Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jCVyWniqjPfPDwf28e_7Vfi2qI8.roa
File: jCVyWniqjPfPDwf28e_7Vfi2qI8.roa (raw, json)
Hash identifier: 3sdtnB85fbpPezSw8IGT+Ge8jZB0ViVbngtSm4hsa3w=
Subject key identifier: 8C:25:72:5A:78:AA:8C:F7:CF:0F:07:F6:F1:EF:FB:55:F8:B6:A8:8F
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF25F61AC0693661F85F1363EC189
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jCVyWniqjPfPDwf28e_7Vfi2qI8.roa
Signing time: Tue 02 Jan 2024 04:30:28 +0000
ROA not before: Tue 02 Jan 2024 04:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60146
IP address blocks: 213.14.250.0/24 maxlen: 24
85.153.145.0/24 maxlen: 24
213.74.242.0/24 maxlen: 24
213.14.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f2:5f:61:ac:06:93:66:1f:85:f1:36:3e:c1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c25725a78aa8cf7cf0f07f6f1effb55f8b6a88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:68:2c:f8:69:11:67:16:a1:33:1b:5a:fb:76:
94:84:0a:9e:fc:97:a5:91:4a:00:01:92:c6:2d:26:
c6:d0:b2:22:fe:e0:89:88:95:74:e3:dd:d0:04:a4:
d8:26:6d:d9:6c:a9:53:0c:e6:41:ec:53:cb:fc:8c:
61:93:91:1a:98:1c:be:f8:a4:58:bf:a7:a7:55:78:
06:6c:af:c1:a9:13:86:cf:f1:78:bf:c9:ad:63:61:
cf:26:59:34:aa:f7:6c:f9:d5:c5:ac:c0:a7:c4:64:
34:69:2a:bb:cf:4d:ee:cd:d3:a3:ff:4a:4c:68:1f:
6e:cd:19:2d:b8:75:ca:0a:d1:5f:57:da:97:85:be:
4d:fc:a7:04:8f:e1:83:ee:90:38:dc:0b:38:5c:85:
a2:52:ab:bb:cd:8b:ab:af:ef:e0:17:5e:60:22:f7:
06:70:0c:96:5e:b3:14:c5:d6:db:9c:c8:67:d8:65:
93:9c:88:f1:f7:31:5f:99:e1:b6:da:e5:64:ed:1a:
e9:8c:f6:ae:49:11:a8:57:d3:0c:6b:a1:b7:a3:08:
d0:24:a1:6a:dc:68:49:72:97:2e:c4:12:72:a6:66:
b8:55:49:4a:81:f4:0c:60:78:85:2a:2f:00:15:3a:
2c:00:36:99:03:08:4f:9b:8c:ca:d4:e6:68:3f:09:
d2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:25:72:5A:78:AA:8C:F7:CF:0F:07:F6:F1:EF:FB:55:F8:B6:A8:8F
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jCVyWniqjPfPDwf28e_7Vfi2qI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.145.0/24
213.14.223.0/24
213.14.250.0/24
213.74.242.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:34:77:dd:0d:80:b0:0b:96:03:37:10:6f:c5:79:d8:fe:77:
b7:c4:d7:5d:3e:63:7b:1d:80:4a:98:0b:df:14:05:76:25:8f:
cb:14:6d:27:b4:bd:05:9d:93:e4:b5:3f:0d:de:fa:5d:0f:cb:
dc:cf:26:9c:e8:7e:39:72:1e:b7:9a:71:10:3f:d2:59:c1:b8:
0e:84:0b:24:e0:a1:6a:b2:69:83:9c:10:63:c1:4d:6e:1a:81:
60:12:15:c6:c7:2b:b5:49:17:ff:77:80:f0:b7:93:19:78:4d:
91:4c:ec:cb:d6:58:69:67:b4:7e:19:84:9e:68:98:54:42:e1:
a1:a2:ef:bb:2f:29:ec:01:b9:6e:9a:c1:c5:56:cf:b7:d3:75:
82:de:60:0f:1d:10:6f:f0:e0:b1:77:6c:91:da:f7:50:9c:a6:
23:11:05:55:90:03:f1:e5:bf:dc:92:86:98:07:48:44:3d:d2:
90:1c:af:23:27:0e:dc:f8:58:4c:26:01:4b:3f:6d:c4:15:87:
c6:b5:a7:78:48:77:91:64:06:a7:b0:10:b4:45:9c:6d:17:32:
93:8b:62:20:ea:48:3b:ee:fe:d1:9b:9d:45:b7:55:9c:08:a5:
76:03:0e:7b:db:19:ab:f5:68:80:83:dd:5a:2e:9a:dc:f9:5e:
ed:b7:7c:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb/JfYawGk2YfhfE2PsGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzI1NzI1YTc4YWE4Y2Y3Y2YwZjA3ZjZmMWVmZmI1NWY4YjZhODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWgs+GkRZxahMxta+3aUhAqe/Jel
kUoAAZLGLSbG0LIi/uCJiJV0493QBKTYJm3ZbKlTDOZB7FPL/Ixhk5EamBy++KRY
v6enVXgGbK/BqROGz/F4v8mtY2HPJlk0qvds+dXFrMCnxGQ0aSq7z03uzdOj/0pM
aB9uzRktuHXKCtFfV9qXhb5N/KcEj+GD7pA43As4XIWiUqu7zYurr+/gF15gIvcG
cAyWXrMUxdbbnMhn2GWTnIjx9zFfmeG22uVk7RrpjPauSRGoV9MMa6G3owjQJKFq
3GhJcpcuxBJypma4VUlKgfQMYHiFKi8AFTosADaZAwhPm4zK1OZoPwnSSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIwlclp4qoz3zw8H9vHv+1X4tqiPMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvakNWeVduaXFqUGZQRHdmMjhlXzdWZmkycUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZmRAwQA
1Q7fAwQA1Q76AwQA1UryMA0GCSqGSIb3DQEBCwUAA4IBAQA8NHfdDYCwC5YDNxBv
xXnY/ne3xNddPmN7HYBKmAvfFAV2JY/LFG0ntL0FnZPktT8N3vpdD8vczyac6H45
ch63mnEQP9JZwbgOhAsk4KFqsmmDnBBjwU1uGoFgEhXGxyu1SRf/d4Dwt5MZeE2R
TOzL1lhpZ7R+GYSeaJhUQuGhou+7LynsAblumsHFVs+303WC3mAPHRBv8OCxd2yR
2vdQnKYjEQVVkAPx5b/ckoaYB0hEPdKQHK8jJw7c+FhMJgFLP23EFYfGtad4SHeR
ZAansBC0RZxtFzKTi2Ig6kg77v7Rm51Ft1WcCKV2Aw572xmr9WiAg91aLprc+V7t
t3ya
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:29:05 2024 by rpki-client on console-fra.rpki-client.org