Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/JTaqxboz75SMGn6qmeUhFYiY6vw.roa
File: JTaqxboz75SMGn6qmeUhFYiY6vw.roa (raw, json)
Hash identifier: AgR6rQATMMuWTykTbXqfS+WHUe5ilhso38cOGbKp/z0=
Subject key identifier: 25:36:AA:C5:BA:33:EF:94:8C:1A:7E:AA:99:E5:21:15:88:98:EA:FC
Certificate issuer: /CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8
Certificate serial: 018CC348D409F46D43A577E8EC273653801C
Authority key identifier: 8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/JTaqxboz75SMGn6qmeUhFYiY6vw.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201590
IP address blocks: 185.68.32.0/22 maxlen: 22
185.68.32.0/23 maxlen: 23
185.68.34.0/23 maxlen: 23
2a03:2960:ffff::/48 maxlen: 48
2a03:2960::/40 maxlen: 40
2a03:2960:100::/40 maxlen: 40
2a03:2960::/32 maxlen: 32
2a03:2960:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d4:09:f4:6d:43:a5:77:e8:ec:27:36:53:80:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2536aac5ba33ef948c1a7eaa99e521158898eafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:21:72:29:f7:a2:b2:45:98:b3:37:01:36:
8b:34:8c:0b:96:76:12:81:e6:9a:e3:52:45:46:2f:
6b:af:7a:03:04:00:6e:0a:8a:10:1c:90:2b:e8:1f:
0f:ce:f5:b8:3c:b5:37:20:4b:c8:61:f8:ff:f5:8a:
48:1a:80:57:e9:73:fb:a6:20:1f:b7:2c:fc:88:79:
aa:e5:5c:78:20:1a:97:8c:01:0c:13:df:fa:a6:3f:
c2:c8:d2:12:6f:bd:04:52:70:67:91:5a:ad:ad:89:
38:e0:64:54:a4:c9:45:41:20:d7:9f:92:4b:e0:01:
60:5b:cd:f7:63:54:2d:42:52:9d:a2:6a:38:f1:53:
56:c8:d0:2a:51:f8:17:d1:6f:73:8c:19:66:8e:46:
e0:87:bd:f6:8e:10:5e:ea:92:23:dc:06:04:32:d7:
1f:1a:e6:80:d1:4c:d7:89:af:c8:d9:80:7b:0a:38:
ff:e9:c5:aa:6c:fe:5a:bd:4d:b4:17:94:8f:42:2f:
5f:37:d4:f1:92:d4:53:b8:85:0b:02:77:12:80:76:
10:aa:5c:7b:63:eb:d2:7a:75:52:20:37:dc:bc:01:
cd:af:32:a6:52:aa:9f:49:f0:09:e6:f1:91:bd:e8:
f3:87:23:70:8f:d9:6c:82:d9:64:0a:ac:8d:1b:b0:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:36:AA:C5:BA:33:EF:94:8C:1A:7E:AA:99:E5:21:15:88:98:EA:FC
X509v3 Authority Key Identifier:
keyid:8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/JTaqxboz75SMGn6qmeUhFYiY6vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.32.0/22
IPv6:
2a03:2960::/32
Signature Algorithm: sha256WithRSAEncryption
30:98:e1:24:a9:70:04:12:65:60:10:89:0c:f7:23:8e:b8:38:
ab:79:19:55:24:45:20:17:68:58:d6:ef:99:2f:b0:a7:3a:9b:
62:50:b3:55:33:d3:2d:5a:b1:25:51:94:16:d4:39:67:34:f2:
9f:40:b3:2c:a5:6f:dc:00:55:1c:ee:16:cb:6e:b2:d7:12:8b:
37:db:92:36:f2:85:c0:cc:c1:b3:51:a6:fd:8d:e8:84:e8:7c:
7d:de:79:10:c4:71:e4:50:d5:ef:dc:55:35:0d:98:bf:53:a3:
36:d3:54:af:dd:3f:69:5a:b0:02:15:4a:ff:0c:1e:01:0a:65:
94:81:ab:83:56:b0:a6:09:a7:ee:c5:63:29:ac:c2:fa:bb:f7:
e2:81:e4:28:39:36:2a:2e:e4:ff:93:d5:ae:a0:5a:4b:3e:de:
b1:84:da:e4:22:5e:5a:bf:4a:4a:65:ad:73:1f:29:d1:6e:a4:
d7:02:7f:af:3f:f6:e3:70:c6:fa:e8:1d:ea:6e:d8:be:ad:16:
ef:33:44:d7:70:4f:69:8b:71:02:f7:59:9f:ec:8c:de:43:9a:
49:82:95:35:18:fa:f6:81:26:f9:8f:1b:68:8f:af:45:51:e9:
b3:1f:7f:47:70:2b:64:35:0a:33:00:4f:7c:6b:b5:65:d0:f9:
ff:12:41:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNQJ9G1DpXfo7Cc2U4AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzc1YmM2YzgxMTBmMWFkNzMzZGY3N2FjZmJiMWQ2ZWM0
NjVjYjgwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM2YWFjNWJhMzNlZjk0OGMxYTdlYWE5OWU1MjExNTg4OThlYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLwhcin3orJFmLM3ATaLNIwLlnYS
geaa41JFRi9rr3oDBABuCooQHJAr6B8PzvW4PLU3IEvIYfj/9YpIGoBX6XP7piAf
tyz8iHmq5Vx4IBqXjAEME9/6pj/CyNISb70EUnBnkVqtrYk44GRUpMlFQSDXn5JL
4AFgW833Y1QtQlKdomo48VNWyNAqUfgX0W9zjBlmjkbgh732jhBe6pIj3AYEMtcf
GuaA0UzXia/I2YB7Cjj/6cWqbP5avU20F5SPQi9fN9TxktRTuIULAncSgHYQqlx7
Y+vSenVSIDfcvAHNrzKmUqqfSfAJ5vGRvejzhyNwj9lsgtlkCqyNG7DPQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCU2qsW6M++UjBp+qpnlIRWImOr8MB8GA1UdIwQY
MBaAFI83W8bIEQ8a1zPfd6z7sdbsRly4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjct
ODA5ODUxYTA2YjZhLzEvSlRhcXhib3o3NVNNR242cW1lVWhGWWlZNnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjctODA5ODUxYTA2YjZh
LzEvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUQgMA0E
AgACMAcDBQAqAylgMA0GCSqGSIb3DQEBCwUAA4IBAQAwmOEkqXAEEmVgEIkM9yOO
uDireRlVJEUgF2hY1u+ZL7CnOptiULNVM9MtWrElUZQW1DlnNPKfQLMspW/cAFUc
7hbLbrLXEos325I28oXAzMGzUab9jeiE6Hx93nkQxHHkUNXv3FU1DZi/U6M201Sv
3T9pWrACFUr/DB4BCmWUgauDVrCmCafuxWMprML6u/figeQoOTYqLuT/k9WuoFpL
Pt6xhNrkIl5av0pKZa1zHynRbqTXAn+vP/bjcMb66B3qbti+rRbvM0TXcE9pi3EC
91mf7IzeQ5pJgpU1GPr2gSb5jxtoj69FUemzH39HcCtkNQozAE98a7Vl0Pn/EkHN
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:30:10 2024 by rpki-client on console-fra.rpki-client.org