Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/JMSYg9obBYNMUz-REwRLG4WwiwI.roa
File: JMSYg9obBYNMUz-REwRLG4WwiwI.roa (raw, json)
Hash identifier: gWXkhgjCHu7hwpuJYCM6ImqFUCKJCoTxsKC6SjB1SBU=
Subject key identifier: 24:C4:98:83:DA:1B:05:83:4C:53:3F:91:13:04:4B:1B:85:B0:8B:02
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 0191BD83E2131E78C05EFC278773E5EC57CB
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/JMSYg9obBYNMUz-REwRLG4WwiwI.roa
Signing time: Wed 04 Sep 2024 14:50:22 +0000
ROA not before: Wed 04 Sep 2024 14:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42187
IP address blocks: 78.41.88.0/22 maxlen: 22
78.41.92.0/22 maxlen: 24
91.190.232.0/22 maxlen: 24
94.127.92.0/24 maxlen: 24
94.127.94.0/24 maxlen: 24
185.33.120.0/22 maxlen: 22
2a01:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:83:e2:13:1e:78:c0:5e:fc:27:87:73:e5:ec:57:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: Sep 4 14:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24c49883da1b05834c533f9113044b1b85b08b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b6:8b:89:1b:0d:41:ad:ce:fa:29:d8:19:1f:
5e:cb:91:91:52:f1:2f:91:d2:b0:2f:83:b0:f3:ab:
16:26:88:ec:35:5f:c2:62:6c:23:01:dc:99:29:76:
fe:71:e9:6b:10:d4:5a:e5:f6:3a:08:c9:60:6a:00:
e4:68:22:59:fc:c0:08:83:c5:e4:4c:f0:f5:c2:3b:
c4:e3:08:62:9c:ec:53:98:d7:d3:cc:24:f7:9e:36:
45:0b:77:91:0f:a0:1a:05:c5:3c:4c:5a:4d:30:b7:
0d:9c:64:ef:6c:7e:e1:b3:9c:38:d3:e5:16:1e:d7:
40:28:29:a6:43:49:31:68:4f:e1:73:e2:48:de:7c:
de:4f:57:63:29:3f:69:ca:b9:79:5d:c1:98:f9:09:
1e:d1:0f:66:13:f9:18:59:88:0c:a0:24:d9:64:59:
c8:f8:a1:bb:a5:d3:87:a7:65:64:c3:2a:a6:1b:23:
47:d3:b1:57:f0:31:98:fa:13:24:b0:8a:a4:49:3b:
d6:2b:b7:bb:ba:6f:3d:57:c7:7c:fb:74:04:ee:f2:
d5:7f:32:07:b9:67:ce:3e:43:ef:16:4b:49:4f:86:
aa:28:6e:b9:e2:87:5e:01:44:73:cf:ab:d1:1c:6a:
39:ba:71:79:65:90:06:50:a1:9b:d2:6d:df:7a:a1:
fe:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C4:98:83:DA:1B:05:83:4C:53:3F:91:13:04:4B:1B:85:B0:8B:02
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/JMSYg9obBYNMUz-REwRLG4WwiwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.88.0/21
91.190.232.0/22
94.127.92.0/24
94.127.94.0/24
185.33.120.0/22
IPv6:
2a01:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
b2:99:06:c0:ce:af:3c:3b:10:5b:9a:55:7b:e3:5f:aa:f6:70:
e8:9c:60:f7:b3:e7:ea:03:c9:c7:9f:e6:1b:8a:36:66:7c:e0:
c5:2c:b9:25:9d:3e:32:93:56:e9:45:c1:b8:4a:a5:76:e3:32:
37:e4:4d:26:71:64:d8:75:d7:23:61:9e:78:da:61:19:84:69:
8a:ba:8a:b1:4f:f4:12:97:34:d9:36:53:e3:89:3d:97:01:bc:
f1:33:fa:30:ef:d7:ff:13:f3:08:4e:e9:47:a3:5e:86:5f:3c:
81:6f:48:94:ba:fe:ab:d5:5a:38:d8:af:67:6e:35:71:6d:8e:
8e:b6:47:f9:af:2f:2c:d2:59:87:9f:38:94:5b:16:67:0d:ed:
45:b4:94:23:b9:d5:d4:03:50:fe:f4:0c:64:38:f4:1d:ad:80:
c3:af:ad:3a:dc:9b:31:1a:f2:e7:ff:81:cb:f9:9d:6f:ea:c4:
b6:20:96:fa:3c:d6:f9:19:39:a1:c3:bb:c0:3f:67:3a:7b:15:
11:a8:93:b8:97:dc:f0:06:dc:0c:37:24:17:d1:f4:97:ca:e8:
8a:e8:d3:78:0e:18:4c:18:87:09:fc:2c:37:c2:e1:3e:32:82:
f0:eb:d3:02:71:d3:c7:da:3b:d9:a9:7d:23:64:d8:e1:62:ce:
58:79:42:df
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZG9g+ITHnjAXvwnh3Pl7FfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTFmYTVlZmYzNzBiYzM2ZDBlMzkyOTYyNWUzNDE0MDgx
YTIzOTIwHhcNMjQwOTA0MTQ1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGM0OTg4M2RhMWIwNTgzNGM1MzNmOTExMzA0NGIxYjg1YjA4YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbaLiRsNQa3O+inYGR9ey5GRUvEv
kdKwL4Ow86sWJojsNV/CYmwjAdyZKXb+celrENRa5fY6CMlgagDkaCJZ/MAIg8Xk
TPD1wjvE4whinOxTmNfTzCT3njZFC3eRD6AaBcU8TFpNMLcNnGTvbH7hs5w40+UW
HtdAKCmmQ0kxaE/hc+JI3nzeT1djKT9pyrl5XcGY+Qke0Q9mE/kYWYgMoCTZZFnI
+KG7pdOHp2VkwyqmGyNH07FX8DGY+hMksIqkSTvWK7e7um89V8d8+3QE7vLVfzIH
uWfOPkPvFktJT4aqKG654odeAURzz6vRHGo5unF5ZZAGUKGb0m3feqH+yQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCTEmIPaGwWDTFM/kRMESxuFsIsCMB8GA1UdIwQY
MBaAFPgR+l7/NwvDbQ45KWJeNBQIGiOSMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CSDZYdjgzQzhOdERqa3BZbDQwRkFnYUk1SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIx
LTFjYzUwNTUwMWEwZi8xL0pNU1lnOW9iQllOTVV6LVJFd1JMRzRXd2l3SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIxLTFjYzUwNTUwMWEw
Zi8xLzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBANOKVgD
BAJbvugDBABef1wDBABef14DBAK5IXgwDQQCAAIwBwMFACoBnwAwDQYJKoZIhvcN
AQELBQADggEBALKZBsDOrzw7EFuaVXvjX6r2cOicYPez5+oDycef5huKNmZ84MUs
uSWdPjKTVulFwbhKpXbjMjfkTSZxZNh11yNhnnjaYRmEaYq6irFP9BKXNNk2U+OJ
PZcBvPEz+jDv1/8T8whO6UejXoZfPIFvSJS6/qvVWjjYr2duNXFtjo62R/mvLyzS
WYefOJRbFmcN7UW0lCO51dQDUP70DGQ49B2tgMOvrTrcmzEa8uf/gcv5nW/qxLYg
lvo81vkZOaHDu8A/Zzp7FRGok7iX3PAG3Aw3JBfR9JfK6Iro03gOGEwYhwn8LDfC
4T4ygvDr0wJx08faO9mpfSNk2OFizlh5Qt8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:22 2024 by rpki-client on console-ams.rpki-client.org