Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/jukbLrV6RNDZa7-66mqe_uLL5vM.roa
File: jukbLrV6RNDZa7-66mqe_uLL5vM.roa (raw, json)
Hash identifier: 3ysldxbFpvoGG8lBzfmTjHMeJJcD7dNrHhbrHMD4zeA=
Subject key identifier: 8E:E9:1B:2E:B5:7A:44:D0:D9:6B:BF:BA:EA:6A:9E:FE:E2:CB:E6:F3
Certificate issuer: /CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Certificate serial: 018CC5000E11902847C1DDD6B5612B96F794
Authority key identifier: 34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/jukbLrV6RNDZa7-66mqe_uLL5vM.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 213.144.160.0/19 maxlen: 19
185.100.112.0/22 maxlen: 22
149.3.176.0/21 maxlen: 21
176.115.184.0/22 maxlen: 22
93.186.128.0/21 maxlen: 24
93.186.136.0/22 maxlen: 22
195.22.192.0/19 maxlen: 24
5.178.40.0/21 maxlen: 24
185.70.200.0/22 maxlen: 22
89.221.32.0/20 maxlen: 20
79.140.80.0/20 maxlen: 24
2001:41a8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0e:11:90:28:47:c1:dd:d6:b5:61:2b:96:f7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ee91b2eb57a44d0d96bbfbaea6a9efee2cbe6f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:89:6c:7c:6c:38:ac:52:bd:42:2c:d5:62:7a:
19:77:65:08:fd:76:42:2f:cd:83:13:b3:8c:f4:50:
28:2a:b7:ee:3b:f1:bd:ca:8a:89:37:14:6e:7a:b1:
95:b2:c9:0f:a4:d4:85:d4:dc:d8:b3:ce:89:46:3c:
28:5c:10:34:f7:5c:7b:df:bc:77:64:cb:8f:1a:fa:
33:bf:58:84:5d:e8:65:d9:19:17:b5:33:b4:b9:45:
d5:6b:2d:f0:9f:66:67:ab:4c:9d:08:e0:57:90:88:
49:7d:3a:2e:97:6b:e1:21:5b:65:44:c5:91:2b:cf:
dc:b1:1a:33:4c:a2:bd:90:eb:9e:64:d6:af:76:45:
ad:f1:a0:ce:87:6b:4f:71:86:b2:09:d8:67:82:fd:
64:d4:a6:bd:ea:b5:20:15:c1:fd:0a:fe:71:7e:ba:
35:0f:c2:97:e2:dc:f8:e8:fb:ec:ee:39:48:b5:67:
b1:88:6d:18:bb:93:12:8e:da:49:57:d0:65:4b:01:
e4:2a:86:63:a4:50:8f:65:ab:2e:e6:df:38:62:a1:
fa:4c:46:26:b3:db:10:4a:fe:a2:f7:9b:5e:81:30:
c6:1d:0f:72:2c:32:9f:67:cb:4c:6d:6e:a9:6b:3b:
99:c8:e7:2b:24:bb:1c:24:c2:1c:7a:e1:c8:e2:b9:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E9:1B:2E:B5:7A:44:D0:D9:6B:BF:BA:EA:6A:9E:FE:E2:CB:E6:F3
X509v3 Authority Key Identifier:
keyid:34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/jukbLrV6RNDZa7-66mqe_uLL5vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.40.0/21
79.140.80.0/20
89.221.32.0/20
93.186.128.0-93.186.139.255
149.3.176.0/21
176.115.184.0/22
185.70.200.0/22
185.100.112.0/22
195.22.192.0/19
213.144.160.0/19
IPv6:
2001:41a8::/32
Signature Algorithm: sha256WithRSAEncryption
1b:ed:63:08:70:25:4b:b7:e7:37:6b:aa:ce:c8:5d:0b:0a:28:
90:0a:53:41:63:48:ed:a7:62:ef:3f:95:66:c6:3e:94:84:a2:
cc:6a:df:36:58:9a:8d:2e:38:fd:11:6a:dc:19:cc:92:51:5a:
2f:22:1c:17:9f:df:84:d8:0d:d9:30:63:60:eb:a6:18:0c:48:
40:1c:ba:e1:29:4e:2a:85:6d:d4:34:6b:cb:eb:0a:28:83:c1:
5f:09:8c:1f:c9:9d:28:ca:2f:4a:ea:de:6f:4a:96:19:e3:d7:
ee:a8:c8:d1:70:fd:08:42:7f:ad:6c:e9:56:d8:a1:6b:31:a2:
33:b0:43:d8:f9:b3:6a:cd:05:ff:c6:9d:67:73:b1:52:35:c7:
0b:2c:72:2b:cd:69:f2:f1:e7:72:50:40:48:a3:cf:d7:10:09:
59:f4:d4:2f:46:4a:98:ef:92:61:3b:87:78:da:13:9f:3a:a2:
f5:d3:c4:51:8c:b8:4e:66:f7:f8:9d:81:91:4f:6e:97:e3:bc:
f9:38:e8:5f:6b:a9:cb:65:ac:cd:ef:bb:d5:c5:05:1f:5e:ab:
da:2d:12:c2:80:31:65:ad:33:04:28:e5:7d:a7:0a:f0:9d:aa:
73:62:3f:17:2a:89:c7:65:4f:e5:38:58:1a:c4:d3:48:0f:27:
4a:0d:7b:49
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzFAA4RkChHwd3WtWErlveUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MGJlYTNmY2MzY2JjZWRjODI5MTljZjU3Yzc0MTA4YmFl
YTM2OWUwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU5MWIyZWI1N2E0NGQwZDk2YmJmYmFlYTZhOWVmZWUyY2JlNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIlsfGw4rFK9QizVYnoZd2UI/XZC
L82DE7OM9FAoKrfuO/G9yoqJNxRuerGVsskPpNSF1NzYs86JRjwoXBA091x737x3
ZMuPGvozv1iEXehl2RkXtTO0uUXVay3wn2Znq0ydCOBXkIhJfToul2vhIVtlRMWR
K8/csRozTKK9kOueZNavdkWt8aDOh2tPcYayCdhngv1k1Ka96rUgFcH9Cv5xfro1
D8KX4tz46Pvs7jlItWexiG0Yu5MSjtpJV9BlSwHkKoZjpFCPZasu5t84YqH6TEYm
s9sQSv6i95tegTDGHQ9yLDKfZ8tMbW6pazuZyOcrJLscJMIceuHI4rm5zwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFI7pGy61ekTQ2Wu/uupqnv7iy+bzMB8GA1UdIwQY
MBaAFDQL6j/MPLztyCkZz1fHQQi66jaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYt
MTExMDU2MzY5YTIzLzEvanVrYkxyVjZSTkRaYTctNjZtcWVfdUxMNXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYtMTExMDU2MzY5YTIz
LzEvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDBbIoAwQE
T4xQAwQEWd0gMAwDBAdduoADBAJduogDBAOVA7ADBAKwc7gDBAK5RsgDBAK5ZHAD
BAXDFsADBAXVkKAwDQQCAAIwBwMFACABQagwDQYJKoZIhvcNAQELBQADggEBABvt
YwhwJUu35zdrqs7IXQsKKJAKU0FjSO2nYu8/lWbGPpSEosxq3zZYmo0uOP0RatwZ
zJJRWi8iHBef34TYDdkwY2DrphgMSEAcuuEpTiqFbdQ0a8vrCiiDwV8JjB/JnSjK
L0rq3m9Klhnj1+6oyNFw/QhCf61s6VbYoWsxojOwQ9j5s2rNBf/GnWdzsVI1xwss
civNafLx53JQQEijz9cQCVn01C9GSpjvkmE7h3jaE586ovXTxFGMuE5m9/idgZFP
bpfjvPk46F9rqctlrM3vu9XFBR9eq9otEsKAMWWtMwQo5X2nCvCdqnNiPxcqicdl
T+U4WBrE00gPJ0oNe0k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:38 2024 by rpki-client on console-ams.rpki-client.org