Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jJ8OJqrOBLTodqmZ6dGkakFgIt4.roa
File: jJ8OJqrOBLTodqmZ6dGkakFgIt4.roa (raw, json)
Hash identifier: f9UJQnZcLXUK9DQtwVb/Hwz7n54J8tnJ8qUtyIx7N9E=
Subject key identifier: 8C:9F:0E:26:AA:CE:04:B4:E8:76:A9:99:E9:D1:A4:6A:41:60:22:DE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A08D577E8F4881A3EB0D93E944B7C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jJ8OJqrOBLTodqmZ6dGkakFgIt4.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50245
IP address blocks: 92.38.38.0/24 maxlen: 24
95.47.138.0/24 maxlen: 24
93.171.200.0/22 maxlen: 24
2a02:128:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:08:d5:77:e8:f4:88:1a:3e:b0:d9:3e:94:4b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c9f0e26aace04b4e876a999e9d1a46a416022de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:40:14:d1:e9:53:15:3b:6a:e9:c8:5b:e4:
56:b2:d2:e8:63:f2:92:35:f4:06:f8:66:26:13:92:
10:92:c1:62:4b:e2:e5:a5:36:67:94:4b:be:bd:1d:
4e:c2:32:87:46:f7:d4:2b:c9:3f:f1:5a:7a:c3:fa:
f5:66:d4:77:14:29:4f:a4:ac:56:14:82:75:4b:c2:
9f:b8:2a:82:fc:f1:f5:5e:b3:6c:76:f6:b2:8b:c7:
10:5e:40:2e:ef:45:b8:87:e7:63:b4:16:69:70:f4:
6f:e0:5e:3c:ee:eb:c7:3a:35:9c:7f:34:3c:cb:e4:
72:be:2d:61:9b:e9:1c:a4:a8:f6:32:88:13:03:0a:
10:2e:83:43:14:43:1b:71:be:a5:00:e8:45:cd:f7:
94:89:ac:2d:42:9c:37:07:cd:6c:3b:03:10:0d:34:
af:4a:d9:06:0a:f5:26:4e:cc:7f:ba:a8:35:5c:ce:
37:65:42:65:89:89:f7:bb:b3:7c:a9:d3:ad:f2:c8:
9d:d1:28:7c:76:f4:7c:e7:48:d7:b9:79:19:81:73:
96:2f:41:41:bd:af:68:a2:4e:57:e1:0a:01:95:87:
a0:84:58:6f:78:6b:21:f0:39:4a:31:7a:93:3a:c2:
fe:d3:6a:bd:e4:98:8b:79:31:f2:f9:ad:8d:f4:ff:
ac:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9F:0E:26:AA:CE:04:B4:E8:76:A9:99:E9:D1:A4:6A:41:60:22:DE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jJ8OJqrOBLTodqmZ6dGkakFgIt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.38.0/24
93.171.200.0/22
95.47.138.0/24
IPv6:
2a02:128:7::/48
Signature Algorithm: sha256WithRSAEncryption
b2:97:0a:42:a7:b2:a8:4e:11:d1:9f:96:42:e1:5f:2a:46:c5:
cc:21:2f:0e:fa:5f:99:01:aa:90:27:5f:45:b8:9e:01:af:01:
fc:f5:5e:8c:a6:64:9d:8b:a4:f2:09:74:3d:c9:a8:57:6b:71:
34:f3:7b:20:03:0c:74:c6:f5:d0:03:d3:87:62:b1:d6:a0:32:
3f:d7:13:e7:d9:a5:1d:d9:64:d9:b7:d1:c7:2d:56:70:3c:76:
37:28:c0:9f:d2:95:49:d7:db:57:cb:e6:f1:de:67:28:a2:46:
20:3e:c2:c4:97:13:d5:1b:10:da:65:4f:91:fc:82:8c:a4:d0:
4b:e1:e8:f7:0f:d0:ad:58:0f:ec:ce:15:42:58:1a:50:a9:ac:
ff:e3:2f:ff:75:cf:77:00:23:21:b7:fe:c2:80:b2:44:58:87:
56:8a:07:1a:be:23:cf:c7:78:28:da:09:ec:f7:45:da:34:0a:
07:4f:60:36:8d:3a:c6:12:01:53:8c:8e:f9:a7:44:76:6e:b2:
50:57:c8:44:c9:6a:0b:68:b2:9a:7a:ab:1a:22:5c:26:80:19:
e9:75:89:01:76:6b:3a:9b:7b:b0:81:3d:96:af:23:21:d4:96:
cd:e8:4a:c0:11:7a:11:a6:51:6d:6b:0e:b5:3a:08:9f:49:c6:
36:56:e5:7a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzKKgjVd+j0iBo+sNk+lEt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzlmMGUyNmFhY2UwNGI0ZTg3NmE5OTllOWQxYTQ2YTQxNjAyMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtONAFNHpUxU7aunIW+RWstLoY/KS
NfQG+GYmE5IQksFiS+LlpTZnlEu+vR1OwjKHRvfUK8k/8Vp6w/r1ZtR3FClPpKxW
FIJ1S8KfuCqC/PH1XrNsdvayi8cQXkAu70W4h+djtBZpcPRv4F487uvHOjWcfzQ8
y+Ryvi1hm+kcpKj2MogTAwoQLoNDFEMbcb6lAOhFzfeUiawtQpw3B81sOwMQDTSv
StkGCvUmTsx/uqg1XM43ZUJliYn3u7N8qdOt8sid0Sh8dvR850jXuXkZgXOWL0FB
va9ook5X4QoBlYeghFhveGsh8DlKMXqTOsL+02q95JiLeTHy+a2N9P+s0QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIyfDiaqzgS06HapmenRpGpBYCLeMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvako4T0pxck9CTFRvZHFtWjZkR2tha0ZnSXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAXCYmAwQC
XavIAwQAXy+KMA8EAgACMAkDBwAqAgEoAAcwDQYJKoZIhvcNAQELBQADggEBALKX
CkKnsqhOEdGflkLhXypGxcwhLw76X5kBqpAnX0W4ngGvAfz1XoymZJ2LpPIJdD3J
qFdrcTTzeyADDHTG9dAD04disdagMj/XE+fZpR3ZZNm30cctVnA8djcowJ/SlUnX
21fL5vHeZyiiRiA+wsSXE9UbENplT5H8goyk0Evh6PcP0K1YD+zOFUJYGlCprP/j
L/91z3cAIyG3/sKAskRYh1aKBxq+I8/HeCjaCez3Rdo0CgdPYDaNOsYSAVOMjvmn
RHZuslBXyETJagtospp6qxoiXCaAGel1iQF2azqbe7CBPZavIyHUls3oSsARehGm
UW1rDrU6CJ9JxjZW5Xo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:56 2024 by rpki-client on console-fra.rpki-client.org