Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa
File: M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa (raw, json)
Hash identifier: ln8gdm4IGIv1VR3bBlF2WppfExKn29Y/iJzJ9JvYF4I=
Subject key identifier: 33:D2:7F:25:84:4D:48:17:6F:CE:BD:A0:11:8B:28:1F:E1:E5:9C:39
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 018EF070772249C6A363572180F7AC252F8A
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa
Signing time: Thu 18 Apr 2024 09:01:26 +0000
ROA not before: Thu 18 Apr 2024 09:01:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43581
IP address blocks: 46.253.143.0/24 maxlen: 24
91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a11:1940::/29 maxlen: 29
2a13:a500::/32 maxlen: 32
2a13:a502::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.mft
rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:70:77:22:49:c6:a3:63:57:21:80:f7:ac:25:2f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Apr 18 09:01:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33d27f25844d48176fcebda0118b281fe1e59c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:25:97:a9:a7:33:c5:a4:13:53:b6:6e:e2:
8e:5c:f2:2c:9d:4c:40:79:17:79:f2:e3:07:0a:1e:
3d:34:f2:46:35:28:3f:6e:8d:e8:c1:8f:f0:0b:37:
8e:33:ec:e7:3e:39:81:d3:cb:18:bb:db:2a:de:95:
c3:7c:88:11:5f:c2:04:d5:d5:68:24:3c:96:11:d0:
3e:4d:93:63:c7:72:99:77:b4:8d:81:5f:63:0b:9f:
b2:35:3a:6a:5c:ab:5f:41:92:be:3e:24:6a:7e:aa:
1d:b7:84:32:b1:db:7b:ae:81:f8:66:bf:dd:a3:7e:
dc:29:d2:51:d8:d0:1f:44:95:19:65:cb:8e:8a:94:
1a:fa:b8:48:91:80:e0:9a:e3:c5:a3:30:81:c7:89:
e3:f1:b8:8c:29:73:c1:4f:66:32:8d:4a:e8:1d:91:
ed:89:40:3f:88:15:3f:1f:13:c5:b0:e4:58:ca:c8:
d7:ca:7d:f6:d2:b9:6d:b4:13:43:9c:a7:57:3f:88:
0f:58:f9:06:40:1b:2f:0b:07:d5:ce:3d:d1:ee:91:
4d:7d:1c:b1:87:97:15:a1:8c:62:32:cd:30:07:fa:
11:0e:99:4d:5b:95:c0:ae:e3:c9:1d:56:2f:45:9a:
0f:9c:04:72:75:08:8f:bc:62:3c:46:31:14:83:31:
03:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D2:7F:25:84:4D:48:17:6F:CE:BD:A0:11:8B:28:1F:E1:E5:9C:39
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/M9J_JYRNSBdvzr2gEYsoH-HlnDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
91.211.115.0/24
193.17.92.0/24
IPv6:
2a11:1940::/29
2a13:a500::/32
2a13:a502::/32
Signature Algorithm: sha256WithRSAEncryption
84:fb:55:7f:e3:1e:2c:5a:83:c1:0b:a9:45:7d:55:ac:ba:52:
f1:f8:09:96:ca:15:a3:e9:11:ea:dd:94:4d:18:10:a2:ab:d5:
a6:34:90:73:c9:94:c5:fb:a9:2b:10:3c:ac:8b:39:80:22:55:
be:13:7e:e7:f1:17:0a:53:dc:71:f3:b8:16:b7:bd:5a:37:fc:
eb:33:2e:31:e3:66:38:25:ba:98:1b:b1:00:2e:a6:b5:86:15:
ed:8d:85:33:ad:c5:75:56:39:bd:64:f1:94:af:6f:a3:69:c4:
9c:41:43:43:4a:63:d6:a7:84:9c:97:6e:a7:26:49:8a:be:ae:
0b:c2:54:46:fb:a5:a2:49:08:17:4a:8e:93:d2:95:9c:bf:df:
2f:80:29:4d:7f:1d:95:54:b7:84:dd:b9:68:cf:bd:73:fd:30:
2f:74:2f:65:e9:40:43:2e:8b:5c:61:27:5f:87:2a:16:a2:3d:
1f:f4:09:19:b3:e9:01:ac:a5:ef:fc:e3:0a:f6:98:7e:02:1c:
ab:c1:2d:0b:2f:ca:cb:8d:8a:7a:75:a3:98:da:2c:9c:85:bc:
a8:54:c4:c9:b2:51:e6:c2:2d:d0:3a:ad:a5:95:49:51:2f:5e:
30:9d:3b:fa:01:1a:64:a1:1e:d6:8c:c3:17:84:e8:51:85:1f:
a0:6f:bc:c7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY7wcHciScajY1chgPesJS+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjQwNDE4MDkwMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QyN2YyNTg0NGQ0ODE3NmZjZWJkYTAxMThiMjgxZmUxZTU5YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWoll6mnM8WkE1O2buKOXPIsnUxA
eRd58uMHCh49NPJGNSg/bo3owY/wCzeOM+znPjmB08sYu9sq3pXDfIgRX8IE1dVo
JDyWEdA+TZNjx3KZd7SNgV9jC5+yNTpqXKtfQZK+PiRqfqodt4Qysdt7roH4Zr/d
o37cKdJR2NAfRJUZZcuOipQa+rhIkYDgmuPFozCBx4nj8biMKXPBT2YyjUroHZHt
iUA/iBU/HxPFsORYysjXyn320rlttBNDnKdXP4gPWPkGQBsvCwfVzj3R7pFNfRyx
h5cVoYxiMs0wB/oRDplNW5XAruPJHVYvRZoPnARydQiPvGI8RjEUgzEDAwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDPSfyWETUgXb869oBGLKB/h5Zw5MB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvTTlKX0pZUk5TQmR2enIyZ0VZc29ILUhsbkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMBsEAgACMBUDBQMqERlAAwUAKhOlAAMFACoTpQIwDQYJKoZIhvcN
AQELBQADggEBAIT7VX/jHixag8ELqUV9Vay6UvH4CZbKFaPpEerdlE0YEKKr1aY0
kHPJlMX7qSsQPKyLOYAiVb4TfufxFwpT3HHzuBa3vVo3/OszLjHjZjglupgbsQAu
prWGFe2NhTOtxXVWOb1k8ZSvb6NpxJxBQ0NKY9anhJyXbqcmSYq+rgvCVEb7paJJ
CBdKjpPSlZy/3y+AKU1/HZVUt4TduWjPvXP9MC90L2XpQEMui1xhJ1+HKhaiPR/0
CRmz6QGspe/84wr2mH4CHKvBLQsvysuNinp1o5jaLJyFvKhUxMmyUebCLdA6raWV
SVEvXjCdO/oBGmShHtaMwxeE6FGFH6BvvMc=
-----END CERTIFICATE-----
Generated at Wed May 22 22:52:07 2024 by rpki-client on console-fra.rpki-client.org