Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/JOYNSYXKFtdaKQo8CgV-vTBkTpU.roa
File: JOYNSYXKFtdaKQo8CgV-vTBkTpU.roa (raw, json)
Hash identifier: bBBFHAiApmDG6LbKlw1Kx7gJZdTKSfEfRMRpdgS/WY0=
Subject key identifier: 24:E6:0D:49:85:CA:16:D7:5A:29:0A:3C:0A:05:7E:BD:30:64:4E:95
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 018CC56ED86688971DC84ECE46C8AAAAC672
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/JOYNSYXKFtdaKQo8CgV-vTBkTpU.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29310
IP address blocks: 213.244.116.0/24 maxlen: 24
213.244.117.0/24 maxlen: 24
213.244.115.0/24 maxlen: 24
213.244.122.0/24 maxlen: 24
193.223.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 00:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d8:66:88:97:1d:c8:4e:ce:46:c8:aa:aa:c6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24e60d4985ca16d75a290a3c0a057ebd30644e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fb:db:f9:03:f3:76:e1:b4:5a:20:fa:0a:67:
20:7e:1a:28:73:16:7d:2c:55:03:76:a9:62:96:25:
4d:26:23:64:1e:d3:c6:79:70:b1:33:13:69:3d:b3:
5d:54:8f:c5:6f:07:ca:71:c6:bb:5e:c9:15:81:de:
12:85:30:0d:ba:23:14:b8:94:46:aa:de:2c:f1:d9:
9e:d0:13:c5:42:3c:c1:5f:b6:73:52:84:25:7e:88:
9c:84:84:c1:62:64:e6:68:c3:f8:f9:74:0c:5d:32:
e8:91:0d:45:a1:58:66:b3:71:0f:e0:a9:62:16:5c:
e7:e8:80:ce:d5:c6:ee:81:cd:03:51:bd:50:12:dd:
6d:bd:f4:13:4b:5c:49:d1:d5:2b:cf:a5:78:28:95:
a8:b8:32:ed:65:6c:a1:02:da:34:30:85:8f:63:1e:
71:87:4f:3e:30:93:b1:92:11:5e:ca:3c:a6:da:29:
6d:05:c5:05:dd:a7:4f:2e:57:30:8f:9e:2b:16:b5:
64:a1:4a:fd:41:3c:a2:da:85:8f:43:c3:12:0e:c7:
a0:e5:7f:a1:c0:25:de:f0:27:ca:9c:55:41:8e:84:
04:44:83:c1:06:f2:eb:8b:71:f8:04:1b:9d:d4:e2:
ae:59:02:09:94:cc:99:c5:d0:b3:f6:86:65:53:b9:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E6:0D:49:85:CA:16:D7:5A:29:0A:3C:0A:05:7E:BD:30:64:4E:95
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/JOYNSYXKFtdaKQo8CgV-vTBkTpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.252.0/23
213.244.115.0-213.244.117.255
213.244.122.0/24
Signature Algorithm: sha256WithRSAEncryption
41:dd:ad:1b:33:81:d4:86:1d:3a:12:cd:19:f4:bc:0e:91:8b:
49:70:88:96:03:69:13:50:57:30:1f:f4:a3:5f:57:ac:e6:d2:
12:d5:f3:98:bf:15:5c:77:e2:9f:22:41:b9:26:29:09:ed:51:
9f:14:21:c6:3e:11:22:29:db:be:ec:5b:da:83:a9:87:14:5c:
17:6e:d4:3f:a8:0d:a1:d4:bc:10:b7:13:ee:3c:04:10:77:22:
85:80:55:e8:cc:9a:8c:01:54:b6:b0:f9:e1:65:c9:ac:bf:39:
8b:e3:77:aa:80:ff:5f:c7:6e:d0:57:5c:46:d0:43:05:73:f5:
41:44:b2:30:c2:d9:8d:c9:85:59:45:64:2a:73:19:77:fd:ab:
a7:2e:46:c4:5f:51:34:46:62:cd:3d:0b:5f:ad:c9:ba:29:c8:
62:6d:bc:2d:ad:84:6c:70:96:35:d6:bc:4a:2b:dc:ca:8e:c1:
9d:e6:f0:df:5f:41:3c:21:25:53:48:bd:03:1c:53:7b:1f:38:
7d:36:6e:e1:e8:e4:42:49:47:3c:88:a1:cb:a3:80:09:d3:ee:
d5:2c:20:71:44:17:0c:e6:a7:a4:e8:ea:05:3a:34:42:9c:66:
61:4d:7e:ae:9b:57:03:be:81:33:02:27:67:d9:23:1a:68:60:
73:70:2d:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbthmiJcdyE7ORsiqqsZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU2MGQ0OTg1Y2ExNmQ3NWEyOTBhM2MwYTA1N2ViZDMwNjQ0ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/vb+QPzduG0WiD6CmcgfhoocxZ9
LFUDdqliliVNJiNkHtPGeXCxMxNpPbNdVI/FbwfKcca7XskVgd4ShTANuiMUuJRG
qt4s8dme0BPFQjzBX7ZzUoQlfoichITBYmTmaMP4+XQMXTLokQ1FoVhms3EP4Kli
Flzn6IDO1cbugc0DUb1QEt1tvfQTS1xJ0dUrz6V4KJWouDLtZWyhAto0MIWPYx5x
h08+MJOxkhFeyjym2iltBcUF3adPLlcwj54rFrVkoUr9QTyi2oWPQ8MSDseg5X+h
wCXe8CfKnFVBjoQERIPBBvLri3H4BBud1OKuWQIJlMyZxdCz9oZlU7mI8QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCTmDUmFyhbXWikKPAoFfr0wZE6VMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvSk9ZTlNZWEtGdGRhS1FvOENnVi12VEJrVHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBwd/8MAwD
BADV9HMDBAHV9HQDBADV9HowDQYJKoZIhvcNAQELBQADggEBAEHdrRszgdSGHToS
zRn0vA6Ri0lwiJYDaRNQVzAf9KNfV6zm0hLV85i/FVx34p8iQbkmKQntUZ8UIcY+
ESIp277sW9qDqYcUXBdu1D+oDaHUvBC3E+48BBB3IoWAVejMmowBVLaw+eFlyay/
OYvjd6qA/1/HbtBXXEbQQwVz9UFEsjDC2Y3JhVlFZCpzGXf9q6cuRsRfUTRGYs09
C1+tybopyGJtvC2thGxwljXWvEor3MqOwZ3m8N9fQTwhJVNIvQMcU3sfOH02buHo
5EJJRzyIocujgAnT7tUsIHFEFwzmp6To6gU6NEKcZmFNfq6bVwO+gTMCJ2fZIxpo
YHNwLYg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:48:26 2024 by rpki-client on console-ams.rpki-client.org