Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/rjXjmEUXiiVmEPxq0UTsuHALQIA.roa
File: rjXjmEUXiiVmEPxq0UTsuHALQIA.roa (raw, json)
Hash identifier: lJlShFUpxKqPt2zR+Apfl1J54SgT9goVMJtqWLxB3aw=
Subject key identifier: AE:35:E3:98:45:17:8A:25:66:10:FC:6A:D1:44:EC:B8:70:0B:40:80
Certificate issuer: /CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Certificate serial: 018CC86F053DC4420254B64381817601ABDF
Authority key identifier: C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/rjXjmEUXiiVmEPxq0UTsuHALQIA.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197997
IP address blocks: 185.143.80.0/24 maxlen: 24
193.68.98.0/24 maxlen: 24
193.68.97.0/24 maxlen: 24
193.68.96.0/24 maxlen: 24
2a02:6a80:5300::/48 maxlen: 48
2a02:6a80:530e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:05:3d:c4:42:02:54:b6:43:81:81:76:01:ab:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae35e39845178a256610fc6ad144ecb8700b4080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:4e:97:58:f7:db:0f:a4:1d:43:f9:1c:6b:
46:1c:35:50:97:63:83:87:74:f4:d6:5e:3e:ff:c2:
a8:62:ce:73:13:f0:2c:64:f1:00:5d:4d:2d:72:5a:
58:fb:30:4e:2b:dd:45:d3:4f:20:9b:29:37:4b:c9:
58:ac:e0:c6:3f:1b:fa:e6:5e:11:1c:a4:da:d4:ab:
1a:36:6b:ed:6c:44:35:82:bf:71:c8:aa:ed:8a:95:
61:22:bf:ad:6e:8b:17:9d:3f:8a:77:7c:5d:e2:71:
d8:65:03:e8:81:35:7d:78:9e:55:67:62:d1:ff:b1:
4f:e0:bc:27:f3:15:1a:d1:52:41:23:ce:c6:98:46:
9c:78:95:47:f2:29:b8:72:6a:e8:d5:ac:32:64:12:
b2:6b:7b:9e:ef:89:57:84:44:59:85:ff:b5:5f:70:
8d:78:f3:a6:bb:98:03:4d:a0:da:57:8f:6a:b5:95:
64:ca:d5:3e:ce:88:58:ce:6c:6e:27:4c:a5:7f:93:
6d:8b:31:a7:78:54:75:8c:3f:cc:8f:0a:ba:2a:52:
32:76:5a:c7:64:0b:f0:2c:d4:50:a3:df:32:e9:7b:
31:61:a7:38:b7:57:75:b1:ef:f6:02:fa:3c:0d:05:
08:10:45:1a:ac:8b:12:13:fd:aa:4d:1a:cf:05:90:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:35:E3:98:45:17:8A:25:66:10:FC:6A:D1:44:EC:B8:70:0B:40:80
X509v3 Authority Key Identifier:
keyid:C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/rjXjmEUXiiVmEPxq0UTsuHALQIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.80.0/24
193.68.96.0-193.68.98.255
IPv6:
2a02:6a80:5300::/48
2a02:6a80:530e::/48
Signature Algorithm: sha256WithRSAEncryption
9b:10:df:4b:c2:84:53:58:2b:56:e6:f9:82:57:24:67:f3:92:
6b:c3:80:bd:dd:fb:d4:20:9b:e3:96:d9:ea:bb:cc:42:94:cb:
ab:2f:f5:96:d8:72:6f:49:0f:44:89:a6:03:37:e9:f4:eb:1c:
6d:c8:fb:d6:ef:d3:44:34:05:97:88:ce:96:ae:d5:2f:4d:a5:
cf:e7:13:9d:cd:f5:7c:26:c0:d2:4d:fb:8b:08:a9:b3:a7:cb:
11:bb:d0:5a:f8:a5:4b:6f:2c:d8:ae:86:05:78:6e:fc:ae:c4:
3d:5b:41:da:b1:62:ba:f2:59:a2:f8:2f:86:b5:7f:a5:42:e3:
79:a2:b5:96:5e:af:09:48:36:84:c4:05:2c:f0:59:c0:b7:00:
48:dd:4e:c1:d7:09:0b:e9:79:c8:39:e1:4d:29:0f:ed:09:14:
12:b7:94:29:ed:49:5b:0c:e4:80:fa:30:51:5c:00:90:cd:23:
d7:a5:16:56:17:11:fa:b0:2c:f7:18:e9:ab:3b:37:dd:b7:70:
65:f0:0e:43:bd:32:ee:97:56:a9:6c:50:dd:a1:56:4c:ee:96:
ef:7c:61:2a:a0:e9:44:ca:96:4f:eb:1c:70:0b:20:f0:2d:4e:
f5:27:49:0e:d9:24:41:05:00:cd:56:d5:19:22:25:0c:83:3d:
e7:6e:2f:9a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzIbwU9xEICVLZDgYF2AavfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWNiNzEzMmMxOWY3ZDUxZjAwMmVkNGFkODExYWVjZjVi
MjBmNTcwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTM1ZTM5ODQ1MTc4YTI1NjYxMGZjNmFkMTQ0ZWNiODcwMGI0MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgtOl1j32w+kHUP5HGtGHDVQl2OD
h3T01l4+/8KoYs5zE/AsZPEAXU0tclpY+zBOK91F008gmyk3S8lYrODGPxv65l4R
HKTa1KsaNmvtbEQ1gr9xyKrtipVhIr+tbosXnT+Kd3xd4nHYZQPogTV9eJ5VZ2LR
/7FP4Lwn8xUa0VJBI87GmEaceJVH8im4cmro1awyZBKya3ue74lXhERZhf+1X3CN
ePOmu5gDTaDaV49qtZVkytU+zohYzmxuJ0ylf5NtizGneFR1jD/Mjwq6KlIydlrH
ZAvwLNRQo98y6XsxYac4t1d1se/2Avo8DQUIEEUarIsSE/2qTRrPBZAvZQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFK4145hFF4olZhD8atFE7LhwC0CAMB8GA1UdIwQY
MBaAFMJctxMsGffVHwAu1K2BGuz1sg9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUt
NDlkNDBhMTNjYmMyLzEvcmpYam1FVVhpaVZtRVB4cTBVVHN1SEFMUUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUtNDlkNDBhMTNjYmMy
LzEvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQAuY9QMAwD
BAXBRGADBADBRGIwGAQCAAIwEgMHACoCaoBTAAMHACoCaoBTDjANBgkqhkiG9w0B
AQsFAAOCAQEAmxDfS8KEU1grVub5glckZ/OSa8OAvd371CCb45bZ6rvMQpTLqy/1
lthyb0kPRImmAzfp9Oscbcj71u/TRDQFl4jOlq7VL02lz+cTnc31fCbA0k37iwip
s6fLEbvQWvilS28s2K6GBXhu/K7EPVtB2rFiuvJZovgvhrV/pULjeaK1ll6vCUg2
hMQFLPBZwLcASN1OwdcJC+l5yDnhTSkP7QkUEreUKe1JWwzkgPowUVwAkM0j16UW
VhcR+rAs9xjpqzs33bdwZfAOQ70y7pdWqWxQ3aFWTO6W73xhKqDpRMqWT+sccAsg
8C1O9SdJDtkkQQUAzVbVGSIlDIM9524vmg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:22:17 2024 by rpki-client on console-fra.rpki-client.org