Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/jrmRU1YG25R7U2MKU--Ef3YcvNc.roa
File: jrmRU1YG25R7U2MKU--Ef3YcvNc.roa (raw, json)
Hash identifier: 9YzGjfWcmoYt3GhboYagBlijoUQejnPFaM5/kMnLAak=
Subject key identifier: 8E:B9:91:53:56:06:DB:94:7B:53:63:0A:53:EF:84:7F:76:1C:BC:D7
Certificate issuer: /CN=72493d60b50427dd4316ed9505ad099eb5ac2e34
Certificate serial: 018CC348B70B6DD44CCEA2CF7D0C1598132C
Authority key identifier: 72:49:3D:60:B5:04:27:DD:43:16:ED:95:05:AD:09:9E:B5:AC:2E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/jrmRU1YG25R7U2MKU--Ef3YcvNc.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203132
IP address blocks: 185.142.184.0/24 maxlen: 24
185.142.185.0/24 maxlen: 24
185.142.186.0/24 maxlen: 24
2a07:2f00:1337::/48 maxlen: 48
2a07:2f00:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b7:0b:6d:d4:4c:ce:a2:cf:7d:0c:15:98:13:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72493d60b50427dd4316ed9505ad099eb5ac2e34
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eb991535606db947b53630a53ef847f761cbcd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:b6:b1:07:c6:73:d1:f5:3f:9d:cf:3f:23:
f6:4d:e6:88:22:f7:20:dd:10:cc:77:81:52:f9:4e:
d8:7f:62:da:e8:43:9c:4a:9f:57:2b:28:80:ab:f7:
ca:ed:67:36:5d:eb:35:f0:83:94:4c:98:63:10:4e:
db:a2:87:e6:e5:e3:32:cf:df:c6:a5:3d:62:1d:59:
2b:c5:08:ec:fc:ea:fc:30:6a:ab:77:e5:07:ff:08:
48:fe:32:0a:55:c9:d6:12:4a:f0:e0:94:27:ed:08:
38:13:d8:e1:9c:14:e4:9a:39:7f:66:ed:55:4d:7c:
06:a2:c1:f2:88:e5:98:84:ae:46:ba:0a:e3:7d:a1:
b4:03:28:51:ac:56:2f:46:4b:ea:1a:b8:98:de:de:
e3:4e:11:c9:e9:ae:8d:a9:4c:60:25:8e:65:90:ff:
b6:93:1d:61:98:a0:5d:ab:92:55:53:e4:eb:d5:7a:
fc:07:8a:a8:f3:7e:a4:98:51:3f:30:97:33:91:5d:
b5:6b:2b:77:17:8d:8b:4e:e4:c9:78:59:e1:77:35:
67:f6:06:6c:0d:08:35:1c:79:63:56:7c:3a:5c:15:
15:d8:c0:8a:01:fd:b6:d7:07:4e:1d:ac:a9:19:2b:
3a:c4:0e:86:a4:5c:2e:fa:6e:33:de:c9:f9:d2:7d:
8b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B9:91:53:56:06:DB:94:7B:53:63:0A:53:EF:84:7F:76:1C:BC:D7
X509v3 Authority Key Identifier:
keyid:72:49:3D:60:B5:04:27:DD:43:16:ED:95:05:AD:09:9E:B5:AC:2E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/jrmRU1YG25R7U2MKU--Ef3YcvNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/71a349-baf4-47b3-a9ed-c6730c8e46aa/1/ckk9YLUEJ91DFu2VBa0JnrWsLjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.184.0-185.142.186.255
IPv6:
2a07:2f00:1337::/48
2a07:2f00:dead::/48
Signature Algorithm: sha256WithRSAEncryption
56:30:34:d0:67:17:38:9f:00:03:c5:eb:0f:9c:c0:e2:9f:05:
8c:e7:b5:bb:94:0e:17:04:8f:40:63:6a:53:b2:62:cb:08:8b:
0c:3e:ca:c9:07:48:cc:4d:0a:5f:69:4f:5b:09:83:da:c5:a6:
bc:c8:25:74:7f:84:2f:4c:2e:c7:ef:97:26:e1:86:a9:18:f6:
62:b9:ec:38:9a:87:80:cf:95:ff:96:02:10:7d:27:31:cb:20:
14:6b:12:5a:b3:a6:36:cd:5c:a0:58:cc:8d:54:fe:80:2a:af:
23:c7:b1:26:ef:46:a3:62:52:cb:6d:7d:60:d7:6e:0e:38:51:
b2:69:94:73:62:3b:76:ac:63:6d:f5:11:2d:81:58:25:62:ad:
fe:fb:cd:f9:da:c2:f2:c8:36:da:e5:e4:c7:eb:59:1b:34:76:
69:7e:eb:a4:e8:0b:04:b4:8e:0b:be:02:b9:bb:23:40:72:f8:
9f:2e:36:19:2f:b0:a2:66:9d:e8:c3:85:1a:57:4e:ef:70:a8:
e3:d6:fd:93:b8:de:d6:de:29:e0:e2:21:61:7b:d8:f9:7e:94:
e5:a2:b0:74:53:78:cf:f8:a2:a7:d9:19:8f:59:74:f2:3a:49:
d2:98:2c:42:24:cb:42:99:34:46:8e:6a:b8:fb:c8:41:d1:fb:
b3:76:a5:5f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzDSLcLbdRMzqLPfQwVmBMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDkzZDYwYjUwNDI3ZGQ0MzE2ZWQ5NTA1YWQwOTllYjVh
YzJlMzQwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWI5OTE1MzU2MDZkYjk0N2I1MzYzMGE1M2VmODQ3Zjc2MWNiY2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/S2sQfGc9H1P53PPyP2TeaIIvcg
3RDMd4FS+U7Yf2La6EOcSp9XKyiAq/fK7Wc2Xes18IOUTJhjEE7boofm5eMyz9/G
pT1iHVkrxQjs/Or8MGqrd+UH/whI/jIKVcnWEkrw4JQn7Qg4E9jhnBTkmjl/Zu1V
TXwGosHyiOWYhK5GugrjfaG0AyhRrFYvRkvqGriY3t7jThHJ6a6NqUxgJY5lkP+2
kx1hmKBdq5JVU+Tr1Xr8B4qo836kmFE/MJczkV21ayt3F42LTuTJeFnhdzVn9gZs
DQg1HHljVnw6XBUV2MCKAf221wdOHaypGSs6xA6GpFwu+m4z3sn50n2LawIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFI65kVNWBtuUe1NjClPvhH92HLzXMB8GA1UdIwQY
MBaAFHJJPWC1BCfdQxbtlQWtCZ61rC40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2trOVlMVUVKOTFERnUyVkJhMEpucldzTGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83MWEzNDktYmFmNC00N2IzLWE5ZWQt
YzY3MzBjOGU0NmFhLzEvanJtUlUxWUcyNVI3VTJNS1UtLUVmM1ljdk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83MWEzNDktYmFmNC00N2IzLWE5ZWQtYzY3MzBjOGU0NmFh
LzEvY2trOVlMVUVKOTFERnUyVkJhMEpucldzTGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAO5jrgD
BAC5jrowGAQCAAIwEgMHACoHLwATNwMHACoHLwDerTANBgkqhkiG9w0BAQsFAAOC
AQEAVjA00GcXOJ8AA8XrD5zA4p8FjOe1u5QOFwSPQGNqU7JiywiLDD7KyQdIzE0K
X2lPWwmD2sWmvMgldH+EL0wux++XJuGGqRj2YrnsOJqHgM+V/5YCEH0nMcsgFGsS
WrOmNs1coFjMjVT+gCqvI8exJu9Go2JSy219YNduDjhRsmmUc2I7dqxjbfURLYFY
JWKt/vvN+drC8sg22uXkx+tZGzR2aX7rpOgLBLSOC74CubsjQHL4ny42GS+womad
6MOFGldO73Co49b9k7je1t4p4OIhYXvY+X6U5aKwdFN4z/iip9kZj1l08jpJ0pgs
QiTLQpk0Ro5quPvIQdH7s3alXw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:56 2024 by rpki-client on console-fra.rpki-client.org