Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/cjajmSgFNW5QOdxWEFQ8r7DdjZs.roa
File: cjajmSgFNW5QOdxWEFQ8r7DdjZs.roa (raw, json)
Hash identifier: VKSVFdm+HGXX698UEk/U9pCDG6IOrus9arShOyIBUjQ=
Subject key identifier: 72:36:A3:99:28:05:35:6E:50:39:DC:56:10:54:3C:AF:B0:DD:8D:9B
Certificate issuer: /CN=45cf9dc0c7b7fc4a336e4eee57b1ec1948c8ddf3
Certificate serial: 018CC8017BB82CFAC5F5ED2BCF9FFDAE930D
Authority key identifier: 45:CF:9D:C0:C7:B7:FC:4A:33:6E:4E:EE:57:B1:EC:19:48:C8:DD:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/cjajmSgFNW5QOdxWEFQ8r7DdjZs.roa
Signing time: Tue 02 Jan 2024 02:29:49 +0000
ROA not before: Tue 02 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199710
IP address blocks: 185.42.236.0/23 maxlen: 23
185.42.236.0/24 maxlen: 24
185.42.239.0/24 maxlen: 24
185.42.238.0/24 maxlen: 24
185.42.238.0/23 maxlen: 23
185.42.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7b:b8:2c:fa:c5:f5:ed:2b:cf:9f:fd:ae:93:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45cf9dc0c7b7fc4a336e4eee57b1ec1948c8ddf3
Validity
Not Before: Jan 2 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7236a3992805356e5039dc5610543cafb0dd8d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:a3:6c:20:5b:47:2f:57:74:6e:7a:03:5c:
10:48:36:40:e1:ac:28:14:11:c6:74:1f:fb:4f:0e:
fe:01:d0:57:e8:af:83:40:2a:e6:6a:4f:57:52:08:
86:f3:85:ee:fe:50:6d:95:4d:cd:54:3b:d0:51:ae:
d4:38:77:2b:4f:06:16:05:4f:8b:c4:71:89:38:cf:
5c:4f:f4:4d:17:ea:bd:cb:c7:10:81:8c:2c:ae:15:
63:e1:7a:f3:f5:e4:15:e7:21:fb:7f:e4:cf:e2:1a:
ef:9a:81:51:9e:73:d3:20:cc:6b:c3:fa:20:45:da:
7a:d5:90:3e:5f:4b:39:55:ac:7c:dc:1c:dc:0f:31:
bb:6e:a5:76:22:e8:4c:15:1e:1a:c0:7b:6a:ed:57:
c8:3a:c2:d4:d2:e9:30:d5:eb:37:99:65:ec:82:d6:
1e:60:0a:0c:0b:ce:3f:b8:9d:17:13:88:34:2e:e6:
54:cb:ec:02:9e:b7:4e:1e:a9:3d:d8:af:b5:4d:21:
fa:fe:da:08:63:f3:d6:56:bd:01:bf:b9:54:6b:ad:
c5:64:07:8a:7b:08:01:63:72:12:41:61:24:b2:28:
a1:c2:37:4c:8d:8d:f0:1d:2b:a3:8b:e7:1b:01:f4:
ad:1f:62:23:cd:49:a0:a1:81:03:3a:46:09:3b:63:
e2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:36:A3:99:28:05:35:6E:50:39:DC:56:10:54:3C:AF:B0:DD:8D:9B
X509v3 Authority Key Identifier:
keyid:45:CF:9D:C0:C7:B7:FC:4A:33:6E:4E:EE:57:B1:EC:19:48:C8:DD:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/cjajmSgFNW5QOdxWEFQ8r7DdjZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/8920fc-bbae-4132-b752-ee72f2b3a473/1/Rc-dwMe3_Eozbk7uV7HsGUjI3fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.236.0/22
Signature Algorithm: sha256WithRSAEncryption
75:e1:7e:5b:d1:5c:0b:44:91:0f:4e:7d:f4:35:66:77:a3:a9:
2c:61:b4:54:ed:c0:ff:00:e0:45:fa:4d:4c:ff:5a:35:8f:fb:
e9:fb:5b:49:0d:1e:64:08:46:39:b6:61:bd:0a:16:b0:be:1d:
1e:07:83:47:31:0f:3b:79:16:90:94:85:8a:01:89:70:9d:e8:
fa:d8:c9:3b:f5:b1:08:e7:7e:65:fc:3e:6c:73:18:ba:ba:e3:
29:18:68:a4:22:7c:71:ce:1b:36:2f:11:14:a5:b7:6c:b6:b1:
62:c4:2c:5c:8c:ab:f0:c0:7f:0e:82:f3:c9:b8:26:fe:68:21:
67:32:b7:fe:03:30:b8:52:35:20:91:0b:dc:d7:06:d4:2b:de:
3a:1d:f1:e1:6f:ee:76:3e:32:80:a4:3b:f4:fc:25:da:5e:65:
18:da:d4:5f:43:c9:c0:a5:3c:77:5c:77:9b:f8:ee:f1:b2:69:
77:7c:e2:76:8d:67:dd:77:96:1a:da:f9:24:4b:fb:2f:8f:e7:
ce:e8:76:4b:9a:b8:78:bb:bb:57:09:d8:8a:d6:ba:6f:dd:05:
1b:93:67:51:4e:0f:10:41:fe:03:89:fa:0e:76:a4:63:d3:0f:
3b:1e:02:97:97:11:ac:6d:12:66:16:2c:ff:0d:12:d5:33:dd:
7f:5a:09:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXu4LPrF9e0rz5/9rpMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Y2Y5ZGMwYzdiN2ZjNGEzMzZlNGVlZTU3YjFlYzE5NDhj
OGRkZjMwHhcNMjQwMTAyMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM2YTM5OTI4MDUzNTZlNTAzOWRjNTYxMDU0M2NhZmIwZGQ4ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkWjbCBbRy9XdG56A1wQSDZA4awo
FBHGdB/7Tw7+AdBX6K+DQCrmak9XUgiG84Xu/lBtlU3NVDvQUa7UOHcrTwYWBU+L
xHGJOM9cT/RNF+q9y8cQgYwsrhVj4Xrz9eQV5yH7f+TP4hrvmoFRnnPTIMxrw/og
Rdp61ZA+X0s5Vax83BzcDzG7bqV2IuhMFR4awHtq7VfIOsLU0ukw1es3mWXsgtYe
YAoMC84/uJ0XE4g0LuZUy+wCnrdOHqk92K+1TSH6/toIY/PWVr0Bv7lUa63FZAeK
ewgBY3ISQWEksiihwjdMjY3wHSuji+cbAfStH2IjzUmgoYEDOkYJO2PitwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHI2o5koBTVuUDncVhBUPK+w3Y2bMB8GA1UdIwQY
MBaAFEXPncDHt/xKM25O7lex7BlIyN3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmMtZHdNZTNfRW96Yms3dVY3SHNHVWpJM2ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84OTIwZmMtYmJhZS00MTMyLWI3NTIt
ZWU3MmYyYjNhNDczLzEvY2pham1TZ0ZOVzVRT2R4V0VGUThyN0RkalpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84OTIwZmMtYmJhZS00MTMyLWI3NTItZWU3MmYyYjNhNDcz
LzEvUmMtZHdNZTNfRW96Yms3dVY3SHNHVWpJM2ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSrsMA0G
CSqGSIb3DQEBCwUAA4IBAQB14X5b0VwLRJEPTn30NWZ3o6ksYbRU7cD/AOBF+k1M
/1o1j/vp+1tJDR5kCEY5tmG9Chawvh0eB4NHMQ87eRaQlIWKAYlwnej62Mk79bEI
535l/D5scxi6uuMpGGikInxxzhs2LxEUpbdstrFixCxcjKvwwH8OgvPJuCb+aCFn
Mrf+AzC4UjUgkQvc1wbUK946HfHhb+52PjKApDv0/CXaXmUY2tRfQ8nApTx3XHeb
+O7xsml3fOJ2jWfdd5Ya2vkkS/svj+fO6HZLmrh4u7tXCdiK1rpv3QUbk2dRTg8Q
Qf4DifoOdqRj0w87HgKXlxGsbRJmFiz/DRLVM91/WgnQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:58 2024 by rpki-client on console-fra.rpki-client.org