Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/Johv_1ZHm9BnPmbrSaD1g2r2nHQ.roa
File: Johv_1ZHm9BnPmbrSaD1g2r2nHQ.roa (raw, json)
Hash identifier: tNwKWd1R801ObXmox90ZNPkPpTSAXLB3O2CiUBCHxkg=
Subject key identifier: 26:88:6F:FF:56:47:9B:D0:67:3E:66:EB:49:A0:F5:83:6A:F6:9C:74
Certificate issuer: /CN=8b0d81f3e0f2d18f3b590dcc536d5e94cfe07012
Certificate serial: 018E5178A6483D472525AB88C6161AFEFB59
Authority key identifier: 8B:0D:81:F3:E0:F2:D1:8F:3B:59:0D:CC:53:6D:5E:94:CF:E0:70:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iw2B8-Dy0Y87WQ3MU21elM_gcBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/Johv_1ZHm9BnPmbrSaD1g2r2nHQ.roa
Signing time: Mon 18 Mar 2024 12:10:45 +0000
ROA not before: Mon 18 Mar 2024 12:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206502
IP address blocks: 78.108.212.0/23 maxlen: 23
78.108.212.0/24 maxlen: 24
2a0d:11c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/iw2B8-Dy0Y87WQ3MU21elM_gcBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/iw2B8-Dy0Y87WQ3MU21elM_gcBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iw2B8-Dy0Y87WQ3MU21elM_gcBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:78:a6:48:3d:47:25:25:ab:88:c6:16:1a:fe:fb:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b0d81f3e0f2d18f3b590dcc536d5e94cfe07012
Validity
Not Before: Mar 18 12:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26886fff56479bd0673e66eb49a0f5836af69c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7c:42:bb:f1:dc:a7:22:65:d6:32:8e:81:bb:
89:45:3a:09:d4:da:62:04:11:69:45:4a:c9:5c:17:
bd:fe:cd:96:74:1a:b5:4c:aa:af:71:4d:8d:be:7f:
f2:1e:98:d8:29:12:f1:c5:6f:43:02:31:81:3e:bc:
b7:69:77:d8:61:a6:36:a0:bb:8b:4a:1b:c8:53:22:
ad:27:ce:09:76:bf:05:b7:f3:67:09:82:6d:3e:f7:
13:8c:27:e9:fa:a2:e2:88:b3:cd:53:78:ec:24:a3:
ee:3f:62:0d:18:62:19:fa:e3:b3:08:2d:17:5b:00:
87:4a:ee:a9:cd:a3:dd:69:c7:15:08:0d:ac:04:22:
03:de:fa:23:09:0a:bf:36:34:85:40:47:0e:65:c9:
06:0f:c5:25:cb:35:9a:a9:e9:22:1f:39:0a:c1:37:
18:af:5c:35:3b:c8:1f:ab:ba:c2:ca:14:8d:04:53:
c8:79:6b:84:ad:99:f8:5b:7b:b8:01:0d:e0:84:44:
3c:de:6d:3a:3a:fd:2d:00:4e:e6:39:a7:17:0f:77:
a8:21:45:32:27:2b:64:b6:fc:de:6a:e4:22:aa:b3:
12:a8:2e:b5:80:2d:3a:29:05:fb:82:bc:41:6f:e8:
8d:6e:30:5d:07:ad:90:a9:38:35:36:2b:8a:ec:41:
d3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:88:6F:FF:56:47:9B:D0:67:3E:66:EB:49:A0:F5:83:6A:F6:9C:74
X509v3 Authority Key Identifier:
keyid:8B:0D:81:F3:E0:F2:D1:8F:3B:59:0D:CC:53:6D:5E:94:CF:E0:70:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iw2B8-Dy0Y87WQ3MU21elM_gcBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/Johv_1ZHm9BnPmbrSaD1g2r2nHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0517f9-9a1e-4600-b043-f6541f778585/1/iw2B8-Dy0Y87WQ3MU21elM_gcBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.212.0/23
IPv6:
2a0d:11c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
58:3d:03:b4:2a:4e:59:8b:46:a6:fd:de:b9:9a:ed:12:d4:36:
02:d3:35:b5:47:df:7d:19:bf:53:6c:02:c2:0a:53:cc:19:bd:
a9:c3:93:b9:f3:14:17:b2:8e:22:85:3e:ae:e4:90:47:c3:1a:
71:7b:95:38:86:05:ed:51:ac:dd:13:c5:b5:7c:85:2c:74:e9:
b2:d7:f3:b8:45:89:58:99:49:f5:0c:2d:42:df:a0:90:db:2d:
d0:35:ea:ae:08:78:02:a7:57:16:50:58:ae:ad:c9:0a:64:2a:
24:ed:d4:7e:00:44:97:72:f4:90:33:06:37:e6:f2:c0:6a:ba:
96:69:27:5e:b9:c0:a5:1c:b3:9c:30:0f:18:c6:d0:76:ab:4e:
84:fd:2d:e0:36:22:50:c9:f5:11:01:ce:18:03:3d:db:c8:59:
4b:e2:77:9a:d0:78:58:9c:fa:73:41:51:0a:fd:47:3b:db:81:
67:de:ca:75:ce:f1:8f:6c:79:a2:34:ef:ff:a4:1c:92:35:0b:
90:6b:53:33:32:7b:05:fb:45:a8:88:61:cb:32:df:a1:db:3f:
f8:fd:3e:08:dc:ea:18:67:6e:4e:04:80:0f:1a:22:1a:45:27:
2d:53:e9:7c:96:ab:2a:dc:4b:8f:8b:b6:2d:ba:e4:e1:9b:fa:
57:3c:7c:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5ReKZIPUclJauIxhYa/vtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMGQ4MWYzZTBmMmQxOGYzYjU5MGRjYzUzNmQ1ZTk0Y2Zl
MDcwMTIwHhcNMjQwMzE4MTIxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjg4NmZmZjU2NDc5YmQwNjczZTY2ZWI0OWEwZjU4MzZhZjY5Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHxCu/HcpyJl1jKOgbuJRToJ1Npi
BBFpRUrJXBe9/s2WdBq1TKqvcU2Nvn/yHpjYKRLxxW9DAjGBPry3aXfYYaY2oLuL
ShvIUyKtJ84Jdr8Ft/NnCYJtPvcTjCfp+qLiiLPNU3jsJKPuP2INGGIZ+uOzCC0X
WwCHSu6pzaPdaccVCA2sBCID3vojCQq/NjSFQEcOZckGD8UlyzWaqekiHzkKwTcY
r1w1O8gfq7rCyhSNBFPIeWuErZn4W3u4AQ3ghEQ83m06Ov0tAE7mOacXD3eoIUUy
JytktvzeauQiqrMSqC61gC06KQX7grxBb+iNbjBdB62QqTg1NiuK7EHT+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCaIb/9WR5vQZz5m60mg9YNq9px0MB8GA1UdIwQY
MBaAFIsNgfPg8tGPO1kNzFNtXpTP4HASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXcyQjgtRHkwWTg3V1EzTVUyMWVsTV9nY0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wNTE3ZjktOWExZS00NjAwLWIwNDMt
ZjY1NDFmNzc4NTg1LzEvSm9odl8xWkhtOUJuUG1iclNhRDFnMnIybkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wNTE3ZjktOWExZS00NjAwLWIwNDMtZjY1NDFmNzc4NTg1
LzEvaXcyQjgtRHkwWTg3V1EzTVUyMWVsTV9nY0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBTmzUMA8E
AgACMAkDBwAqDRHAAAEwDQYJKoZIhvcNAQELBQADggEBAFg9A7QqTlmLRqb93rma
7RLUNgLTNbVH330Zv1NsAsIKU8wZvanDk7nzFBeyjiKFPq7kkEfDGnF7lTiGBe1R
rN0TxbV8hSx06bLX87hFiViZSfUMLULfoJDbLdA16q4IeAKnVxZQWK6tyQpkKiTt
1H4ARJdy9JAzBjfm8sBqupZpJ165wKUcs5wwDxjG0HarToT9LeA2IlDJ9REBzhgD
PdvIWUvid5rQeFic+nNBUQr9RzvbgWfeynXO8Y9seaI07/+kHJI1C5BrUzMyewX7
RaiIYcsy36HbP/j9Pgjc6hhnbk4EgA8aIhpFJy1T6XyWqyrcS4+Lti265OGb+lc8
fFw=
-----END CERTIFICATE-----
Generated at Mon Jun 17 10:01:05 2024 by rpki-client on console-fra.rpki-client.org