Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/JDHw4dMSEYp7rFKitwg6wsA3eeQ.roa
File: JDHw4dMSEYp7rFKitwg6wsA3eeQ.roa (raw, json)
Hash identifier: +sInuW+MUasz58xKp2AqkoOJ+Zn++k3jsQNHzC5Wt6g=
Subject key identifier: 24:31:F0:E1:D3:12:11:8A:7B:AC:52:A2:B7:08:3A:C2:C0:37:79:E4
Certificate issuer: /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial: 018CDA3EA6CA80AEEBE2607F75184339C0AD
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/JDHw4dMSEYp7rFKitwg6wsA3eeQ.roa
Signing time: Fri 05 Jan 2024 15:29:48 +0000
ROA not before: Fri 05 Jan 2024 15:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25454
IP address blocks: 217.12.112.0/20 maxlen: 24
185.8.68.0/22 maxlen: 22
185.8.68.0/23 maxlen: 23
94.243.64.0/18 maxlen: 24
212.56.192.0/19 maxlen: 24
185.167.132.0/22 maxlen: 24
188.131.0.0/17 maxlen: 24
77.89.192.0/18 maxlen: 24
46.166.0.0/18 maxlen: 24
193.239.182.0/23 maxlen: 24
195.22.224.0/19 maxlen: 24
2a00:1858::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:3e:a6:ca:80:ae:eb:e2:60:7f:75:18:43:39:c0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Validity
Not Before: Jan 5 15:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2431f0e1d312118a7bac52a2b7083ac2c03779e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:00:86:3c:35:c6:42:08:46:e5:f7:5a:b8:37:
65:90:24:4d:69:20:94:47:6e:f0:15:3c:7c:8b:a8:
5b:05:29:03:6d:cb:ce:34:5f:ec:60:7f:f3:48:12:
9d:2f:8d:05:bc:22:1e:8e:21:ff:60:50:b6:97:1b:
66:99:05:f8:79:65:4c:af:c5:1e:74:1a:46:56:56:
91:41:90:4f:08:e6:45:6f:de:23:3c:22:b0:0c:45:
0b:79:63:49:13:8d:8a:0c:37:5f:7e:8d:5f:9a:1a:
23:52:12:66:d6:d4:7a:a5:45:2a:4b:d8:66:18:fc:
c5:cd:28:d9:e4:b9:ed:ce:46:1c:2b:c7:ee:5b:6d:
46:a6:35:34:ff:03:b3:29:50:b4:67:fc:81:5c:78:
fe:ed:4c:c8:89:6c:00:85:37:f6:aa:5b:f4:3d:51:
1e:c6:d7:22:d9:62:80:0f:06:31:0e:81:95:e1:af:
c3:ab:46:e4:a2:1a:cb:ad:8b:09:1e:c3:e3:e0:23:
9c:6d:df:5b:31:37:62:65:37:5c:f3:5a:70:69:40:
09:f1:4b:a5:14:4c:2d:67:18:8c:14:ae:72:e0:3e:
c8:46:dc:b6:97:ba:ba:6b:73:43:c5:2c:c5:07:31:
5d:f5:24:1c:e8:be:2f:22:d4:74:64:b3:5e:25:16:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:31:F0:E1:D3:12:11:8A:7B:AC:52:A2:B7:08:3A:C2:C0:37:79:E4
X509v3 Authority Key Identifier:
keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/JDHw4dMSEYp7rFKitwg6wsA3eeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.0.0/18
77.89.192.0/18
94.243.64.0/18
185.8.68.0/22
185.167.132.0/22
188.131.0.0/17
193.239.182.0/23
195.22.224.0/19
212.56.192.0/19
217.12.112.0/20
IPv6:
2a00:1858::/32
Signature Algorithm: sha256WithRSAEncryption
1a:9a:86:3b:29:9f:6a:e1:44:51:bb:4e:98:8a:f4:f9:f9:83:
5e:6f:ab:58:f9:f2:0b:23:db:01:e0:bf:26:8f:79:be:ad:3b:
45:68:11:6e:bd:85:b5:24:5b:14:d0:a0:ab:c3:03:87:f9:f4:
92:3d:19:d4:47:85:28:0e:f8:24:13:d4:78:0b:8b:27:a9:c8:
53:96:08:5f:d8:d1:9f:f8:29:2f:ae:d9:dd:16:24:5c:6e:65:
77:60:db:74:cc:50:ef:50:cc:86:e5:75:4b:cb:3f:88:99:ef:
5b:16:08:4e:c3:c7:b0:b2:84:b5:2e:06:0e:60:6a:0b:7e:62:
09:5e:b4:0a:0c:1f:ed:e2:b3:73:f1:17:58:c2:e1:9b:4d:f7:
73:cd:af:83:b2:7e:18:dc:1e:c8:95:39:2c:52:af:f1:65:f3:
6e:74:51:ce:44:cd:69:44:e9:43:6f:b5:71:10:1c:f8:43:86:
b1:91:72:cf:d3:e9:e6:7a:32:0b:93:ba:23:dd:95:a7:88:c8:
16:aa:68:a2:fb:a4:c6:aa:66:42:de:3e:9b:c6:5b:ca:ec:2b:
5e:6e:47:1c:9a:0c:77:92:10:1c:11:6e:c2:aa:3f:08:34:04:
00:f8:65:b3:86:3b:ea:64:73:fa:35:00:54:d7:61:9b:89:3c:
b8:95:12:b5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzaPqbKgK7r4mB/dRhDOcCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjQwMTA1MTUyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDMxZjBlMWQzMTIxMThhN2JhYzUyYTJiNzA4M2FjMmMwMzc3OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwCGPDXGQghG5fdauDdlkCRNaSCU
R27wFTx8i6hbBSkDbcvONF/sYH/zSBKdL40FvCIejiH/YFC2lxtmmQX4eWVMr8Ue
dBpGVlaRQZBPCOZFb94jPCKwDEULeWNJE42KDDdffo1fmhojUhJm1tR6pUUqS9hm
GPzFzSjZ5LntzkYcK8fuW21GpjU0/wOzKVC0Z/yBXHj+7UzIiWwAhTf2qlv0PVEe
xtci2WKADwYxDoGV4a/Dq0bkohrLrYsJHsPj4COcbd9bMTdiZTdc81pwaUAJ8Uul
FEwtZxiMFK5y4D7IRty2l7q6a3NDxSzFBzFd9SQc6L4vItR0ZLNeJRbtgwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCQx8OHTEhGKe6xSorcIOsLAN3nkMB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEvSkRIdzRkTVNFWXA3ckZLaXR3ZzZ3c0EzZWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQGLqYAAwQG
TVnAAwQGXvNAAwQCuQhEAwQCuaeEAwQHvIMAAwQBwe+2AwQFwxbgAwQF1DjAAwQE
2QxwMA0EAgACMAcDBQAqABhYMA0GCSqGSIb3DQEBCwUAA4IBAQAamoY7KZ9q4URR
u06YivT5+YNeb6tY+fILI9sB4L8mj3m+rTtFaBFuvYW1JFsU0KCrwwOH+fSSPRnU
R4UoDvgkE9R4C4snqchTlghf2NGf+CkvrtndFiRcbmV3YNt0zFDvUMyG5XVLyz+I
me9bFghOw8ewsoS1LgYOYGoLfmIJXrQKDB/t4rNz8RdYwuGbTfdzza+Dsn4Y3B7I
lTksUq/xZfNudFHORM1pROlDb7VxEBz4Q4axkXLP0+nmejILk7oj3ZWniMgWqmii
+6TGqmZC3j6bxlvK7Ctebkccmgx3khAcEW7Cqj8INAQA+GWzhjvqZHP6NQBU12Gb
iTy4lRK1
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:00 2024 by rpki-client on console-ams.rpki-client.org