Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/JYMdKgUhQ1Q_RPFQmVk_9JL_Yv4.roa
File: JYMdKgUhQ1Q_RPFQmVk_9JL_Yv4.roa (raw, json)
Hash identifier: aIi6e24geumqlz1s/FbMvB0jHKqx39n1sGIcZxYqDnU=
Subject key identifier: 25:83:1D:2A:05:21:43:54:3F:44:F1:50:99:59:3F:F4:92:FF:62:FE
Certificate issuer: /CN=4bcda230967cff2ede2177f2d332af0acb7e50bc
Certificate serial: 019222A21629D7CE51478505528996F5EDD0
Authority key identifier: 4B:CD:A2:30:96:7C:FF:2E:DE:21:77:F2:D3:32:AF:0A:CB:7E:50:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S82iMJZ8_y7eIXfy0zKvCst-ULw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/JYMdKgUhQ1Q_RPFQmVk_9JL_Yv4.roa
Signing time: Tue 24 Sep 2024 06:05:00 +0000
ROA not before: Tue 24 Sep 2024 06:05:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202293
IP address blocks: 88.151.118.0/24 maxlen: 24
91.229.148.0/22 maxlen: 22
195.245.96.0/22 maxlen: 22
195.245.96.0/24 maxlen: 24
195.245.97.0/24 maxlen: 24
195.245.98.0/24 maxlen: 24
195.245.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/S82iMJZ8_y7eIXfy0zKvCst-ULw.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/S82iMJZ8_y7eIXfy0zKvCst-ULw.mft
rsync://rpki.ripe.net/repository/DEFAULT/S82iMJZ8_y7eIXfy0zKvCst-ULw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:a2:16:29:d7:ce:51:47:85:05:52:89:96:f5:ed:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bcda230967cff2ede2177f2d332af0acb7e50bc
Validity
Not Before: Sep 24 06:05:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25831d2a052143543f44f15099593ff492ff62fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:72:5e:23:48:7b:16:af:c6:a1:6d:82:cf:10:
f3:a3:a7:03:78:dd:2d:a6:17:5e:17:65:06:ec:1a:
aa:e6:a6:a7:88:44:67:8d:44:66:da:61:6a:68:49:
5e:31:15:3d:d3:29:90:c7:02:9b:ed:5d:2c:66:d2:
07:a8:a6:6c:86:55:e6:43:91:53:4e:8b:90:1e:f9:
b5:37:db:02:a0:95:d2:ea:df:22:7c:8e:fe:85:94:
cb:86:65:d9:e2:85:e7:22:6c:9d:04:24:c2:68:14:
2a:8d:69:db:7a:ce:b6:80:da:46:22:33:53:51:97:
20:ae:cc:eb:11:c3:ea:92:57:80:75:f7:c1:e1:c0:
fc:0f:9a:1c:cc:46:84:76:f0:a3:b5:00:82:43:57:
9c:8f:e2:c3:89:78:27:6e:cb:0a:7f:35:f3:e5:2c:
22:ba:0e:83:12:23:54:15:52:a2:00:46:bd:2d:07:
5d:7e:32:d6:fc:4d:60:af:4a:6a:5c:5a:fb:4d:2f:
61:b6:92:49:fd:84:db:63:1f:a8:a1:d9:d4:f0:ad:
7d:07:4d:56:76:a6:e4:af:b7:b2:c5:c7:8a:21:51:
0a:e2:99:5d:3e:6a:f1:57:7d:b5:9b:d6:b6:ba:a3:
2b:bc:bd:0a:4d:ac:2c:71:58:db:51:dd:69:35:8e:
56:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:83:1D:2A:05:21:43:54:3F:44:F1:50:99:59:3F:F4:92:FF:62:FE
X509v3 Authority Key Identifier:
keyid:4B:CD:A2:30:96:7C:FF:2E:DE:21:77:F2:D3:32:AF:0A:CB:7E:50:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S82iMJZ8_y7eIXfy0zKvCst-ULw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/JYMdKgUhQ1Q_RPFQmVk_9JL_Yv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4e5572-a84a-4c9f-9cb1-fe0a1d00b209/1/S82iMJZ8_y7eIXfy0zKvCst-ULw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.118.0/24
91.229.148.0/22
195.245.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:01:db:a7:aa:99:bc:42:a0:7d:f5:ff:9a:72:92:45:16:48:
9f:24:08:08:14:a3:7b:f8:6f:3d:75:ce:35:53:e9:ef:48:f6:
8e:e0:d7:22:7e:71:53:e0:97:07:95:a7:0d:18:59:56:d3:45:
0f:a2:be:5c:f0:17:86:cd:3d:a8:8e:91:8f:83:d6:c4:4c:39:
b9:50:41:f1:0c:24:f7:7a:6f:a5:c7:61:b1:27:8c:71:f6:f0:
20:f4:f5:4a:d6:82:91:be:ce:be:37:b2:2c:61:05:ef:83:79:
cb:ca:85:20:39:14:53:cd:01:15:a7:44:6b:e2:1c:02:0a:ed:
c9:9a:87:4d:9d:35:d0:20:76:6e:d1:cb:a7:dc:ab:e7:92:8c:
91:11:0e:71:38:bf:c8:7c:10:4d:fc:31:39:5a:b6:c5:b3:a7:
f6:54:f5:c2:8f:b6:41:a9:2a:72:6c:0c:2f:c6:0b:e0:11:53:
e0:79:81:d0:80:02:85:af:8c:8f:fd:47:11:01:80:3f:b2:b9:
d7:7f:33:33:fe:4c:4a:a2:fd:85:31:9a:ef:b6:6b:c0:26:91:
ea:a9:90:44:35:71:c8:a0:4a:6e:bc:d6:69:5f:11:ee:a3:cf:
3e:9a:c3:fd:cc:dc:ab:7d:f1:ab:6c:0e:51:4e:0c:13:f0:02:
f6:c9:0a:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIiohYp185RR4UFUomW9e3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiY2RhMjMwOTY3Y2ZmMmVkZTIxNzdmMmQzMzJhZjBhY2I3
ZTUwYmMwHhcNMjQwOTI0MDYwNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgzMWQyYTA1MjE0MzU0M2Y0NGYxNTA5OTU5M2ZmNDkyZmY2MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnJeI0h7Fq/GoW2CzxDzo6cDeN0t
phdeF2UG7Bqq5qaniERnjURm2mFqaEleMRU90ymQxwKb7V0sZtIHqKZshlXmQ5FT
TouQHvm1N9sCoJXS6t8ifI7+hZTLhmXZ4oXnImydBCTCaBQqjWnbes62gNpGIjNT
UZcgrszrEcPqkleAdffB4cD8D5oczEaEdvCjtQCCQ1ecj+LDiXgnbssKfzXz5Swi
ug6DEiNUFVKiAEa9LQddfjLW/E1gr0pqXFr7TS9htpJJ/YTbYx+oodnU8K19B01W
dqbkr7eyxceKIVEK4pldPmrxV321m9a2uqMrvL0KTawscVjbUd1pNY5WFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCWDHSoFIUNUP0TxUJlZP/SS/2L+MB8GA1UdIwQY
MBaAFEvNojCWfP8u3iF38tMyrwrLflC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzgyaU1KWjhfeTdlSVhmeTB6S3ZDc3QtVUx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80ZTU1NzItYTg0YS00YzlmLTljYjEt
ZmUwYTFkMDBiMjA5LzEvSllNZEtnVWhRMVFfUlBGUW1Wa185SkxfWXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80ZTU1NzItYTg0YS00YzlmLTljYjEtZmUwYTFkMDBiMjA5
LzEvUzgyaU1KWjhfeTdlSVhmeTB6S3ZDc3QtVUx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWJd2AwQC
W+WUAwQCw/VgMA0GCSqGSIb3DQEBCwUAA4IBAQBbAdunqpm8QqB99f+acpJFFkif
JAgIFKN7+G89dc41U+nvSPaO4NcifnFT4JcHlacNGFlW00UPor5c8BeGzT2ojpGP
g9bETDm5UEHxDCT3em+lx2GxJ4xx9vAg9PVK1oKRvs6+N7IsYQXvg3nLyoUgORRT
zQEVp0Rr4hwCCu3JmodNnTXQIHZu0cun3KvnkoyREQ5xOL/IfBBN/DE5WrbFs6f2
VPXCj7ZBqSpybAwvxgvgEVPgeYHQgAKFr4yP/UcRAYA/srnXfzMz/kxKov2FMZrv
tmvAJpHqqZBENXHIoEpuvNZpXxHuo88+msP9zNyrffGrbA5RTgwT8AL2yQqr
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:43:32 2024 by rpki-client on console-fra.rpki-client.org