Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JBxtpAWY6UyQx8fli2OjyXSCAMs.roa
File: JBxtpAWY6UyQx8fli2OjyXSCAMs.roa (raw, json)
Hash identifier: 8P1fLlMgN6BMfrPTVbJxpZ5qHy79sUVMfmBjXUCg/3k=
Subject key identifier: 24:1C:6D:A4:05:98:E9:4C:90:C7:C7:E5:8B:63:A3:C9:74:82:00:CB
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 018CC2DB664B5CFC31811CBA1E41420BCB1D
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JBxtpAWY6UyQx8fli2OjyXSCAMs.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50818
IP address blocks: 185.9.21.0/24 maxlen: 24
82.196.16.0/22 maxlen: 24
82.196.20.0/24 maxlen: 24
82.196.20.0/22 maxlen: 22
185.20.42.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:66:4b:5c:fc:31:81:1c:ba:1e:41:42:0b:cb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=241c6da40598e94c90c7c7e58b63a3c9748200cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:46:57:83:57:7a:d1:0d:b3:45:09:3f:a8:c7:
dc:80:6b:29:b6:7b:32:24:24:ba:ea:49:32:c8:9a:
98:b3:14:6b:2c:9c:be:4d:34:75:ed:54:ae:9e:9e:
87:6e:55:c7:ea:07:bd:40:10:f2:e2:2b:38:5f:6d:
c1:87:9c:34:ab:45:9f:a7:dd:4d:d2:90:19:8f:0e:
8f:82:20:75:e1:fc:16:d4:cd:64:7c:39:a9:d2:fb:
ea:25:53:a8:45:e4:fe:24:2b:90:4e:d4:a0:41:1b:
90:b5:ee:4c:7f:c3:33:ab:be:7c:aa:22:92:17:14:
eb:77:5d:2e:d8:64:cf:7b:51:23:c7:0c:9f:f4:8e:
4c:e2:ab:45:b4:fb:a1:b5:91:99:07:1b:5a:fc:c9:
41:78:ce:54:1d:d6:8d:eb:12:56:87:b8:31:ef:e6:
dd:a1:71:63:4d:c3:b7:95:a1:b3:8e:25:5b:8d:d9:
26:de:e1:c6:ed:85:56:5e:ea:bf:d4:af:87:d3:07:
b5:35:5c:66:a0:d6:73:84:ac:69:76:f5:dd:70:12:
4e:40:c3:9d:0e:31:e1:d1:25:20:7d:1e:44:26:0c:
8d:da:e3:46:f1:f1:6e:65:3f:a3:30:3e:e6:94:88:
a9:0d:59:03:5b:2c:43:4c:31:d3:5e:fd:57:c0:a2:
6a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:1C:6D:A4:05:98:E9:4C:90:C7:C7:E5:8B:63:A3:C9:74:82:00:CB
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JBxtpAWY6UyQx8fli2OjyXSCAMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
185.9.21.0/24
185.20.42.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
64:70:e3:85:d4:9e:79:0c:68:3b:f9:a9:b8:c4:02:6a:0d:54:
c2:67:eb:81:d8:2e:e7:dd:47:10:0c:b6:f8:dd:5b:25:ae:9f:
8b:d5:d1:ab:35:f3:aa:5a:85:70:ad:bc:00:69:83:f7:36:90:
a8:66:34:58:39:3e:7e:2d:0d:de:4e:c8:1d:65:9b:11:7a:3d:
93:a4:cb:28:ff:11:ee:d6:d0:c3:0b:60:b2:64:0e:b3:ae:96:
da:67:0c:9e:a2:e3:b3:3a:bd:15:c1:74:38:84:9d:86:e1:a8:
b1:c2:84:c0:88:90:ad:8e:e1:d3:f5:93:d2:9c:80:97:cd:b6:
ea:19:0a:4d:22:0b:04:c8:2c:09:40:06:22:2f:9d:fe:3c:0e:
f8:82:66:7a:33:9f:aa:21:1b:d6:ec:af:9c:d4:57:44:dc:6f:
40:c2:cd:cc:b3:02:77:c8:c7:d5:66:0f:db:84:92:c0:09:30:
12:b4:b5:65:49:c8:48:2d:20:74:4a:5c:08:d1:f6:aa:88:b2:
2d:9d:2f:f8:cb:89:f4:14:4d:3d:1f:d1:b9:95:2a:a4:9d:63:
f5:ae:ac:f5:7b:ca:08:68:68:20:5c:aa:6a:ca:86:6b:a8:65:
2d:a1:ba:dd:71:57:19:06:ed:c9:c5:25:61:6d:0d:d3:85:ea:
12:97:db:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC22ZLXPwxgRy6HkFCC8sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDFjNmRhNDA1OThlOTRjOTBjN2M3ZTU4YjYzYTNjOTc0ODIwMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0ZXg1d60Q2zRQk/qMfcgGsptnsy
JCS66kkyyJqYsxRrLJy+TTR17VSunp6HblXH6ge9QBDy4is4X23Bh5w0q0Wfp91N
0pAZjw6PgiB14fwW1M1kfDmp0vvqJVOoReT+JCuQTtSgQRuQte5Mf8Mzq758qiKS
FxTrd10u2GTPe1Ejxwyf9I5M4qtFtPuhtZGZBxta/MlBeM5UHdaN6xJWh7gx7+bd
oXFjTcO3laGzjiVbjdkm3uHG7YVWXuq/1K+H0we1NVxmoNZzhKxpdvXdcBJOQMOd
DjHh0SUgfR5EJgyN2uNG8fFuZT+jMD7mlIipDVkDWyxDTDHTXv1XwKJqIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCQcbaQFmOlMkMfH5Ytjo8l0ggDLMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvSkJ4dHBBV1k2VXlReDhmbGkyT2p5WFNDQU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDUsQQAwQA
uQkVAwQAuRQqMA0EAgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IBAQBkcOOF
1J55DGg7+am4xAJqDVTCZ+uB2C7n3UcQDLb43Vslrp+L1dGrNfOqWoVwrbwAaYP3
NpCoZjRYOT5+LQ3eTsgdZZsRej2TpMso/xHu1tDDC2CyZA6zrpbaZwyeouOzOr0V
wXQ4hJ2G4aixwoTAiJCtjuHT9ZPSnICXzbbqGQpNIgsEyCwJQAYiL53+PA74gmZ6
M5+qIRvW7K+c1FdE3G9Aws3MswJ3yMfVZg/bhJLACTAStLVlSchILSB0SlwI0faq
iLItnS/4y4n0FE09H9G5lSqknWP1rqz1e8oIaGggXKpqyoZrqGUtobrdcVcZBu3J
xSVhbQ3TheoSl9vu
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:39:20 2024 by rpki-client on console-fra.rpki-client.org