Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jy6uxOfZicDqQsvZGK1v25-jkbc.roa
File: jy6uxOfZicDqQsvZGK1v25-jkbc.roa (raw, json)
Hash identifier: Qy4uOl+g3Z0FAtnJE/LnVYs1ZqvnRhO6Upz0U9+LZNQ=
Subject key identifier: 8F:2E:AE:C4:E7:D9:89:C0:EA:42:CB:D9:18:AD:6F:DB:9F:A3:91:B7
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018FBD676C773C735ADF799177B6E3BF293E
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jy6uxOfZicDqQsvZGK1v25-jkbc.roa
Signing time: Tue 28 May 2024 04:13:42 +0000
ROA not before: Tue 28 May 2024 04:13:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.13.108.0/22 maxlen: 24
45.91.117.0/24 maxlen: 24
45.133.140.0/24 maxlen: 24
45.133.142.0/24 maxlen: 24
91.212.20.0/24 maxlen: 24
91.212.27.0/24 maxlen: 24
193.39.246.0/24 maxlen: 24
195.80.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:67:6c:77:3c:73:5a:df:79:91:77:b6:e3:bf:29:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: May 28 04:13:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f2eaec4e7d989c0ea42cbd918ad6fdb9fa391b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c4:6e:8f:39:fe:c0:af:b9:c1:50:01:ab:f4:
4c:63:9d:76:66:57:0b:9f:5b:35:55:ad:6f:ce:a0:
04:89:ad:cc:c6:38:e7:19:29:5d:75:51:f4:7e:5a:
86:81:a4:e0:73:94:f4:f8:c4:4b:31:3a:75:81:60:
98:c6:d2:6b:da:19:a1:cf:6a:b7:bf:1e:cf:b6:1b:
a9:cf:07:b1:2c:df:ba:5b:e7:0e:0a:0c:9c:d9:7f:
59:d9:86:f6:dc:77:25:22:7c:23:04:4d:6c:22:02:
bb:30:69:23:7b:28:e4:9c:73:b9:7f:d1:d0:2b:34:
7a:31:5f:22:a1:e5:42:2f:76:96:61:bb:57:2d:ee:
bc:95:43:96:33:c6:67:8e:43:9a:2a:09:1a:f4:a9:
01:52:5e:bd:bf:a1:31:60:89:4c:6f:87:c0:be:52:
d0:20:ce:44:86:64:96:06:31:93:99:cf:f1:d6:2e:
c5:07:65:7b:c6:aa:b0:bd:de:ec:f1:83:11:8c:85:
3c:47:e3:7c:73:ca:e2:15:c6:22:da:d2:c9:6c:70:
e4:68:3e:33:71:6d:f0:c5:e3:2e:ff:3f:0f:c0:40:
71:6f:96:5e:30:99:a9:30:4d:37:18:e3:92:b2:7f:
6f:48:63:df:33:60:97:3c:94:dd:b1:f0:c8:2f:cf:
3b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2E:AE:C4:E7:D9:89:C0:EA:42:CB:D9:18:AD:6F:DB:9F:A3:91:B7
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jy6uxOfZicDqQsvZGK1v25-jkbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.108.0/22
45.91.117.0/24
45.133.140.0/24
45.133.142.0/24
91.212.20.0/24
91.212.27.0/24
193.39.246.0/24
195.80.230.0/23
Signature Algorithm: sha256WithRSAEncryption
68:90:2b:69:99:92:f7:54:a6:5f:96:bf:05:4f:1b:88:86:7f:
fe:e5:1d:ee:bd:35:82:77:cf:be:b2:a6:27:ef:ad:de:ff:39:
e2:43:fc:c0:07:49:bb:52:3c:78:1a:c3:33:6b:3f:24:7d:f5:
99:a3:35:2b:92:db:23:89:37:53:34:41:4d:91:c8:9c:4e:f1:
51:be:6a:fa:d6:74:08:3d:bf:8c:cf:21:5d:98:55:cd:a9:76:
f0:50:56:91:63:69:12:fc:5f:0d:4e:10:e9:f8:ee:f1:01:14:
1c:1c:46:ac:8d:4b:52:14:17:e5:68:cb:43:3f:22:17:b0:48:
e2:3a:63:37:79:2a:02:ed:a0:aa:6d:c8:d1:dc:17:21:b4:10:
07:e4:b4:81:01:7e:e5:d4:87:64:a1:85:af:28:5d:9c:36:61:
50:d8:55:ee:b4:74:86:31:54:78:9b:23:8c:39:97:06:d9:7a:
21:1e:5f:50:fd:c9:11:58:92:b7:25:63:2c:57:56:75:af:6b:
cd:b0:74:51:e8:cd:b1:cf:f3:95:6c:8b:87:4e:ea:fc:2a:1b:
92:c7:01:95:45:40:fc:51:ee:49:51:9d:bd:c5:2e:da:4e:8b:
15:d8:06:fb:e8:34:ae:3e:5f:28:f7:2f:20:17:38:8d:18:50:
43:73:1f:b0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+9Z2x3PHNa33mRd7bjvyk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwNTI4MDQxMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJlYWVjNGU3ZDk4OWMwZWE0MmNiZDkxOGFkNmZkYjlmYTM5MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Rujzn+wK+5wVABq/RMY512ZlcL
n1s1Va1vzqAEia3MxjjnGSlddVH0flqGgaTgc5T0+MRLMTp1gWCYxtJr2hmhz2q3
vx7PthupzwexLN+6W+cOCgyc2X9Z2Yb23HclInwjBE1sIgK7MGkjeyjknHO5f9HQ
KzR6MV8ioeVCL3aWYbtXLe68lUOWM8ZnjkOaKgka9KkBUl69v6ExYIlMb4fAvlLQ
IM5EhmSWBjGTmc/x1i7FB2V7xqqwvd7s8YMRjIU8R+N8c8riFcYi2tLJbHDkaD4z
cW3wxeMu/z8PwEBxb5ZeMJmpME03GOOSsn9vSGPfM2CXPJTdsfDIL887gwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFI8ursTn2YnA6kLL2Ritb9ufo5G3MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvank2dXhPZlppY0RxUXN2WkdLMXYyNS1qa2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLQ1sAwQA
LVt1AwQALYWMAwQALYWOAwQAW9QUAwQAW9QbAwQAwSf2AwQBw1DmMA0GCSqGSIb3
DQEBCwUAA4IBAQBokCtpmZL3VKZflr8FTxuIhn/+5R3uvTWCd8++sqYn763e/zni
Q/zAB0m7Ujx4GsMzaz8kffWZozUrktsjiTdTNEFNkcicTvFRvmr61nQIPb+MzyFd
mFXNqXbwUFaRY2kS/F8NThDp+O7xARQcHEasjUtSFBflaMtDPyIXsEjiOmM3eSoC
7aCqbcjR3BchtBAH5LSBAX7l1IdkoYWvKF2cNmFQ2FXutHSGMVR4myOMOZcG2Xoh
Hl9Q/ckRWJK3JWMsV1Z1r2vNsHRR6M2xz/OVbIuHTur8KhuSxwGVRUD8Ue5JUZ29
xS7aTosV2Ab76DSuPl8o9y8gFziNGFBDcx+w
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:45 2024 by rpki-client on console-ams.rpki-client.org