Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/jGT038D9r5TZ6JHTblJ2eGdVypI.roa
File: jGT038D9r5TZ6JHTblJ2eGdVypI.roa (raw, json)
Hash identifier: 5618+Q45zWRNQOxn5d85wJ8479hUUBcN7Pqpq+dKtLw=
Subject key identifier: 8C:64:F4:DF:C0:FD:AF:94:D9:E8:91:D3:6E:52:76:78:67:55:CA:92
Certificate issuer: /CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Certificate serial: 0190B5EA5F41977FC5DB7D40FE82176B7B5B
Authority key identifier: 55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/jGT038D9r5TZ6JHTblJ2eGdVypI.roa
Signing time: Mon 15 Jul 2024 10:22:34 +0000
ROA not before: Mon 15 Jul 2024 10:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47346
IP address blocks: 94.139.33.0/24 maxlen: 24
194.140.235.0/24 maxlen: 24
2a14:1380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.mft
rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 16:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:ea:5f:41:97:7f:c5:db:7d:40:fe:82:17:6b:7b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Validity
Not Before: Jul 15 10:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c64f4dfc0fdaf94d9e891d36e5276786755ca92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:64:b7:32:a6:29:1d:27:a4:d6:d8:09:8c:
41:49:29:49:22:37:c4:a3:1e:e6:47:1e:ec:ec:44:
ab:d0:f4:a1:af:bc:ea:87:3c:bd:a7:16:1a:0c:6b:
da:e3:14:68:21:31:58:4f:6e:c2:74:7e:bd:77:2a:
ee:40:5a:a1:0e:e2:5e:52:a1:2e:e8:8c:d4:2d:ec:
39:1b:e8:e3:3a:d1:ed:7e:5c:94:02:c5:53:97:b3:
1d:d8:28:71:c8:38:47:a0:27:30:94:1f:67:98:d7:
0b:aa:e2:fa:c0:2f:f2:ce:00:93:b6:af:5e:e9:63:
fd:2f:cc:a4:ff:61:b4:73:14:d8:8e:3a:41:7a:a2:
13:4f:66:c6:75:00:be:20:ee:6c:ba:c5:a2:35:c7:
8c:d3:85:80:cf:64:a2:6b:cf:29:8d:59:c1:10:dc:
3f:bf:9a:c5:09:6c:83:de:b8:81:14:9c:01:15:e3:
d3:46:db:5d:03:75:79:57:88:de:74:0c:e8:3c:30:
e6:e5:4b:b4:7e:30:59:84:aa:51:8c:14:a4:91:0d:
6e:1f:f8:67:ec:53:ee:39:2f:39:c5:08:c7:6e:de:
1c:35:94:ea:ab:97:65:37:20:46:08:40:0a:48:ca:
06:18:28:24:21:37:52:e0:b1:38:94:28:bc:ae:e2:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:64:F4:DF:C0:FD:AF:94:D9:E8:91:D3:6E:52:76:78:67:55:CA:92
X509v3 Authority Key Identifier:
keyid:55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/jGT038D9r5TZ6JHTblJ2eGdVypI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.33.0/24
194.140.235.0/24
IPv6:
2a14:1380::/32
Signature Algorithm: sha256WithRSAEncryption
8e:6e:72:0a:ad:37:b1:50:0a:9a:8d:a5:f5:7e:09:01:04:2c:
cd:b1:c3:3e:fc:bf:b9:8b:91:b0:1d:17:1b:37:1d:16:87:07:
75:c0:2a:f0:e1:7d:56:5d:27:67:eb:95:0f:e4:86:e2:59:8a:
41:fa:09:a0:08:24:26:79:b9:5f:b8:61:d9:71:aa:60:1a:83:
cf:a8:88:c8:42:6e:71:ce:07:a5:cf:26:d8:4d:be:26:3b:e9:
8c:bb:94:1c:0b:3d:f1:e0:9d:57:cc:62:bc:0c:79:0e:dc:c9:
3a:ea:bf:df:ed:ff:54:f3:a2:64:14:ac:2f:e6:24:57:ec:e5:
ef:7e:37:3d:08:bc:e1:bf:fa:d0:0f:b1:6c:a9:d0:2c:86:f2:
d3:3e:4e:44:0e:4d:44:2b:5e:ab:12:cd:e2:2d:f2:15:30:b9:
ce:5e:1a:45:a7:2d:b6:43:78:6c:21:c5:83:2a:65:46:1a:62:
08:b7:21:f3:c4:bf:95:f1:fa:7c:93:cc:58:c4:c2:54:85:bc:
26:af:13:03:c0:b7:64:b2:3b:15:25:d7:59:cf:73:b6:ff:1c:
41:2b:eb:ce:1d:1c:bf:44:d8:48:b4:b5:65:42:37:c9:fe:2f:
b5:b4:4a:1e:b2:30:d8:84:f9:ee:6d:3a:16:14:a9:4d:3a:12:
5d:30:bb:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZC16l9Bl3/F231A/oIXa3tbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmVkMTFiYjZkNWUyZDZhNmVhYmExOWRhZjYzN2I1M2Y3
NjdlZDUwHhcNMjQwNzE1MTAyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY0ZjRkZmMwZmRhZjk0ZDllODkxZDM2ZTUyNzY3ODY3NTVjYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlslktzKmKR0npNbYCYxBSSlJIjfE
ox7mRx7s7ESr0PShr7zqhzy9pxYaDGva4xRoITFYT27CdH69dyruQFqhDuJeUqEu
6IzULew5G+jjOtHtflyUAsVTl7Md2ChxyDhHoCcwlB9nmNcLquL6wC/yzgCTtq9e
6WP9L8yk/2G0cxTYjjpBeqITT2bGdQC+IO5susWiNceM04WAz2Sia88pjVnBENw/
v5rFCWyD3riBFJwBFePTRttdA3V5V4jedAzoPDDm5Uu0fjBZhKpRjBSkkQ1uH/hn
7FPuOS85xQjHbt4cNZTqq5dlNyBGCEAKSMoGGCgkITdS4LE4lCi8ruJZLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIxk9N/A/a+U2eiR025SdnhnVcqSMB8GA1UdIwQY
MBaAFFVu0Ru21eLWpuq6Gdr2N7U/dn7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYt
MTk5ODY2NWJkNzkzLzEvakdUMDM4RDlyNVRaNkpIVGJsSjJlR2RWeXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYtMTk5ODY2NWJkNzkz
LzEvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXoshAwQA
wozrMA0EAgACMAcDBQAqFBOAMA0GCSqGSIb3DQEBCwUAA4IBAQCObnIKrTexUAqa
jaX1fgkBBCzNscM+/L+5i5GwHRcbNx0Whwd1wCrw4X1WXSdn65UP5IbiWYpB+gmg
CCQmeblfuGHZcapgGoPPqIjIQm5xzgelzybYTb4mO+mMu5QcCz3x4J1XzGK8DHkO
3Mk66r/f7f9U86JkFKwv5iRX7OXvfjc9CLzhv/rQD7FsqdAshvLTPk5EDk1EK16r
Es3iLfIVMLnOXhpFpy22Q3hsIcWDKmVGGmIItyHzxL+V8fp8k8xYxMJUhbwmrxMD
wLdksjsVJddZz3O2/xxBK+vOHRy/RNhItLVlQjfJ/i+1tEoesjDYhPnubToWFKlN
OhJdMLvD
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:42:08 2024 by rpki-client on console-fra.rpki-client.org