Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/m-jWyWDSsjtZErm3t02Dl6EtLvI.roa
File: m-jWyWDSsjtZErm3t02Dl6EtLvI.roa (raw, json)
Hash identifier: UqvYG7qjUFgKVVe0APjtAZTjuw4ZoaK1XGbFZbRp6lQ=
Subject key identifier: 9B:E8:D6:C9:60:D2:B2:3B:59:12:B9:B7:B7:4D:83:97:A1:2D:2E:F2
Certificate issuer: /CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Certificate serial: 0192F7BB9FB41D8171627EAAF4BB2C3D60B2
Authority key identifier: 8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/m-jWyWDSsjtZErm3t02Dl6EtLvI.roa
Signing time: Mon 04 Nov 2024 15:12:01 +0000
ROA not before: Mon 04 Nov 2024 15:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30742
IP address blocks: 2.59.32.0/22 maxlen: 22
2.59.33.0/24 maxlen: 24
80.245.132.0/22 maxlen: 24
80.245.136.0/21 maxlen: 24
82.198.192.0/19 maxlen: 24
176.118.180.0/22 maxlen: 24
176.118.180.0/24 maxlen: 24
176.118.181.0/24 maxlen: 24
176.118.182.0/24 maxlen: 24
176.118.183.0/24 maxlen: 24
185.43.24.0/22 maxlen: 24
185.48.224.0/22 maxlen: 24
185.106.184.0/22 maxlen: 22
185.115.80.0/22 maxlen: 24
185.139.112.0/22 maxlen: 22
192.145.112.0/22 maxlen: 22
193.176.72.0/22 maxlen: 22
194.146.0.0/22 maxlen: 22
2a01:9b60::/32 maxlen: 32
2a03:9980::/29 maxlen: 32
2a03:9980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:bb:9f:b4:1d:81:71:62:7e:aa:f4:bb:2c:3d:60:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec4a67dbed7444ddd27e800fb6c21013a5b11c6
Validity
Not Before: Nov 4 15:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9be8d6c960d2b23b5912b9b7b74d8397a12d2ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:86:8b:88:23:8c:5a:9d:38:7a:04:6d:3e:f7:
fb:61:1e:cb:65:33:95:c9:9b:47:3d:7b:b0:d0:b7:
2c:89:59:7b:e2:76:15:b9:1c:5c:cd:d5:01:0b:3a:
9c:17:9b:ac:82:e8:bc:87:b3:80:d8:10:e9:18:b5:
0c:65:b6:17:ba:76:dd:d5:d8:42:67:a3:2d:77:3a:
a0:d5:68:4b:69:ed:61:4a:a1:13:7e:69:a6:ab:7a:
c3:3a:ba:72:03:cf:f2:9a:a5:ec:7b:86:33:4f:88:
70:db:bb:07:52:b3:e7:92:5b:5f:8b:5e:b1:40:ab:
8f:a3:7b:7b:7d:9a:31:26:1e:8b:87:e4:b7:6c:08:
15:d6:aa:44:d5:eb:9a:f0:97:9f:b6:55:91:ee:48:
67:92:c1:27:a5:4d:27:e7:7f:f4:8c:2d:b1:50:98:
6b:e8:88:ce:ce:5e:9a:e4:a7:a2:68:f7:b6:2d:7d:
63:c2:3d:5b:72:3c:c3:83:09:bb:07:2d:de:8c:ed:
85:18:d3:08:49:78:dc:e2:a2:51:6a:87:64:b9:a4:
b5:5b:89:a6:55:7c:18:8f:84:0d:8a:bf:63:c8:05:
48:bd:83:32:a6:86:41:6d:e7:b1:0f:a8:7d:59:b5:
87:e0:73:3d:1e:3a:c2:c0:27:3e:39:2f:5a:f7:de:
20:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E8:D6:C9:60:D2:B2:3B:59:12:B9:B7:B7:4D:83:97:A1:2D:2E:F2
X509v3 Authority Key Identifier:
keyid:8E:C4:A6:7D:BE:D7:44:4D:DD:27:E8:00:FB:6C:21:01:3A:5B:11:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsSmfb7XRE3dJ-gA-2whATpbEcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/m-jWyWDSsjtZErm3t02Dl6EtLvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/e7a2f1-2e10-4ebe-91b3-0cef512f5009/1/jsSmfb7XRE3dJ-gA-2whATpbEcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.32.0/22
80.245.132.0-80.245.143.255
82.198.192.0/19
176.118.180.0/22
185.43.24.0/22
185.48.224.0/22
185.106.184.0/22
185.115.80.0/22
185.139.112.0/22
192.145.112.0/22
193.176.72.0/22
194.146.0.0/22
IPv6:
2a01:9b60::/32
2a03:9980::/29
Signature Algorithm: sha256WithRSAEncryption
91:b5:ee:3d:71:19:da:ff:5f:24:e5:70:27:eb:5b:e1:d4:c2:
55:c3:7a:73:42:ee:57:51:48:0c:0f:e6:85:45:9b:c0:2a:05:
93:ba:09:b9:7b:36:8d:0e:43:1c:39:e9:90:65:c9:a0:b0:58:
d1:2b:3f:60:5b:1c:cc:0a:9d:72:c3:6e:e8:3c:07:84:a5:26:
b3:d7:d7:d6:7f:9e:b8:f7:49:99:dc:c8:d8:af:fc:7a:fa:39:
44:e1:41:b2:02:b0:d9:c9:6d:7c:cd:6d:01:9c:56:bf:69:2e:
b3:7a:7a:31:68:86:8f:58:16:e7:06:f6:23:f8:2a:9a:c5:39:
ae:7f:76:06:24:54:23:cc:85:b0:5b:00:ec:31:4f:0d:38:5e:
3f:34:f4:52:b1:0a:de:5a:17:85:09:65:57:fc:28:d4:47:f6:
f5:96:ce:c5:f8:8c:70:cd:ff:e8:b7:15:06:54:73:5e:14:31:
e6:87:6c:b1:a6:bf:cd:02:bb:c3:1e:e3:7d:28:fc:69:a8:03:
6f:71:8f:3f:7a:bb:8d:8a:fc:0f:ce:d3:b2:96:fb:2e:54:e0:
f8:a2:d9:08:58:27:96:bf:8d:08:20:a3:e6:27:a2:8f:0d:82:
9c:14:a1:c7:79:0c:4a:c0:75:43:7a:5a:37:19:e8:af:1f:a9:
dc:e7:13:b2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZL3u5+0HYFxYn6q9LssPWCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzRhNjdkYmVkNzQ0NGRkZDI3ZTgwMGZiNmMyMTAxM2E1
YjExYzYwHhcNMjQxMTA0MTUxMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmU4ZDZjOTYwZDJiMjNiNTkxMmI5YjdiNzRkODM5N2ExMmQyZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIaLiCOMWp04egRtPvf7YR7LZTOV
yZtHPXuw0LcsiVl74nYVuRxczdUBCzqcF5usgui8h7OA2BDpGLUMZbYXunbd1dhC
Z6Mtdzqg1WhLae1hSqETfmmmq3rDOrpyA8/ymqXse4YzT4hw27sHUrPnkltfi16x
QKuPo3t7fZoxJh6Lh+S3bAgV1qpE1eua8JeftlWR7khnksEnpU0n53/0jC2xUJhr
6IjOzl6a5KeiaPe2LX1jwj1bcjzDgwm7By3ejO2FGNMISXjc4qJRaodkuaS1W4mm
VXwYj4QNir9jyAVIvYMypoZBbeexD6h9WbWH4HM9HjrCwCc+OS9a994gZwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJvo1slg0rI7WRK5t7dNg5ehLS7yMB8GA1UdIwQY
MBaAFI7Epn2+10RN3SfoAPtsIQE6WxHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMt
MGNlZjUxMmY1MDA5LzEvbS1qV3lXRFNzanRaRXJtM3QwMkRsNkV0THZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9lN2EyZjEtMmUxMC00ZWJlLTkxYjMtMGNlZjUxMmY1MDA5
LzEvanNTbWZiN1hSRTNkSi1nQS0yd2hBVHBiRWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQCAjsgMAwD
BAJQ9YQDBARQ9YADBAVSxsADBAKwdrQDBAK5KxgDBAK5MOADBAK5argDBAK5c1AD
BAK5i3ADBALAkXADBALBsEgDBALCkgAwFAQCAAIwDgMFACoBm2ADBQMqA5mAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRte49cRna/18k5XAn61vh1MJVw3pzQu5XUUgMD+aF
RZvAKgWTugm5ezaNDkMcOemQZcmgsFjRKz9gWxzMCp1yw27oPAeEpSaz19fWf564
90mZ3MjYr/x6+jlE4UGyArDZyW18zW0BnFa/aS6zenoxaIaPWBbnBvYj+CqaxTmu
f3YGJFQjzIWwWwDsMU8NOF4/NPRSsQreWheFCWVX/CjUR/b1ls7F+Ixwzf/otxUG
VHNeFDHmh2yxpr/NArvDHuN9KPxpqANvcY8/eruNivwPztOylvsuVOD4otkIWCeW
v40IIKPmJ6KPDYKcFKHHeQxKwHVDelo3GeivH6nc5xOy
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:24 2024 by rpki-client on console-ams.rpki-client.org