Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/JgTMa1P1yJ-oCAvxX-TISZHvWbQ.roa
File: JgTMa1P1yJ-oCAvxX-TISZHvWbQ.roa (raw, json)
Hash identifier: Iwoa9Gu4UeXBfPx+NUJPNmIioUBvLRK9n9DopIs2Ry0=
Subject key identifier: 26:04:CC:6B:53:F5:C8:9F:A8:08:0B:F1:5F:E4:C8:49:91:EF:59:B4
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 018EAD78B9B28C592873323371B8322B91F8
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/JgTMa1P1yJ-oCAvxX-TISZHvWbQ.roa
Signing time: Fri 05 Apr 2024 08:55:53 +0000
ROA not before: Fri 05 Apr 2024 08:55:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207375
IP address blocks: 45.145.108.0/22 maxlen: 25
80.64.232.0/21 maxlen: 25
93.88.24.0/22 maxlen: 25
146.19.16.0/24 maxlen: 24
178.211.143.0/24 maxlen: 24
185.11.60.0/24 maxlen: 24
185.205.201.0/24 maxlen: 24
185.234.217.0/24 maxlen: 24
2a0e:fdc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:78:b9:b2:8c:59:28:73:32:33:71:b8:32:2b:91:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Apr 5 08:55:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2604cc6b53f5c89fa8080bf15fe4c84991ef59b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ae:f4:48:22:cc:76:cf:bd:56:81:09:2b:db:
2c:e0:35:b5:82:6f:76:21:c7:df:8d:33:a5:c5:67:
6b:c3:2c:a8:94:ad:b2:65:1d:42:02:a0:0f:75:80:
12:ba:a4:e2:a2:71:9b:f0:80:d7:ad:cd:1c:de:a6:
b9:bc:7b:4c:28:57:3e:96:1f:18:71:bf:76:d8:96:
12:1d:8c:8e:1f:76:db:6e:ef:46:92:8f:8e:21:5a:
a0:99:e6:1d:07:f7:1f:37:4e:d7:5a:cf:f0:0e:01:
cb:e9:b0:79:71:81:31:07:0f:7c:73:f9:64:02:bc:
ca:2a:31:5c:5c:15:ad:44:0c:5f:f9:bc:10:d5:e8:
25:5a:92:67:ad:4c:0b:71:6b:d9:cb:20:38:de:d3:
59:c0:f8:f6:44:a3:16:36:2b:d1:32:6d:18:77:e2:
9e:d2:e0:f9:c9:2b:ff:b1:4c:a2:20:67:40:b1:3c:
48:27:e1:d7:4e:ac:48:9f:3e:4a:0f:9f:62:53:25:
90:89:26:71:50:dc:49:3a:34:de:84:00:3a:8c:ab:
b7:6a:f0:6a:02:53:6d:ee:55:ad:b7:14:af:a2:02:
72:aa:d6:30:d7:f2:8a:b5:4f:1c:08:0c:db:4e:a5:
f4:85:20:5a:52:76:23:aa:d7:5c:7e:90:1e:59:03:
44:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:04:CC:6B:53:F5:C8:9F:A8:08:0B:F1:5F:E4:C8:49:91:EF:59:B4
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/JgTMa1P1yJ-oCAvxX-TISZHvWbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
80.64.232.0/21
93.88.24.0/22
146.19.16.0/24
178.211.143.0/24
185.11.60.0/24
185.205.201.0/24
185.234.217.0/24
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:69:2e:97:46:62:c7:a8:03:b0:7d:24:9d:aa:64:c5:47:f6:
a8:dd:87:9d:ca:e0:6f:b2:d3:0c:06:57:ff:3f:8f:3a:fb:0a:
bd:47:4c:6f:15:bc:9b:32:c3:ed:d8:26:87:b1:f9:9e:4c:8b:
0c:a2:fa:e0:5f:f4:84:ef:cb:cb:2d:4d:8d:60:a7:d1:9d:e4:
29:70:51:57:48:08:7b:13:30:3b:bb:4e:9f:e7:8e:e5:92:c6:
3f:f4:2f:85:89:8f:be:1a:97:53:30:a3:7a:45:04:e6:96:80:
01:36:6f:55:50:f8:db:94:66:15:db:93:46:f9:46:29:9b:f1:
93:b9:94:e2:c2:6c:9b:b1:c1:06:43:d6:96:67:ca:8f:fc:d5:
ba:8d:f2:84:22:19:cc:99:75:94:02:70:e9:45:80:9e:e3:9e:
20:74:f1:2f:3a:2a:3d:0c:ac:9e:94:a6:98:64:6e:e1:94:d9:
9d:8a:fe:e8:dd:c2:a4:5b:cd:3a:82:38:2d:83:52:47:8d:11:
48:2d:f7:73:90:be:b4:b8:6e:8d:70:03:35:4d:83:56:bc:3b:
62:0e:3f:06:6f:bb:d8:0e:25:6a:da:76:b3:1b:42:b4:16:c6:
81:c3:84:3b:4a:4b:b7:72:fa:32:4a:38:78:e7:27:86:81:54:
ba:50:9c:57
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY6teLmyjFkoczIzcbgyK5H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjQwNDA1MDg1NTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA0Y2M2YjUzZjVjODlmYTgwODBiZjE1ZmU0Yzg0OTkxZWY1OWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg670SCLMds+9VoEJK9ss4DW1gm92
IcffjTOlxWdrwyyolK2yZR1CAqAPdYASuqTionGb8IDXrc0c3qa5vHtMKFc+lh8Y
cb922JYSHYyOH3bbbu9Gko+OIVqgmeYdB/cfN07XWs/wDgHL6bB5cYExBw98c/lk
ArzKKjFcXBWtRAxf+bwQ1eglWpJnrUwLcWvZyyA43tNZwPj2RKMWNivRMm0Yd+Ke
0uD5ySv/sUyiIGdAsTxIJ+HXTqxInz5KD59iUyWQiSZxUNxJOjTehAA6jKu3avBq
AlNt7lWttxSvogJyqtYw1/KKtU8cCAzbTqX0hSBaUnYjqtdcfpAeWQNE6QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCYEzGtT9cifqAgL8V/kyEmR71m0MB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvSmdUTWExUDF5Si1vQ0F2eFgtVElTWkh2V2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLZFsAwQD
UEDoAwQCXVgYAwQAkhMQAwQAstOPAwQAuQs8AwQAuc3JAwQAuerZMA0EAgACMAcD
BQMqDv3AMA0GCSqGSIb3DQEBCwUAA4IBAQBgaS6XRmLHqAOwfSSdqmTFR/ao3Yed
yuBvstMMBlf/P486+wq9R0xvFbybMsPt2CaHsfmeTIsMovrgX/SE78vLLU2NYKfR
neQpcFFXSAh7EzA7u06f547lksY/9C+FiY++GpdTMKN6RQTmloABNm9VUPjblGYV
25NG+UYpm/GTuZTiwmybscEGQ9aWZ8qP/NW6jfKEIhnMmXWUAnDpRYCe454gdPEv
Oio9DKyelKaYZG7hlNmdiv7o3cKkW806gjgtg1JHjRFILfdzkL60uG6NcAM1TYNW
vDtiDj8Gb7vYDiVq2nazG0K0FsaBw4Q7Sku3cvoySjh45yeGgVS6UJxX
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:46 2024 by rpki-client on console-ams.rpki-client.org