Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa
File: 1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa (raw, json)
Hash identifier: /G55D6bOilGVOnCBUg4j7rTkhDu6lquxLY/WCzPaV2w=
Subject key identifier: F8:99:8E:E4:A0:B1:E8:56:30:C0:30:49:C4:7A:BE:7D:1F:19:88:47
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF3A273FEFB8467BDD0BB7BF1499B
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa
Signing time: Tue 02 Jan 2024 04:30:29 +0000
ROA not before: Tue 02 Jan 2024 04:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197633
IP address blocks: 185.5.176.0/22 maxlen: 22
37.122.229.0/24 maxlen: 24
37.123.0.0/20 maxlen: 20
31.44.192.0/24 maxlen: 24
31.44.193.0/24 maxlen: 24
31.44.204.0/23 maxlen: 23
31.44.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 06:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f3:a2:73:fe:fb:84:67:bd:d0:bb:7b:f1:49:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8998ee4a0b1e85630c03049c47abe7d1f198847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:42:f1:9b:ff:84:87:a3:13:65:61:32:61:
8e:bd:00:d6:01:cb:63:99:ad:a0:13:e5:18:e1:72:
2f:26:79:97:44:84:e5:11:03:46:e2:52:a0:15:b4:
79:98:90:f7:a2:85:15:11:43:29:79:48:e1:28:1b:
09:fb:8e:0c:48:f9:e8:ed:bd:e5:cf:89:28:df:2c:
ca:d3:a3:72:71:cd:6d:84:88:4f:8b:97:a5:df:17:
e6:c9:d1:97:88:c6:71:34:ef:84:92:e9:99:1e:e6:
04:25:11:05:20:4b:61:5d:9b:fb:f5:23:a8:4c:df:
c3:b8:f8:f5:92:66:a7:36:28:95:46:64:81:d6:2f:
26:63:0b:e7:ed:e4:53:24:4f:b9:43:01:16:a5:21:
38:f2:14:0d:1a:93:43:36:72:70:96:f0:b0:56:9a:
1d:55:d0:4b:5e:25:c0:87:8d:03:e0:58:ad:86:78:
18:7b:95:05:90:8f:f2:14:8c:69:4e:38:b2:01:53:
d3:f6:fd:34:75:7a:af:d7:cc:c9:10:42:3b:bd:dc:
63:b9:f9:61:9a:9b:61:95:92:37:48:1c:49:35:38:
56:2c:f8:8a:3b:48:b8:4e:ec:9b:4b:4e:b7:d7:75:
32:a2:f1:dd:ce:be:0a:f6:f6:4f:f8:64:14:61:8d:
ae:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:99:8E:E4:A0:B1:E8:56:30:C0:30:49:C4:7A:BE:7D:1F:19:88:47
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.192.0/23
31.44.202.0-31.44.205.255
37.122.229.0/24
37.123.0.0/20
185.5.176.0/22
Signature Algorithm: sha256WithRSAEncryption
35:1e:40:ec:11:4e:9a:c1:18:5c:f3:6e:ee:63:bf:0b:81:07:
2a:1d:f0:f2:a4:db:f4:59:f6:05:58:fc:dd:91:78:78:4e:dc:
f2:0d:89:b3:54:fc:d3:e0:af:04:fe:70:31:f7:ab:80:6b:54:
f0:ac:8d:a2:7e:21:75:3a:fa:7c:79:f0:dc:6c:b6:ac:52:24:
91:52:ba:92:b8:ea:3c:3c:38:fb:a3:b1:96:80:b9:2c:43:33:
0f:db:cb:1b:81:cf:64:93:7a:2b:09:e5:1a:63:3a:e2:2b:1e:
d7:3e:63:ae:f0:5a:7d:76:ed:6f:b7:9d:6b:89:f4:e7:69:35:
fb:3a:87:c3:35:59:37:d6:a0:12:40:9e:75:cf:c9:01:f3:44:
e4:fd:26:49:7a:f7:bd:fd:96:25:6d:28:51:73:b5:bb:c1:55:
54:7d:e3:58:29:3f:c1:06:36:fd:99:db:cc:34:0d:41:28:72:
00:9b:d4:8e:c7:60:a4:98:76:26:c1:a1:1d:26:d2:1f:82:5e:
07:45:40:70:0b:32:7a:9b:57:d1:ac:46:75:24:9e:51:c7:08:
a1:b0:a6:2d:25:5c:94:ee:05:a1:03:78:06:1b:d4:b0:20:67:
6b:2f:f7:b0:e5:c6:5a:f0:dd:05:e5:59:cc:d6:f6:85:71:77:
2f:1d:74:0c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIb/Oic/77hGe90Lt78UmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk5OGVlNGEwYjFlODU2MzBjMDMwNDljNDdhYmU3ZDFmMTk4ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjdC8Zv/hIejE2VhMmGOvQDWActj
ma2gE+UY4XIvJnmXRITlEQNG4lKgFbR5mJD3ooUVEUMpeUjhKBsJ+44MSPno7b3l
z4ko3yzK06Nycc1thIhPi5el3xfmydGXiMZxNO+EkumZHuYEJREFIEthXZv79SOo
TN/DuPj1kmanNiiVRmSB1i8mYwvn7eRTJE+5QwEWpSE48hQNGpNDNnJwlvCwVpod
VdBLXiXAh40D4FithngYe5UFkI/yFIxpTjiyAVPT9v00dXqv18zJEEI7vdxjuflh
mpthlZI3SBxJNThWLPiKO0i4TuybS06313UyovHdzr4K9vZP+GQUYY2u0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPiZjuSgsehWMMAwScR6vn0fGYhHMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvMS1KbU81S0N4NkZZd3dEQkp4SHEtZlI4WmlFYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0
Yy8xL2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAR8swDAM
AwQBHyzKAwQBHyzMAwQAJXrlAwQEJXsAAwQCuQWwMA0GCSqGSIb3DQEBCwUAA4IB
AQA1HkDsEU6awRhc827uY78LgQcqHfDypNv0WfYFWPzdkXh4TtzyDYmzVPzT4K8E
/nAx96uAa1TwrI2ifiF1Ovp8efDcbLasUiSRUrqSuOo8PDj7o7GWgLksQzMP28sb
gc9kk3orCeUaYzriKx7XPmOu8Fp9du1vt51rifTnaTX7OofDNVk31qASQJ51z8kB
80Tk/SZJeve9/ZYlbShRc7W7wVVUfeNYKT/BBjb9mdvMNA1BKHIAm9SOx2CkmHYm
waEdJtIfgl4HRUBwCzJ6m1fRrEZ1JJ5RxwihsKYtJVyU7gWhA3gGG9SwIGdrL/ew
5cZa8N0F5VnM1vaFcXcvHXQM
-----END CERTIFICATE-----
Generated at Mon Jun 17 14:14:01 2024 by rpki-client on console-fra.rpki-client.org