Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jGhUigkwDKQOX1TaurLq0FLNKsQ.roa
File: jGhUigkwDKQOX1TaurLq0FLNKsQ.roa (raw, json)
Hash identifier: DlQRa55bWApFXyoyhbHYmZX6dtx62ROA8J4jZZ8EfRk=
Subject key identifier: 8C:68:54:8A:09:30:0C:A4:0E:5F:54:DA:BA:B2:EA:D0:52:CD:2A:C4
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0192523096238D6094F3DA6EB7C8A387F3DE
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jGhUigkwDKQOX1TaurLq0FLNKsQ.roa
Signing time: Thu 03 Oct 2024 11:42:48 +0000
ROA not before: Thu 03 Oct 2024 11:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59811
IP address blocks: 185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 32
2a0b:8640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:30:96:23:8d:60:94:f3:da:6e:b7:c8:a3:87:f3:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Oct 3 11:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c68548a09300ca40e5f54dabab2ead052cd2ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:79:f0:5a:44:66:7a:4d:c0:12:f4:07:10:5b:
38:83:4c:99:d2:24:45:a6:c4:88:c1:17:db:3b:bc:
a0:39:b4:30:1f:79:40:0b:9d:d8:12:5e:1a:25:1f:
93:27:2a:f9:e7:05:95:fb:72:0f:71:db:d5:66:d0:
de:85:3c:c0:1e:4f:4c:ac:fb:c2:f7:b8:e0:30:be:
5e:b0:52:8f:77:5f:92:ba:14:cc:95:02:52:75:42:
19:8f:f6:a1:02:73:f1:48:06:4d:64:52:e6:cb:13:
c4:ce:13:c2:b0:ef:0b:a7:66:04:d0:e6:28:4c:dc:
2f:82:24:07:ac:61:74:28:bd:43:72:a9:68:c3:f3:
80:91:94:6e:98:c8:ce:5b:7f:10:b3:ce:94:9d:d6:
96:03:fd:0c:03:10:76:9c:e5:54:68:05:54:ce:1b:
11:b9:7e:93:3d:9f:ad:63:29:94:05:84:46:62:92:
a1:d4:a0:d4:0a:cf:db:e1:09:b6:ab:41:22:05:cc:
74:fc:27:1d:c0:49:49:69:fb:cb:2f:5a:c0:83:89:
12:ed:2f:ff:91:91:a0:5f:12:db:1d:fe:42:23:15:
d0:d1:73:dc:5c:1f:8f:d4:2e:28:0a:f7:8e:23:25:
88:0c:14:03:9d:da:ac:04:81:49:09:10:53:bb:63:
c9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:68:54:8A:09:30:0C:A4:0E:5F:54:DA:BA:B2:EA:D0:52:CD:2A:C4
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jGhUigkwDKQOX1TaurLq0FLNKsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
Signature Algorithm: sha256WithRSAEncryption
a0:55:02:8c:5a:e6:44:0e:01:a6:f9:0f:3d:bb:3f:5e:26:b9:
bf:62:a5:a0:7e:9f:7f:53:86:54:64:6b:9c:2c:5a:07:b3:1f:
88:b6:ec:0e:e2:bf:66:6c:50:14:18:7b:e1:8f:48:27:77:78:
44:e7:ab:b8:0a:79:3b:e4:1c:f3:3a:64:5d:93:b7:28:98:4a:
1c:6d:7f:6f:05:4e:8b:39:4d:65:13:a3:47:20:85:91:e7:81:
d2:11:88:f6:44:ba:ed:88:af:9d:97:0a:68:9d:a1:56:e1:8a:
58:e8:df:06:ff:0f:6c:c4:0b:4e:ba:d8:d1:ff:f2:7b:ff:eb:
38:18:02:e1:5e:1d:9a:f0:fa:cd:21:0a:ba:0c:a0:3b:2d:60:
0e:fd:51:b3:04:e7:cf:05:0f:3e:58:54:ac:ff:c5:61:24:e2:
d5:57:ae:22:23:4d:ee:ea:cd:a4:91:0f:c1:41:60:a2:a3:dd:
d9:7f:b4:41:54:11:30:69:8d:06:9d:c4:23:94:9e:a8:c3:20:
0b:d3:fe:0e:b2:cf:db:47:67:5c:53:de:50:95:8e:ab:bc:7f:
51:9e:02:a7:96:96:5c:7e:3b:14:03:83:3a:cc:7b:0e:b2:f9:
78:33:38:52:ad:24:9e:42:98:5b:94:e3:6c:c1:be:bc:5d:51:
0a:84:61:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZJSMJYjjWCU89put8ijh/PeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjQxMDAzMTE0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY4NTQ4YTA5MzAwY2E0MGU1ZjU0ZGFiYWIyZWFkMDUyY2QyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23nwWkRmek3AEvQHEFs4g0yZ0iRF
psSIwRfbO7ygObQwH3lAC53YEl4aJR+TJyr55wWV+3IPcdvVZtDehTzAHk9MrPvC
97jgML5esFKPd1+SuhTMlQJSdUIZj/ahAnPxSAZNZFLmyxPEzhPCsO8Lp2YE0OYo
TNwvgiQHrGF0KL1Dcqlow/OAkZRumMjOW38Qs86UndaWA/0MAxB2nOVUaAVUzhsR
uX6TPZ+tYymUBYRGYpKh1KDUCs/b4Qm2q0EiBcx0/CcdwElJafvLL1rAg4kS7S//
kZGgXxLbHf5CIxXQ0XPcXB+P1C4oCveOIyWIDBQDndqsBIFJCRBTu2PJXQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIxoVIoJMAykDl9U2rqy6tBSzSrEMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvakdoVWlna3dES1FPWDFUYXVyTHEwRkxOS3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgMAwDBAC5Qs0D
BAC5Qs4DBAC5ldADBAG5ldIDBALCAHQwFAQCAAIwDgMFAyoEGEADBQMqC4ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgVQKMWuZEDgGm+Q89uz9eJrm/YqWgfp9/U4ZUZGuc
LFoHsx+ItuwO4r9mbFAUGHvhj0gnd3hE56u4Cnk75BzzOmRdk7comEocbX9vBU6L
OU1lE6NHIIWR54HSEYj2RLrtiK+dlwponaFW4YpY6N8G/w9sxAtOutjR//J7/+s4
GALhXh2a8PrNIQq6DKA7LWAO/VGzBOfPBQ8+WFSs/8VhJOLVV64iI03u6s2kkQ/B
QWCio93Zf7RBVBEwaY0GncQjlJ6owyAL0/4Oss/bR2dcU95QlY6rvH9RngKnlpZc
fjsUA4M6zHsOsvl4MzhSrSSeQphblONswb68XVEKhGGy
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:33:54 2024 by rpki-client on console-ams.rpki-client.org