Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JNwIg8byGQVo6YBjCMB3ZrukaaM.roa
File: JNwIg8byGQVo6YBjCMB3ZrukaaM.roa (raw, json)
Hash identifier: kl2F4HJvqHMyDukZw+M/EACYMu6C5PLFXV1frfPbI30=
Subject key identifier: 24:DC:08:83:C6:F2:19:05:68:E9:80:63:08:C0:77:66:BB:A4:69:A3
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EE35786FFB44979039C44BBFA2DEE65A4
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JNwIg8byGQVo6YBjCMB3ZrukaaM.roa
Signing time: Mon 15 Apr 2024 19:59:07 +0000
ROA not before: Mon 15 Apr 2024 19:59:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62300
IP address blocks: 31.40.201.0/24 maxlen: 24
195.216.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:57:86:ff:b4:49:79:03:9c:44:bb:fa:2d:ee:65:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 15 19:59:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24dc0883c6f2190568e9806308c07766bba469a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:c1:13:b0:0d:c7:8d:94:9a:66:dd:fe:08:
68:21:ef:b3:53:b5:ce:0d:7d:f4:db:40:67:92:11:
1f:23:2b:96:ec:1c:42:3d:28:d9:60:4b:7f:0d:24:
22:d9:29:67:d6:61:76:6f:39:2e:41:ba:d5:5e:19:
2b:06:b2:cb:cb:53:52:82:8a:b2:ab:58:b8:7d:f6:
93:e4:e2:f4:d5:c1:06:a6:37:f8:4e:ed:e3:0d:4a:
ca:be:07:2a:69:11:15:8b:3e:90:e4:89:c0:64:10:
e3:fa:79:a5:18:cb:fe:cf:95:b9:78:35:3c:c5:77:
06:90:4a:d2:14:7e:63:d3:5e:80:05:2e:32:15:de:
74:36:99:ce:d3:eb:69:e0:9e:19:53:56:7b:03:8f:
0d:d7:9d:df:0e:b6:f1:2c:41:9e:63:5b:8a:2c:63:
99:59:70:43:31:0c:83:e4:3c:3c:1b:67:e4:30:3e:
c5:52:fd:f1:49:d2:4c:69:47:4d:31:ad:bc:18:5b:
92:b8:f9:f0:47:72:25:a2:89:81:64:02:55:71:6b:
ef:b1:ff:eb:a7:37:52:37:bb:9a:b7:8f:6f:87:ae:
06:7a:d9:6b:56:15:7c:bf:8c:0c:31:07:4d:6b:72:
d8:fe:eb:73:99:48:b8:52:d6:33:b9:4c:83:7b:18:
6b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DC:08:83:C6:F2:19:05:68:E9:80:63:08:C0:77:66:BB:A4:69:A3
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/JNwIg8byGQVo6YBjCMB3ZrukaaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.201.0/24
195.216.154.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b2:7d:ab:83:80:c7:dc:08:db:19:3b:15:eb:a0:13:b1:7c:
dc:0f:f9:1a:9b:20:fa:63:4c:0e:bd:57:b2:b4:f4:4e:26:a1:
ed:13:ed:9a:7d:ad:f5:e5:71:1e:68:c2:3a:8b:0e:49:10:1d:
ec:22:cb:31:9a:45:de:ac:59:48:5e:36:28:aa:20:6c:56:9a:
44:91:a6:5f:a6:1e:ef:c6:59:56:93:f1:f3:c0:8d:98:8a:0b:
aa:13:9f:d3:c8:c9:8c:5a:33:15:ce:f2:80:06:77:61:42:62:
e7:1e:74:b4:ed:71:83:37:42:a5:3e:17:69:40:1e:d5:13:80:
98:0f:1b:07:ab:e7:3e:6c:cb:8e:86:2d:77:28:0b:d1:24:38:
75:6c:78:dc:43:91:87:21:33:31:9e:77:2c:19:d7:eb:80:d5:
20:9e:e3:de:77:73:8b:aa:bc:ff:be:44:9c:81:05:4f:6b:fc:
19:6c:ed:89:04:63:e4:4a:34:45:b3:13:24:1e:fa:0b:f2:2a:
4f:81:32:41:b3:d4:22:57:29:93:e0:34:ac:7e:18:20:18:21:
5d:e1:20:59:3e:e5:58:f2:c2:7b:e3:c2:e5:4f:2b:46:5c:9e:
d5:c6:40:33:a2:3b:4f:5b:c5:9f:9a:02:84:6b:42:ba:d7:ed:
6c:28:cc:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7jV4b/tEl5A5xEu/ot7mWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDE1MTk1OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRjMDg4M2M2ZjIxOTA1NjhlOTgwNjMwOGMwNzc2NmJiYTQ2OWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBfBE7ANx42Ummbd/ghoIe+zU7XO
DX3020BnkhEfIyuW7BxCPSjZYEt/DSQi2Sln1mF2bzkuQbrVXhkrBrLLy1NSgoqy
q1i4ffaT5OL01cEGpjf4Tu3jDUrKvgcqaREViz6Q5InAZBDj+nmlGMv+z5W5eDU8
xXcGkErSFH5j016ABS4yFd50NpnO0+tp4J4ZU1Z7A48N153fDrbxLEGeY1uKLGOZ
WXBDMQyD5Dw8G2fkMD7FUv3xSdJMaUdNMa28GFuSuPnwR3IloomBZAJVcWvvsf/r
pzdSN7uat49vh64GetlrVhV8v4wMMQdNa3LY/utzmUi4UtYzuUyDexhrVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTcCIPG8hkFaOmAYwjAd2a7pGmjMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSk53SWc4YnlHUVZvNllCakNNQjNacnVrYWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyjJAwQA
w9iaMA0GCSqGSIb3DQEBCwUAA4IBAQBdsn2rg4DH3AjbGTsV66ATsXzcD/kamyD6
Y0wOvVeytPROJqHtE+2afa315XEeaMI6iw5JEB3sIssxmkXerFlIXjYoqiBsVppE
kaZfph7vxllWk/HzwI2YiguqE5/TyMmMWjMVzvKABndhQmLnHnS07XGDN0KlPhdp
QB7VE4CYDxsHq+c+bMuOhi13KAvRJDh1bHjcQ5GHITMxnncsGdfrgNUgnuPed3OL
qrz/vkScgQVPa/wZbO2JBGPkSjRFsxMkHvoL8ipPgTJBs9QiVymT4DSsfhggGCFd
4SBZPuVY8sJ748LlTytGXJ7VxkAzojtPW8WfmgKEa0K61+1sKMwH
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:27 2024 by rpki-client on console-ams.rpki-client.org