Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/jba3T6xmAIny0k2MpA4vbRCvFKM.roa
File: jba3T6xmAIny0k2MpA4vbRCvFKM.roa (raw, json)
Hash identifier: K1sdn93u9/x1JkSvDdTvjGBXzFcXwsEb3XUN3mCKJ0o=
Subject key identifier: 8D:B6:B7:4F:AC:66:00:89:F2:D2:4D:8C:A4:0E:2F:6D:10:AF:14:A3
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 018CC5DC868A0574CA05E88C73D65FEAA66F
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/jba3T6xmAIny0k2MpA4vbRCvFKM.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60268
IP address blocks: 185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
185.33.168.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
2a00:cee2::/32 maxlen: 32
2a00:cee1::/32 maxlen: 32
2a00:cee4::/32 maxlen: 32
2a00:cee3::/32 maxlen: 32
2a00:cee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:86:8a:05:74:ca:05:e8:8c:73:d6:5f:ea:a6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8db6b74fac660089f2d24d8ca40e2f6d10af14a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:cf:b0:ba:ed:c5:f6:27:a1:df:42:50:3c:
af:96:31:a9:f2:e8:fe:3b:33:60:fc:96:1b:6b:13:
94:ef:93:ba:8c:fe:cb:2f:51:ee:48:44:c4:f4:91:
f6:6d:45:79:6c:f7:69:5d:44:71:fe:33:e6:d3:dc:
ee:c1:20:ad:50:25:14:c7:fd:d6:3e:20:80:23:e1:
19:5f:77:47:38:33:ee:c0:0a:3c:d0:b9:54:74:50:
be:42:0f:a9:7b:4c:7c:5a:2b:ae:9e:7f:a3:a3:4d:
84:19:18:bc:ef:41:31:99:06:27:0c:ef:ef:39:ee:
b0:6d:f1:ae:a9:68:8d:84:7c:b2:82:40:1e:a0:2a:
e7:38:31:53:24:4c:09:8e:52:df:12:6a:76:1a:e3:
93:2e:9d:d5:f9:22:ac:a6:15:bd:cd:db:f1:dc:2c:
72:c5:66:4a:a4:51:77:09:6e:73:93:6d:12:f2:06:
09:dc:b0:d6:5d:f0:02:55:7a:e1:ad:f2:69:79:aa:
a5:8a:44:bf:2b:8a:ad:72:ff:3c:7a:f7:50:6a:3b:
0a:9f:ef:2b:c6:78:9d:8c:b6:c6:16:f4:4d:52:f5:
54:c4:73:1f:08:60:d6:ae:71:ee:83:fc:67:16:de:
5b:f1:fb:6a:14:55:41:28:8a:76:ac:2f:58:4a:e8:
60:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B6:B7:4F:AC:66:00:89:F2:D2:4D:8C:A4:0E:2F:6D:10:AF:14:A3
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/jba3T6xmAIny0k2MpA4vbRCvFKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/24
185.33.171.0/24
185.97.132.0/23
193.19.73.0/24
IPv6:
2a00:cee0::-2a00:cee4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:c3:e8:7b:58:e4:d7:0c:e9:f5:dd:43:6f:a3:81:42:ba:bf:
41:4d:ef:42:0f:e5:5e:8c:9a:f9:bf:7e:88:11:85:c7:2e:97:
0e:2b:b0:ed:5c:31:1f:ec:63:bc:74:c4:f5:31:ae:0c:d1:e6:
93:e8:02:a5:be:17:93:7e:6f:b6:2e:47:0e:13:a8:1f:ee:93:
8a:3b:aa:34:68:e1:8e:b8:78:77:e4:da:a3:b8:e4:c9:4a:2a:
a8:76:67:06:cb:dc:69:77:6c:0f:bb:c2:47:3e:d6:b0:76:06:
5f:0e:29:96:9c:75:2f:ea:f1:94:3f:ce:4e:d2:f2:cd:9e:68:
ae:79:71:f6:32:f9:ed:e7:15:dd:56:ba:07:31:af:7c:28:4d:
48:35:30:cf:89:36:70:a7:15:60:d6:95:13:d7:9c:81:94:27:
39:a3:c6:62:44:5b:d3:35:d5:fb:52:ea:e4:4e:6f:53:27:8c:
57:86:38:d4:ba:59:27:d1:4e:f1:3c:4c:71:a1:62:f5:39:0a:
75:4d:f7:eb:8a:7d:80:8a:a4:8b:26:55:53:7b:88:4c:89:e2:
b5:a8:ff:5e:be:0d:b1:42:59:3a:99:9d:37:97:40:ec:9a:ec:
77:c4:f1:66:dd:a1:7a:33:f3:ed:ca:53:d3:e2:f6:41:7f:fb:
c0:d5:a5:24
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzF3IaKBXTKBeiMc9Zf6qZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI2Yjc0ZmFjNjYwMDg5ZjJkMjRkOGNhNDBlMmY2ZDEwYWYxNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfPPsLrtxfYnod9CUDyvljGp8uj+
OzNg/JYbaxOU75O6jP7LL1HuSETE9JH2bUV5bPdpXURx/jPm09zuwSCtUCUUx/3W
PiCAI+EZX3dHODPuwAo80LlUdFC+Qg+pe0x8Wiuunn+jo02EGRi870ExmQYnDO/v
Oe6wbfGuqWiNhHyygkAeoCrnODFTJEwJjlLfEmp2GuOTLp3V+SKsphW9zdvx3Cxy
xWZKpFF3CW5zk20S8gYJ3LDWXfACVXrhrfJpeaqlikS/K4qtcv88evdQajsKn+8r
xnidjLbGFvRNUvVUxHMfCGDWrnHug/xnFt5b8ftqFFVBKIp2rC9YSuhg5wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFI22t0+sZgCJ8tJNjKQOL20QrxSjMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvamJhM1Q2eG1BSW55MGsyTXBBNHZiUkN2RktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQAuSGoAwQA
uSGrAwQBuWGEAwQAwRNJMBYEAgACMBAwDgMFBSoAzuADBQAqAM7kMA0GCSqGSIb3
DQEBCwUAA4IBAQB5w+h7WOTXDOn13UNvo4FCur9BTe9CD+VejJr5v36IEYXHLpcO
K7DtXDEf7GO8dMT1Ma4M0eaT6AKlvheTfm+2LkcOE6gf7pOKO6o0aOGOuHh35Nqj
uOTJSiqodmcGy9xpd2wPu8JHPtawdgZfDimWnHUv6vGUP85O0vLNnmiueXH2Mvnt
5xXdVroHMa98KE1INTDPiTZwpxVg1pUT15yBlCc5o8ZiRFvTNdX7UurkTm9TJ4xX
hjjUulkn0U7xPExxoWL1OQp1Tffrin2AiqSLJlVTe4hMieK1qP9evg2xQlk6mZ03
l0Dsmux3xPFm3aF6M/PtylPT4vZBf/vA1aUk
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:48:40 2024 by rpki-client on console-fra.rpki-client.org