Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/JshunVg1rqFV0If_3b0Q_aVYAog.roa
File: JshunVg1rqFV0If_3b0Q_aVYAog.roa (raw, json)
Hash identifier: ib8jJ4yI2KBFuRnPQ064XelUDtCrBhSXQ9jAziIITH0=
Subject key identifier: 26:C8:6E:9D:58:35:AE:A1:55:D0:87:FF:DD:BD:10:FD:A5:58:02:88
Certificate issuer: /CN=96f1977cf17fe4e1de2f16293c669f44d5bd7433
Certificate serial: 018F3DB089BD5C4CB178A15807D14AEF8263
Authority key identifier: 96:F1:97:7C:F1:7F:E4:E1:DE:2F:16:29:3C:66:9F:44:D5:BD:74:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/JshunVg1rqFV0If_3b0Q_aVYAog.roa
Signing time: Fri 03 May 2024 09:02:10 +0000
ROA not before: Fri 03 May 2024 09:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58347
IP address blocks: 91.103.142.0/24 maxlen: 24
193.135.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:b0:89:bd:5c:4c:b1:78:a1:58:07:d1:4a:ef:82:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f1977cf17fe4e1de2f16293c669f44d5bd7433
Validity
Not Before: May 3 09:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26c86e9d5835aea155d087ffddbd10fda5580288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:a8:ce:5b:22:a9:b6:0b:c4:97:8b:66:be:
07:cf:17:cd:af:1f:e4:ea:5b:78:70:14:2f:8b:5a:
9f:52:5d:75:09:75:55:64:f3:a0:88:f8:d4:00:11:
43:55:c7:0d:6f:97:09:fc:d5:5e:27:92:6d:d6:e1:
dd:ad:ff:5d:ac:40:87:24:2a:e3:25:63:c0:c6:f2:
d2:80:48:21:ab:4c:1b:e7:62:0d:92:fd:8f:65:bb:
c7:cd:fc:ec:d8:89:70:4f:4a:6b:70:8b:2d:f0:65:
63:bf:22:03:df:8e:da:de:b3:a1:a8:d0:b7:fc:9d:
74:49:b1:d2:3b:12:77:be:b8:71:07:6a:15:26:0f:
20:5f:52:9e:0a:fa:d9:72:7f:d1:e6:c6:5f:ff:bb:
77:3a:83:ad:89:11:fe:c7:17:12:76:d7:e2:cd:cd:
bb:f7:0b:58:39:88:a0:8e:70:b2:ae:97:2f:05:23:
96:d7:b2:6e:54:a0:df:91:bf:02:a5:d5:81:06:5e:
ac:11:13:f9:1a:f3:bc:2a:f5:df:88:b3:bb:83:ae:
fe:2a:a8:3f:cc:83:73:10:e9:2b:df:46:37:6e:ab:
0b:86:40:e8:64:2b:41:c7:eb:df:f8:1e:05:af:9b:
91:30:0b:b2:e5:d0:9b:ff:f3:07:40:91:5d:84:56:
07:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C8:6E:9D:58:35:AE:A1:55:D0:87:FF:DD:BD:10:FD:A5:58:02:88
X509v3 Authority Key Identifier:
keyid:96:F1:97:7C:F1:7F:E4:E1:DE:2F:16:29:3C:66:9F:44:D5:BD:74:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvGXfPF_5OHeLxYpPGafRNW9dDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/JshunVg1rqFV0If_3b0Q_aVYAog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/24a47d-6a4d-4e15-a238-7740b3d6905e/1/lvGXfPF_5OHeLxYpPGafRNW9dDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.142.0/24
193.135.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:3b:c8:65:29:3e:38:44:e6:6e:8b:32:34:8b:63:82:8a:04:
20:d4:ea:46:7a:42:89:4c:44:08:1c:38:83:ef:29:49:d6:7c:
9f:5a:13:a0:b4:70:f9:f9:2b:ef:06:a2:62:9b:a8:3c:c8:94:
06:16:1c:31:81:ce:8c:b4:bc:3d:fe:e1:1f:48:44:78:7d:5f:
7a:27:7d:70:a3:68:0e:a8:9b:17:62:e9:af:4a:e6:e9:c5:e2:
f5:82:c7:09:e9:c8:06:7f:f1:0d:84:66:1b:4f:f2:ba:5c:53:
5f:ee:2f:f0:68:3c:96:f8:44:13:82:d9:07:b5:6b:6f:07:64:
9e:83:78:1e:6b:13:fa:d0:82:5a:61:e6:4b:0e:78:45:c0:5e:
6f:bb:2a:98:b0:49:c8:2b:c7:7b:27:b1:e9:26:2f:d6:d3:a0:
5f:8c:23:10:ab:f9:e1:d4:75:73:25:3c:a1:9b:2f:77:91:e7:
b4:15:c1:be:50:cf:7c:9d:53:a9:16:9a:5b:17:01:c7:e4:08:
0c:6a:f9:f0:b0:dd:6e:a2:0e:90:e4:01:1c:3c:bc:4a:ca:91:
33:d8:6e:86:8d:5e:fe:99:59:df:17:e8:1b:c7:73:73:55:a5:
4f:b7:79:46:3b:ff:52:be:65:37:13:e1:c9:5c:c2:78:8b:23:
ec:8c:bb:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY89sIm9XEyxeKFYB9FK74JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjE5NzdjZjE3ZmU0ZTFkZTJmMTYyOTNjNjY5ZjQ0ZDVi
ZDc0MzMwHhcNMjQwNTAzMDkwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM4NmU5ZDU4MzVhZWExNTVkMDg3ZmZkZGJkMTBmZGE1NTgwMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyqozlsiqbYLxJeLZr4HzxfNrx/k
6lt4cBQvi1qfUl11CXVVZPOgiPjUABFDVccNb5cJ/NVeJ5Jt1uHdrf9drECHJCrj
JWPAxvLSgEghq0wb52INkv2PZbvHzfzs2IlwT0prcIst8GVjvyID347a3rOhqNC3
/J10SbHSOxJ3vrhxB2oVJg8gX1KeCvrZcn/R5sZf/7t3OoOtiRH+xxcSdtfizc27
9wtYOYigjnCyrpcvBSOW17JuVKDfkb8CpdWBBl6sERP5GvO8KvXfiLO7g67+Kqg/
zINzEOkr30Y3bqsLhkDoZCtBx+vf+B4Fr5uRMAuy5dCb//MHQJFdhFYHlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCbIbp1YNa6hVdCH/929EP2lWAKIMB8GA1UdIwQY
MBaAFJbxl3zxf+Th3i8WKTxmn0TVvXQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZHWGZQRl81T0hlTHhZcFBHYWZSTlc5ZERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNGE0N2QtNmE0ZC00ZTE1LWEyMzgt
Nzc0MGIzZDY5MDVlLzEvSnNodW5WZzFycUZWMElmXzNiMFFfYVZZQW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNGE0N2QtNmE0ZC00ZTE1LWEyMzgtNzc0MGIzZDY5MDVl
LzEvbHZHWGZQRl81T0hlTHhZcFBHYWZSTlc5ZERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2eOAwQA
wYcMMA0GCSqGSIb3DQEBCwUAA4IBAQBsO8hlKT44ROZuizI0i2OCigQg1OpGekKJ
TEQIHDiD7ylJ1nyfWhOgtHD5+SvvBqJim6g8yJQGFhwxgc6MtLw9/uEfSER4fV96
J31wo2gOqJsXYumvSubpxeL1gscJ6cgGf/ENhGYbT/K6XFNf7i/waDyW+EQTgtkH
tWtvB2Seg3geaxP60IJaYeZLDnhFwF5vuyqYsEnIK8d7J7HpJi/W06BfjCMQq/nh
1HVzJTyhmy93kee0FcG+UM98nVOpFppbFwHH5AgMavnwsN1uog6Q5AEcPLxKypEz
2G6GjV7+mVnfF+gbx3NzVaVPt3lGO/9SvmU3E+HJXMJ4iyPsjLsr
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:52 2024 by rpki-client on console-fra.rpki-client.org