Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/J6Ac_GRgYZ1v3sXCr5HSJS6CMVA.roa
File: J6Ac_GRgYZ1v3sXCr5HSJS6CMVA.roa (raw, json)
Hash identifier: /Qnl6kXRir3tZHweQe+yImM+G7oPBoX1QY2DYQxeZLc=
Subject key identifier: 27:A0:1C:FC:64:60:61:9D:6F:DE:C5:C2:AF:91:D2:25:2E:82:31:50
Certificate issuer: /CN=8831d621d192f92db093d933092c1e236b4d497b
Certificate serial: 018CC5DC0C2DE13E4E156CFF4EDC2FB50461
Authority key identifier: 88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/J6Ac_GRgYZ1v3sXCr5HSJS6CMVA.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39798
IP address blocks: 185.225.16.0/22 maxlen: 24
94.158.244.0/22 maxlen: 24
185.163.44.0/22 maxlen: 24
194.180.158.0/24 maxlen: 24
194.180.157.0/24 maxlen: 24
5.252.176.0/22 maxlen: 24
194.180.174.0/24 maxlen: 24
194.180.191.0/24 maxlen: 24
5.181.156.0/22 maxlen: 24
2a0a:c800::/29 maxlen: 48
2001:67c:2db8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0c:2d:e1:3e:4e:15:6c:ff:4e:dc:2f:b5:04:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8831d621d192f92db093d933092c1e236b4d497b
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27a01cfc6460619d6fdec5c2af91d2252e823150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ef:96:0e:77:4d:98:63:3d:5b:e9:f6:11:63:
27:ba:e0:7e:1d:2b:67:72:69:60:3e:6c:82:40:97:
06:04:f4:9a:c7:72:ea:f0:5b:dd:55:05:87:d0:b3:
2a:6b:af:71:b2:70:84:2e:66:f7:a5:66:3c:30:fd:
05:5d:f7:70:8b:d0:7b:7d:16:ab:90:61:35:5d:fe:
f2:e7:54:20:9d:da:70:61:40:29:43:40:a4:77:40:
2d:56:4b:17:bb:1a:eb:1f:19:9f:c9:0e:c5:0e:ac:
07:ec:09:1a:f8:c1:4d:0c:01:0e:25:40:46:3b:79:
44:84:cd:8f:bb:2c:1c:fa:f0:15:db:c2:90:38:ad:
01:f1:6b:18:f2:a8:6a:4c:98:00:42:b2:bb:e3:a6:
c0:6a:b8:ba:d8:06:5b:18:cc:1d:ae:b7:d5:08:06:
87:14:fe:b4:5d:6e:2b:d2:2a:45:87:cd:08:9e:4a:
59:f2:87:1d:c5:72:d1:e8:7f:ba:7d:5d:2d:1d:72:
e0:93:0f:2d:9a:85:04:a8:1c:ba:fa:98:e9:54:1f:
3b:b9:7f:f1:d5:2d:b5:0d:ed:3a:74:62:fc:df:dd:
d7:1e:90:5f:e8:3b:c2:37:55:a6:d1:18:20:91:73:
38:09:f1:04:6e:e1:67:66:e7:a0:ed:c6:8b:ee:5e:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A0:1C:FC:64:60:61:9D:6F:DE:C5:C2:AF:91:D2:25:2E:82:31:50
X509v3 Authority Key Identifier:
keyid:88:31:D6:21:D1:92:F9:2D:B0:93:D9:33:09:2C:1E:23:6B:4D:49:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDHWIdGS-S2wk9kzCSweI2tNSXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/J6Ac_GRgYZ1v3sXCr5HSJS6CMVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/440781-f614-450d-9d9f-2b8761d8a137/1/iDHWIdGS-S2wk9kzCSweI2tNSXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.156.0/22
5.252.176.0/22
94.158.244.0/22
185.163.44.0/22
185.225.16.0/22
194.180.157.0-194.180.158.255
194.180.174.0/24
194.180.191.0/24
IPv6:
2001:67c:2db8::/48
2a0a:c800::/29
Signature Algorithm: sha256WithRSAEncryption
19:81:97:17:28:be:8f:7a:87:f9:67:04:55:9d:a6:4c:ea:26:
42:17:0b:83:4d:72:04:8e:cb:21:ca:31:95:a5:46:0b:e0:0c:
35:f6:6a:ec:11:7f:08:0d:6e:f2:c6:62:53:a3:77:7a:e8:09:
5a:6f:b9:92:bb:06:35:df:b2:4a:e7:fc:bd:cc:83:98:ce:90:
8b:38:d0:f1:33:3a:71:17:22:77:1d:75:ff:b0:8b:a1:d6:9b:
0d:ef:d8:38:eb:5c:16:b6:16:50:62:d9:05:4b:6f:43:c9:d0:
fe:a4:4f:de:0d:7a:25:6b:b1:e7:70:13:7d:6c:4f:b6:17:8d:
a7:af:49:df:51:7b:c0:5f:8d:87:e0:07:4e:fe:c5:68:5c:bf:
0d:12:82:9f:7e:dd:29:4b:f1:96:71:a7:c7:b6:70:7a:11:7b:
7c:61:f4:cb:5c:c9:a0:14:6c:d0:a2:2c:90:67:9f:3d:d0:bd:
b8:1d:ce:74:a0:70:4f:ff:21:5c:6c:8b:14:cb:17:a6:41:31:
71:34:17:1d:ed:f4:fe:67:40:02:7f:b9:99:31:45:3c:a9:f3:
a8:f1:c4:36:ce:2a:ae:f1:05:f9:e7:16:86:f3:9c:0d:2c:a3:
27:fc:41:ea:1d:71:c7:26:0b:dc:a9:32:7a:94:e6:69:75:5a:
22:05:ce:b9
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzF3Awt4T5OFWz/TtwvtQRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MzFkNjIxZDE5MmY5MmRiMDkzZDkzMzA5MmMxZTIzNmI0
ZDQ5N2IwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2EwMWNmYzY0NjA2MTlkNmZkZWM1YzJhZjkxZDIyNTJlODIzMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu+WDndNmGM9W+n2EWMnuuB+HStn
cmlgPmyCQJcGBPSax3Lq8FvdVQWH0LMqa69xsnCELmb3pWY8MP0FXfdwi9B7fRar
kGE1Xf7y51QgndpwYUApQ0Ckd0AtVksXuxrrHxmfyQ7FDqwH7Aka+MFNDAEOJUBG
O3lEhM2Puywc+vAV28KQOK0B8WsY8qhqTJgAQrK746bAari62AZbGMwdrrfVCAaH
FP60XW4r0ipFh80InkpZ8ocdxXLR6H+6fV0tHXLgkw8tmoUEqBy6+pjpVB87uX/x
1S21De06dGL8393XHpBf6DvCN1Wm0RggkXM4CfEEbuFnZueg7caL7l6+TQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCegHPxkYGGdb97Fwq+R0iUugjFQMB8GA1UdIwQY
MBaAFIgx1iHRkvktsJPZMwksHiNrTUl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaURIV0lkR1MtUzJ3azlrekNTd2VJMnROU1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS80NDA3ODEtZjYxNC00NTBkLTlkOWYt
MmI4NzYxZDhhMTM3LzEvSjZBY19HUmdZWjF2M3NYQ3I1SFNKUzZDTVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS80NDA3ODEtZjYxNC00NTBkLTlkOWYtMmI4NzYxZDhhMTM3
LzEvaURIV0lkR1MtUzJ3azlrekNTd2VJMnROU1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA+BAIAATA4AwQCBbWcAwQC
BfywAwQCXp70AwQCuaMsAwQCueEQMAwDBADCtJ0DBADCtJ4DBADCtK4DBADCtL8w
FgQCAAIwEAMHACABBnwtuAMFAyoKyAAwDQYJKoZIhvcNAQELBQADggEBABmBlxco
vo96h/lnBFWdpkzqJkIXC4NNcgSOyyHKMZWlRgvgDDX2auwRfwgNbvLGYlOjd3ro
CVpvuZK7BjXfskrn/L3Mg5jOkIs40PEzOnEXIncddf+wi6HWmw3v2DjrXBa2FlBi
2QVLb0PJ0P6kT94NeiVrsedwE31sT7YXjaevSd9Re8BfjYfgB07+xWhcvw0Sgp9+
3SlL8ZZxp8e2cHoRe3xh9MtcyaAUbNCiLJBnnz3QvbgdznSgcE//IVxsixTLF6ZB
MXE0Fx3t9P5nQAJ/uZkxRTyp86jxxDbOKq7xBfnnFobznA0soyf8QeodcccmC9yp
MnqU5ml1WiIFzrk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:23 2024 by rpki-client on console-fra.rpki-client.org