4:f3:23:f5:46:4e:ad:b8:
19:72:a4:05:72:37:5f:e8:f0:d4:89:b3:e4:79:26:
a9:98:c9:dc:01:b9:57:16:37:d4:58:ca:d0:70:d0:
0f:a8:8a:27:2a:fb:57:4d:b0:8f:98:a8:ab:a7:ec:
9b:f2:50:1b:14:0a:2a:35:9b:d3:f1:77:b9:6b:34:
f9:a8:83:4f:d1:db:dd:4b:2f:a5:bd:0e:71:d7:75:
8c:4e:5c:d0:69:49:df:29:e7:0b:ec:68:e4:79:cd:
c4:05:a1:bd:c6:bd:e0:94:5b:06:8f:1a:b6:46:58:
f4:10:8a:de:f6:11:a0:db:26:53:ac:3b:dc:af:b9:
8d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:43:F1:0D:4B:D7:EF:65:70:1F:15:48:A3:4B:37:E4:7F:A9:88:3D
X509v3 Authority Key Identifier:
keyid:CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JEPxDUvX72VwHxVIo0s35H-piD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.128.0/24
185.43.130.0/23
185.138.196.0/22
IPv6:
2a07:f80::/29
Signature Algorithm: sha256WithRSAEncryption
26:ef:86:e2:8b:63:7d:0d:fe:78:92:ae:6f:fe:b0:e1:5d:43:
ff:dc:14:0a:84:7d:71:52:f8:0f:0a:18:b8:5f:72:f2:03:48:
52:22:2b:06:d9:da:aa:c2:c7:2a:9d:f1:55:f3:63:cb:4c:5e:
dd:55:2f:46:45:ba:f8:c2:e0:23:14:dd:1d:09:5a:ea:d3:29:
ae:39:c8:8a:66:42:6b:cc:63:43:8e:25:e0:6f:a2:cb:ce:c5:
a9:f5:66:c3:9a:f1:cc:ed:03:f3:0b:88:64:0f:c8:11:f6:44:
de:60:b2:ef:20:5a:7b:fd:d6:75:3c:4a:72:b3:b8:54:bc:b6:
6e:ce:46:0f:ce:db:2f:8d:ca:32:57:d9:33:8b:16:2d:95:9e:
f1:fd:e6:09:eb:97:e0:a9:2c:dc:db:81:42:bf:98:ca:93:78:
8b:4c:49:12:af:95:12:e9:be:51:56:bf:e8:02:af:3c:0e:02:
3e:00:82:0f:17:48:08:a0:74:23:59:e9:d7:0d:93:00:41:01:
ce:df:84:09:db:02:d3:3e:80:38:16:2d:d7:7f:8c:35:f9:8c:
7d:89:6c:6d:43:73:f1:e1:ad:6b:7b:21:80:91:ea:8b:bd:bd:
fb:50:dc:b0:93:98:91:f8:a8:e1:c4:63:51:a1:59:10:e2:3f:
76:d9:20:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF2+yG6HeVwH+f+0minyycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOTYyNTU0MWFiZTZiNWFlOTI2NjcxZGFhOThhYzZkODA5
NGVjN2IwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQzZjEwZDRiZDdlZjY1NzAxZjE1NDhhMzRiMzdlNDdmYTk4ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9aHuIVTkutLgjblEU05LZUtfVay
HLPxdWTJL+JcC1tlcbFOEqe42gff3X8otr4uhWHEDfGJnhkwLdMHSqSfNYZg5lXA
m3NdyqnR4N08FG0ZVpKrCJHVT+1ufZvxNVeIfuHHXCSLNc2z3r8o1IJvSlvc6MES
jgNmmW8FIrbBxPMj9UZOrbgZcqQFcjdf6PDUibPkeSapmMncAblXFjfUWMrQcNAP
qIonKvtXTbCPmKirp+yb8lAbFAoqNZvT8Xe5azT5qINP0dvdSy+lvQ5x13WMTlzQ
aUnfKecL7Gjkec3EBaG9xr3glFsGjxq2Rlj0EIre9hGg2yZTrDvcr7mNGwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCRD8Q1L1+9lcB8VSKNLN+R/qYg9MB8GA1UdIwQY
MBaAFM+WJVQavmta6SZnHaqYrG2AlOx7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2Et
NTlhNTg3YmRlYTNmLzEvSkVQeERVdlg3MlZ3SHhWSW8wczM1SC1waUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2EtNTlhNTg3YmRlYTNm
LzEvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuSuAAwQB
uSuCAwQCuYrEMA0EAgACMAcDBQMqBw+AMA0GCSqGSIb3DQEBCwUAA4IBAQAm74bi
i2N9Df54kq5v/rDhXUP/3BQKhH1xUvgPChi4X3LyA0hSIisG2dqqwscqnfFV82PL
TF7dVS9GRbr4wuAjFN0dCVrq0ymuOciKZkJrzGNDjiXgb6LLzsWp9WbDmvHM7QPz
C4hkD8gR9kTeYLLvIFp7/dZ1PEpys7hUvLZuzkYPztsvjcoyV9kzixYtlZ7x/eYJ
65fgqSzc24FCv5jKk3iLTEkSr5US6b5RVr/oAq88DgI+AIIPF0gIoHQjWenXDZMA
QQHO34QJ2wLTPoA4Fi3Xf4w1+Yx9iWxtQ3Px4a1reyGAkeqLvb37UNywk5iR+Kjh
xGNRoVkQ4j922SAe
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:58:59 2024 by rpki-client on console-fra.rpki-client.org