Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/jMsh8ePlJDf2uzU4DrmHlsT01no.roa
File: jMsh8ePlJDf2uzU4DrmHlsT01no.roa (raw, json)
Hash identifier: BY0EqE8aaCKmSVPeC2mwDZX7jbMhc0wM20CanfAqZ2o=
Subject key identifier: 8C:CB:21:F1:E3:E5:24:37:F6:BB:35:38:0E:B9:87:96:C4:F4:D6:7A
Certificate issuer: /CN=75e6e212c63741b85b957c7c97f7c58f5b5e1335
Certificate serial: 018CC2DB1DCAE8108F67815F8C7C4E389C34
Authority key identifier: 75:E6:E2:12:C6:37:41:B8:5B:95:7C:7C:97:F7:C5:8F:5B:5E:13:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/debiEsY3QbhblXx8l_fFj1teEzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/jMsh8ePlJDf2uzU4DrmHlsT01no.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35383
IP address blocks: 84.39.120.0/21 maxlen: 21
84.39.122.0/24 maxlen: 24
84.39.127.0/24 maxlen: 24
2a01:7a20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/debiEsY3QbhblXx8l_fFj1teEzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/debiEsY3QbhblXx8l_fFj1teEzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/debiEsY3QbhblXx8l_fFj1teEzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1d:ca:e8:10:8f:67:81:5f:8c:7c:4e:38:9c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e6e212c63741b85b957c7c97f7c58f5b5e1335
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ccb21f1e3e52437f6bb35380eb98796c4f4d67a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:04:d0:6c:b9:cd:75:6f:1b:25:52:92:e0:
a2:ea:67:ab:a8:04:00:de:08:8a:b8:92:a5:fa:eb:
65:22:a3:2a:55:6b:15:25:fe:d2:c2:f0:35:29:29:
55:9d:86:d9:11:89:5c:52:f1:6d:bb:c8:fb:dd:4a:
2a:b0:99:ec:16:cd:37:f4:b6:1e:87:5f:4d:b4:a3:
80:63:b1:26:32:e5:af:d5:d6:36:b8:0b:b0:3e:07:
11:b3:52:c1:68:44:dd:c2:24:74:85:e3:0f:79:27:
f5:8b:8f:34:9b:65:f4:30:4f:86:58:95:63:96:47:
28:59:80:a7:d4:a2:d6:b9:6e:df:b2:22:62:0b:db:
16:49:c8:2d:22:82:6c:41:a3:6e:ab:ca:52:57:5f:
12:8b:07:80:ba:22:38:d1:a4:42:5c:9c:a2:bc:df:
f8:ab:f9:95:6a:f9:52:c4:96:04:78:99:63:e3:a1:
75:bc:a6:da:ba:41:57:13:09:63:d6:6a:d3:39:aa:
31:92:b5:ae:9f:70:57:a2:70:25:3a:f7:34:62:57:
8d:23:c6:d0:54:5a:09:69:c8:e4:c4:e1:c6:b4:8f:
ef:ea:16:d9:d1:ab:2e:0c:7f:e5:6c:41:f0:1c:f7:
cc:7e:86:f2:56:f1:96:bc:6f:95:79:71:2f:cb:dc:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CB:21:F1:E3:E5:24:37:F6:BB:35:38:0E:B9:87:96:C4:F4:D6:7A
X509v3 Authority Key Identifier:
keyid:75:E6:E2:12:C6:37:41:B8:5B:95:7C:7C:97:F7:C5:8F:5B:5E:13:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/debiEsY3QbhblXx8l_fFj1teEzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/jMsh8ePlJDf2uzU4DrmHlsT01no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/333ea6-584a-4749-83c7-03d7461eb58a/1/debiEsY3QbhblXx8l_fFj1teEzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.120.0/21
IPv6:
2a01:7a20::/32
Signature Algorithm: sha256WithRSAEncryption
92:99:d3:37:0c:96:5d:00:e6:4e:11:bd:2f:92:c0:cd:b3:5a:
84:2f:aa:35:92:cb:a1:2f:8c:ab:c7:41:92:f9:58:da:ea:d5:
b0:96:36:2e:5c:b4:dd:3c:5d:a7:4a:e8:95:e4:53:ec:d3:8a:
cc:1b:e8:5d:0a:9a:c1:49:d5:5f:ad:34:30:82:b7:f1:18:07:
62:a5:40:ac:3c:54:92:38:1f:f3:64:89:c4:f4:99:3e:4f:ce:
a6:b4:e6:8d:42:53:20:17:f1:b3:e7:64:c0:c6:1e:f8:01:07:
22:58:e7:32:87:7c:e2:40:2a:9a:3f:34:1d:b9:78:da:55:b0:
38:06:4c:eb:eb:f5:02:52:e4:4d:b9:db:9d:8c:2e:68:33:70:
3c:4b:17:04:95:21:e3:c4:c5:7f:de:1b:41:d5:5d:d8:1b:cf:
7f:d9:0d:5b:24:06:ca:d7:18:b5:f3:e4:83:fa:78:31:8f:33:
41:8d:a6:04:f1:eb:b2:3a:6a:1f:bb:1e:8e:65:76:5b:5f:a5:
30:9b:ec:20:71:44:d7:72:e3:03:6e:01:61:5e:35:7a:d4:a0:
00:5d:b3:73:10:b7:3d:bf:ba:55:8a:f1:8a:9e:8a:9e:c2:93:
cc:a4:80:d0:c1:0e:87:03:dd:d6:f2:88:b3:b0:ba:78:b0:d7:
71:9c:6c:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2x3K6BCPZ4FfjHxOOJw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTZlMjEyYzYzNzQxYjg1Yjk1N2M3Yzk3ZjdjNThmNWI1
ZTEzMzUwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NiMjFmMWUzZTUyNDM3ZjZiYjM1MzgwZWI5ODc5NmM0ZjRkNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumEE0Gy5zXVvGyVSkuCi6merqAQA
3giKuJKl+utlIqMqVWsVJf7SwvA1KSlVnYbZEYlcUvFtu8j73UoqsJnsFs039LYe
h19NtKOAY7EmMuWv1dY2uAuwPgcRs1LBaETdwiR0heMPeSf1i480m2X0ME+GWJVj
lkcoWYCn1KLWuW7fsiJiC9sWScgtIoJsQaNuq8pSV18SiweAuiI40aRCXJyivN/4
q/mVavlSxJYEeJlj46F1vKbaukFXEwlj1mrTOaoxkrWun3BXonAlOvc0YleNI8bQ
VFoJacjkxOHGtI/v6hbZ0asuDH/lbEHwHPfMfobyVvGWvG+VeXEvy9xm1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIzLIfHj5SQ39rs1OA65h5bE9NZ6MB8GA1UdIwQY
MBaAFHXm4hLGN0G4W5V8fJf3xY9bXhM1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGViaUVzWTNRYmhibFh4OGxfZkZqMXRlRXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zMzNlYTYtNTg0YS00NzQ5LTgzYzct
MDNkNzQ2MWViNThhLzEvak1zaDhlUGxKRGYydXpVNERybUhsc1QwMW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zMzNlYTYtNTg0YS00NzQ5LTgzYzctMDNkNzQ2MWViNThh
LzEvZGViaUVzWTNRYmhibFh4OGxfZkZqMXRlRXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDVCd4MA0E
AgACMAcDBQAqAXogMA0GCSqGSIb3DQEBCwUAA4IBAQCSmdM3DJZdAOZOEb0vksDN
s1qEL6o1ksuhL4yrx0GS+Vja6tWwljYuXLTdPF2nSuiV5FPs04rMG+hdCprBSdVf
rTQwgrfxGAdipUCsPFSSOB/zZInE9Jk+T86mtOaNQlMgF/Gz52TAxh74AQciWOcy
h3ziQCqaPzQduXjaVbA4Bkzr6/UCUuRNududjC5oM3A8SxcElSHjxMV/3htB1V3Y
G89/2Q1bJAbK1xi18+SD+ngxjzNBjaYE8euyOmofux6OZXZbX6Uwm+wgcUTXcuMD
bgFhXjV61KAAXbNzELc9v7pVivGKnoqewpPMpIDQwQ6HA93W8oizsLp4sNdxnGx9
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:14 2024 by rpki-client on console-fra.rpki-client.org