Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/JSJ_T63GmXSXVSn4cFD5uEtdvPI.roa
File: JSJ_T63GmXSXVSn4cFD5uEtdvPI.roa (raw, json)
Hash identifier: 9jnNfW04eJrxDJ3SrL2Rl7ukydzfqlzatiA/Sq+sjL8=
Subject key identifier: 25:22:7F:4F:AD:C6:99:74:97:55:29:F8:70:50:F9:B8:4B:5D:BC:F2
Certificate issuer: /CN=677d4ea2c016ce2797af7aeb737d132875669f12
Certificate serial: 018CC8DE4085BB516B172598F86CC65597FC
Authority key identifier: 67:7D:4E:A2:C0:16:CE:27:97:AF:7A:EB:73:7D:13:28:75:66:9F:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z31OosAWzieXr3rrc30TKHVmnxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/JSJ_T63GmXSXVSn4cFD5uEtdvPI.roa
Signing time: Tue 02 Jan 2024 06:30:57 +0000
ROA not before: Tue 02 Jan 2024 06:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209985
IP address blocks: 193.160.94.0/24 maxlen: 24
193.160.92.0/22 maxlen: 22
193.160.95.0/24 maxlen: 24
193.160.92.0/24 maxlen: 24
193.160.93.0/24 maxlen: 24
2a0d:ed40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/Z31OosAWzieXr3rrc30TKHVmnxI.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/Z31OosAWzieXr3rrc30TKHVmnxI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z31OosAWzieXr3rrc30TKHVmnxI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:40:85:bb:51:6b:17:25:98:f8:6c:c6:55:97:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=677d4ea2c016ce2797af7aeb737d132875669f12
Validity
Not Before: Jan 2 06:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25227f4fadc69974975529f87050f9b84b5dbcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:ee:63:3f:95:9e:88:de:bf:f7:1f:30:dc:
4e:b3:5e:c6:2d:35:96:35:b4:11:93:39:0e:cb:e0:
2d:82:3c:dc:b4:69:45:88:29:b4:69:e7:09:8c:9b:
43:62:58:5b:0c:45:33:cc:84:33:de:dc:78:06:49:
c9:09:67:81:ce:13:bf:f5:ec:8c:a1:ef:ce:6d:52:
52:87:88:be:56:d0:4a:8c:35:30:4f:4b:d6:9c:a6:
a7:58:e3:35:d6:34:a3:05:f6:6f:4c:a0:42:14:19:
89:02:13:12:51:ac:0f:52:5b:dc:17:c9:f1:f5:ca:
7a:d5:99:fe:ad:f0:a4:f8:1d:3d:17:05:e8:65:55:
b7:2e:fe:45:d1:17:cc:c5:ae:76:a8:1b:e6:85:8a:
71:99:6b:f6:44:e1:d8:4f:02:30:b8:ee:8e:e3:0d:
41:c8:38:fe:96:88:90:ae:5f:16:19:f0:b3:69:13:
91:b7:59:5e:54:79:b2:3b:d9:70:7b:a9:5b:91:12:
b1:05:ad:83:5b:f6:93:80:30:4e:ed:e7:91:5e:12:
09:ee:9e:22:d4:9a:dd:d3:04:03:f0:c0:3f:7e:cb:
68:9d:91:71:cf:b0:ec:37:28:d1:a8:1b:11:df:da:
92:18:8a:8e:da:0a:91:3d:f8:70:8a:66:d3:e4:31:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:22:7F:4F:AD:C6:99:74:97:55:29:F8:70:50:F9:B8:4B:5D:BC:F2
X509v3 Authority Key Identifier:
keyid:67:7D:4E:A2:C0:16:CE:27:97:AF:7A:EB:73:7D:13:28:75:66:9F:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z31OosAWzieXr3rrc30TKHVmnxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/JSJ_T63GmXSXVSn4cFD5uEtdvPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/Z31OosAWzieXr3rrc30TKHVmnxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.92.0/22
IPv6:
2a0d:ed40::/32
Signature Algorithm: sha256WithRSAEncryption
8f:0e:b0:23:91:9b:e1:8e:a6:f3:a4:32:32:79:c8:67:2d:8b:
4d:36:d7:bc:7c:74:5c:24:c0:2f:de:b0:dc:73:eb:00:99:16:
4f:6d:f9:45:bb:54:d0:7e:a9:18:19:04:bb:6a:9e:46:f4:f9:
40:4c:32:9b:f3:32:f6:3f:b7:0b:af:2d:18:d6:04:f1:e3:cb:
b1:78:f6:c4:da:c1:23:d1:63:66:4a:5f:19:25:e5:1f:db:c2:
51:4a:e7:b6:d3:03:5c:ea:d8:e1:43:3c:4c:ec:31:46:34:76:
bb:6b:46:70:ca:6f:73:b9:d4:d1:4e:1c:d9:82:ed:19:d9:9a:
16:14:6e:28:b3:f7:d2:2c:16:2e:66:f6:67:10:a1:7c:6a:99:
a3:15:89:74:cb:da:0d:54:da:4f:77:a3:81:f1:92:ad:49:ee:
08:bd:5a:22:73:ce:fb:6b:dc:e7:9b:db:98:d1:17:7d:15:a7:
84:74:d3:91:84:cb:61:3d:9f:05:b5:94:4d:c1:0e:a1:b6:17:
bf:e2:a3:8a:76:4d:2e:e2:8e:ee:38:39:98:fd:9d:6b:4e:0f:
de:7c:2d:d8:a6:24:a7:46:c4:60:61:5f:11:dd:b7:28:ed:55:
4a:28:9a:eb:ba:a3:e0:72:41:21:c1:eb:5b:86:1a:7c:02:44:
9a:eb:dc:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3kCFu1FrFyWY+GzGVZf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2Q0ZWEyYzAxNmNlMjc5N2FmN2FlYjczN2QxMzI4NzU2
NjlmMTIwHhcNMjQwMTAyMDYzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTIyN2Y0ZmFkYzY5OTc0OTc1NTI5Zjg3MDUwZjliODRiNWRiY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9LuYz+Vnojev/cfMNxOs17GLTWW
NbQRkzkOy+AtgjzctGlFiCm0aecJjJtDYlhbDEUzzIQz3tx4BknJCWeBzhO/9eyM
oe/ObVJSh4i+VtBKjDUwT0vWnKanWOM11jSjBfZvTKBCFBmJAhMSUawPUlvcF8nx
9cp61Zn+rfCk+B09FwXoZVW3Lv5F0RfMxa52qBvmhYpxmWv2ROHYTwIwuO6O4w1B
yDj+loiQrl8WGfCzaRORt1leVHmyO9lwe6lbkRKxBa2DW/aTgDBO7eeRXhIJ7p4i
1Jrd0wQD8MA/fstonZFxz7DsNyjRqBsR39qSGIqO2gqRPfhwimbT5DHF4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCUif0+txpl0l1Up+HBQ+bhLXbzyMB8GA1UdIwQY
MBaAFGd9TqLAFs4nl69663N9Eyh1Zp8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjMxT29zQVd6aWVYcjNycmMzMFRLSFZtbnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80YWVlZTctNDVjMC00MjEzLTgwODUt
YjhmM2YwOWVhYWRlLzEvSlNKX1Q2M0dtWFNYVlNuNGNGRDV1RXRkdlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80YWVlZTctNDVjMC00MjEzLTgwODUtYjhmM2YwOWVhYWRl
LzEvWjMxT29zQVd6aWVYcjNycmMzMFRLSFZtbnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwaBcMA0E
AgACMAcDBQAqDe1AMA0GCSqGSIb3DQEBCwUAA4IBAQCPDrAjkZvhjqbzpDIyechn
LYtNNte8fHRcJMAv3rDcc+sAmRZPbflFu1TQfqkYGQS7ap5G9PlATDKb8zL2P7cL
ry0Y1gTx48uxePbE2sEj0WNmSl8ZJeUf28JRSue20wNc6tjhQzxM7DFGNHa7a0Zw
ym9zudTRThzZgu0Z2ZoWFG4os/fSLBYuZvZnEKF8apmjFYl0y9oNVNpPd6OB8ZKt
Se4IvVoic877a9znm9uY0Rd9FaeEdNORhMthPZ8FtZRNwQ6hthe/4qOKdk0u4o7u
ODmY/Z1rTg/efC3YpiSnRsRgYV8R3bco7VVKKJrruqPgckEhwetbhhp8AkSa69yU
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:48:24 2024 by rpki-client on console-fra.rpki-client.org