Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/jcqHFu5qOxSW-TnLkY1_u5xVSkY.roa
File: jcqHFu5qOxSW-TnLkY1_u5xVSkY.roa (raw, json)
Hash identifier: NgmD4wgtXUd2RoIUVTRN3ydeoBjG7zM9G8+8J0bQPGg=
Subject key identifier: 8D:CA:87:16:EE:6A:3B:14:96:F9:39:CB:91:8D:7F:BB:9C:55:4A:46
Certificate issuer: /CN=0bc893375ad155b5ffced3cbee2535b8659fe389
Certificate serial: 018CC94E239CBB1010D656ECB04B39A0D504
Authority key identifier: 0B:C8:93:37:5A:D1:55:B5:FF:CE:D3:CB:EE:25:35:B8:65:9F:E3:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C8iTN1rRVbX_ztPL7iU1uGWf44k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/jcqHFu5qOxSW-TnLkY1_u5xVSkY.roa
Signing time: Tue 02 Jan 2024 08:33:10 +0000
ROA not before: Tue 02 Jan 2024 08:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197690
IP address blocks: 85.208.180.0/22 maxlen: 22
2a09:8b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/C8iTN1rRVbX_ztPL7iU1uGWf44k.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/C8iTN1rRVbX_ztPL7iU1uGWf44k.mft
rsync://rpki.ripe.net/repository/DEFAULT/C8iTN1rRVbX_ztPL7iU1uGWf44k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 19:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:23:9c:bb:10:10:d6:56:ec:b0:4b:39:a0:d5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bc893375ad155b5ffced3cbee2535b8659fe389
Validity
Not Before: Jan 2 08:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dca8716ee6a3b1496f939cb918d7fbb9c554a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:d4:b0:92:80:64:68:78:d1:31:26:56:86:
9b:69:79:23:3f:90:d4:00:61:33:8a:1d:87:d9:8e:
7f:cd:ad:e1:ad:11:83:75:3d:03:9f:1e:a2:03:c8:
9e:e9:74:9f:cf:54:d5:be:fa:c9:a1:9a:42:b7:fe:
34:0f:06:b4:1c:bc:e5:99:2e:e7:64:1b:a7:e3:ee:
dd:a3:70:39:0f:7e:ce:58:40:06:e5:9f:43:6e:ea:
b0:82:01:c4:3e:65:7d:0d:6f:82:aa:85:f2:4a:e0:
ee:04:a9:33:29:68:b1:55:ab:ab:59:45:1c:70:54:
9f:a4:cf:b6:54:6b:4b:55:97:8f:c6:75:e9:b3:27:
37:09:c0:02:ee:4c:c1:fa:2a:90:60:79:33:20:40:
e1:2b:02:13:5a:d2:5d:b8:c3:47:fd:31:ea:17:b3:
1c:8f:d9:f6:1c:a1:1c:21:26:4d:5e:25:98:7f:78:
4c:4c:8b:0e:ed:19:57:ac:98:27:db:8a:7a:67:f8:
68:6f:03:f1:6b:5f:3c:c8:0f:d4:3b:49:ca:6a:1e:
a1:af:28:5c:63:56:9e:c7:1c:0f:0f:8c:68:09:c8:
78:8f:20:06:e5:f7:9e:0f:36:82:1f:b1:e5:5e:7b:
80:a6:c3:a8:97:fc:97:a0:c4:58:e2:db:5e:26:bd:
36:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CA:87:16:EE:6A:3B:14:96:F9:39:CB:91:8D:7F:BB:9C:55:4A:46
X509v3 Authority Key Identifier:
keyid:0B:C8:93:37:5A:D1:55:B5:FF:CE:D3:CB:EE:25:35:B8:65:9F:E3:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C8iTN1rRVbX_ztPL7iU1uGWf44k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/jcqHFu5qOxSW-TnLkY1_u5xVSkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/336701-e36a-4db2-974e-0ed078f4bcaf/1/C8iTN1rRVbX_ztPL7iU1uGWf44k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.180.0/22
IPv6:
2a09:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
20:0c:7a:88:99:be:96:bc:61:6a:83:5a:5e:45:9f:f3:23:66:
6d:f2:8e:3c:c2:d5:27:34:7a:a4:8c:8c:12:b4:b6:c4:1b:7e:
2d:1b:81:d8:94:f8:d9:f1:dc:e0:28:e1:ba:ec:81:cf:8e:37:
0d:e7:62:f7:3c:4e:4f:8f:22:c4:9f:ed:da:e2:80:ff:01:cc:
1e:07:04:aa:7f:d7:79:28:62:6c:ce:35:02:20:0b:7d:b4:5e:
cf:90:f3:93:55:e1:cc:25:a2:4f:50:6f:f1:a0:04:f7:98:19:
59:47:0e:19:d7:95:22:80:8b:7c:5b:bb:42:c2:bf:9c:f6:ab:
f7:08:30:bd:89:f4:50:c3:6c:f7:bf:bc:8a:5a:7b:7e:c3:70:
90:a3:a8:db:9a:e1:0c:c3:b3:a7:d9:0a:18:f1:97:dd:c6:e1:
ed:e3:aa:b2:24:2c:d2:93:9c:f5:1c:50:28:94:97:2a:37:af:
06:53:62:30:d9:0a:9a:c9:c5:ad:73:e0:e7:d3:62:6e:18:f9:
6b:50:e5:90:53:51:73:be:3d:16:01:83:76:62:f8:64:9d:89:
1a:94:99:9f:6e:58:82:06:90:36:2d:2e:b9:bf:65:d0:74:3e:
fe:05:a5:0e:59:16:db:95:86:21:7f:6d:92:40:67:81:46:f2:
3f:61:d4:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTiOcuxAQ1lbssEs5oNUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYzg5MzM3NWFkMTU1YjVmZmNlZDNjYmVlMjUzNWI4NjU5
ZmUzODkwHhcNMjQwMTAyMDgzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGNhODcxNmVlNmEzYjE0OTZmOTM5Y2I5MThkN2ZiYjljNTU0YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmDUsJKAZGh40TEmVoabaXkjP5DU
AGEzih2H2Y5/za3hrRGDdT0Dnx6iA8ie6XSfz1TVvvrJoZpCt/40Dwa0HLzlmS7n
ZBun4+7do3A5D37OWEAG5Z9DbuqwggHEPmV9DW+CqoXySuDuBKkzKWixVaurWUUc
cFSfpM+2VGtLVZePxnXpsyc3CcAC7kzB+iqQYHkzIEDhKwITWtJduMNH/THqF7Mc
j9n2HKEcISZNXiWYf3hMTIsO7RlXrJgn24p6Z/hobwPxa188yA/UO0nKah6hryhc
Y1aexxwPD4xoCch4jyAG5feeDzaCH7HlXnuApsOol/yXoMRY4tteJr02qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI3KhxbuajsUlvk5y5GNf7ucVUpGMB8GA1UdIwQY
MBaAFAvIkzda0VW1/87Ty+4lNbhln+OJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzhpVE4xclJWYlhfenRQTDdpVTF1R1dmNDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMzY3MDEtZTM2YS00ZGIyLTk3NGUt
MGVkMDc4ZjRiY2FmLzEvamNxSEZ1NXFPeFNXLVRuTGtZMV91NXhWU2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMzY3MDEtZTM2YS00ZGIyLTk3NGUtMGVkMDc4ZjRiY2Fm
LzEvQzhpVE4xclJWYlhfenRQTDdpVTF1R1dmNDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdC0MA0E
AgACMAcDBQMqCYtAMA0GCSqGSIb3DQEBCwUAA4IBAQAgDHqImb6WvGFqg1peRZ/z
I2Zt8o48wtUnNHqkjIwStLbEG34tG4HYlPjZ8dzgKOG67IHPjjcN52L3PE5PjyLE
n+3a4oD/AcweBwSqf9d5KGJszjUCIAt9tF7PkPOTVeHMJaJPUG/xoAT3mBlZRw4Z
15UigIt8W7tCwr+c9qv3CDC9ifRQw2z3v7yKWnt+w3CQo6jbmuEMw7On2QoY8Zfd
xuHt46qyJCzSk5z1HFAolJcqN68GU2Iw2QqaycWtc+Dn02JuGPlrUOWQU1Fzvj0W
AYN2YvhknYkalJmfbliCBpA2LS65v2XQdD7+BaUOWRbblYYhf22SQGeBRvI/YdQq
-----END CERTIFICATE-----
Generated at Sat Dec 28 06:24:33 2024 by rpki-client on console-fra.rpki-client.org