Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/JQNt_MqL6YddggToRmYRgzkueYs.roa
File: JQNt_MqL6YddggToRmYRgzkueYs.roa (raw, json)
Hash identifier: jAibs2lTzh9KllBp70d0PlGIy/OoiCYQEqmTNYgNs30=
Subject key identifier: 25:03:6D:FC:CA:8B:E9:87:5D:82:04:E8:46:66:11:83:39:2E:79:8B
Certificate issuer: /CN=330fe971b3e36b16a92be85f59985be45968b864
Certificate serial: 018CC9BC11B770D929459646CBC3980B3E1A
Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/JQNt_MqL6YddggToRmYRgzkueYs.roa
Signing time: Tue 02 Jan 2024 10:33:14 +0000
ROA not before: Tue 02 Jan 2024 10:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47886
IP address blocks: 159.255.216.0/21 maxlen: 21
185.170.92.0/22 maxlen: 22
94.103.16.0/20 maxlen: 20
5.175.80.0/21 maxlen: 21
2a03:6980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:11:b7:70:d9:29:45:96:46:cb:c3:98:0b:3e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864
Validity
Not Before: Jan 2 10:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25036dfcca8be9875d8204e846661183392e798b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:08:a6:ed:1f:b1:5a:55:d6:95:3d:b3:7f:49:
d4:64:95:e7:53:29:9b:79:34:f5:ce:a0:1e:62:27:
5c:98:2f:49:c8:14:8d:e2:01:0a:31:ee:10:8a:a1:
64:32:a4:f7:ff:fb:30:fd:45:1d:81:17:3f:31:7c:
98:02:1d:0b:ed:4c:be:dd:0b:a5:be:60:71:57:6a:
f8:04:22:8c:8e:fe:3e:5b:83:3c:23:61:24:84:7b:
b0:38:ca:76:93:e9:69:7e:f2:9e:15:98:8d:74:8f:
6b:ec:70:a4:d0:99:01:46:15:c0:90:0c:da:2b:8d:
cc:6a:4e:03:f8:e9:86:14:a1:7c:fc:83:63:25:47:
b8:00:76:30:2a:8f:01:e7:85:a6:0e:c3:f4:bf:1c:
bd:68:52:bf:e2:47:09:14:32:89:43:48:32:77:69:
26:ad:b8:98:73:3a:10:73:31:1a:39:71:c6:94:74:
94:04:5f:2c:ca:59:23:16:82:53:ea:9e:c1:c1:09:
77:bc:40:0c:37:99:13:cc:8e:dc:f2:70:34:55:44:
67:7c:d6:a1:2f:b1:6a:ad:34:90:a6:17:e9:86:04:
29:eb:78:8f:16:a5:8a:1c:df:ff:4a:6b:99:3e:62:
5f:49:dc:73:1c:50:49:43:03:42:93:fa:99:46:c3:
69:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:03:6D:FC:CA:8B:E9:87:5D:82:04:E8:46:66:11:83:39:2E:79:8B
X509v3 Authority Key Identifier:
keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/JQNt_MqL6YddggToRmYRgzkueYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.80.0/21
94.103.16.0/20
159.255.216.0/21
185.170.92.0/22
IPv6:
2a03:6980::/32
Signature Algorithm: sha256WithRSAEncryption
5c:fe:08:89:90:fe:4f:c2:76:37:ac:e5:58:21:2b:ea:22:38:
4a:8b:a1:f6:6f:94:0f:ac:64:b8:e0:24:86:fe:d0:ec:00:7b:
48:cf:9e:99:47:86:d1:e1:a6:d8:9f:fc:59:9d:0e:18:9d:56:
1a:0f:c0:93:03:7b:e6:42:b4:33:69:13:9c:51:2f:20:68:b3:
e3:97:ce:eb:11:11:68:49:df:f5:e9:9f:b1:4c:5c:5e:f1:89:
32:cc:33:dd:1f:7f:34:dc:ec:16:3f:96:de:28:96:ee:fe:bb:
f0:ab:48:d5:06:61:1c:c5:89:e5:2b:81:5f:6f:fe:26:48:59:
27:c4:e0:2f:eb:b7:c0:d2:24:88:cd:95:db:dd:15:4d:40:c5:
8c:dd:1f:88:61:15:3e:69:67:46:7b:c7:48:37:a1:4a:f6:8c:
89:30:28:fb:72:fc:1d:f2:45:c1:28:33:ca:31:e6:5d:21:87:
a0:51:f2:c2:83:58:d1:78:0a:3a:b9:1c:0a:34:7d:ec:ae:08:
9e:34:3c:fe:7d:ed:f7:90:5e:20:d0:13:1d:b4:06:a2:18:b3:
1b:3c:a2:b9:7c:4e:45:78:af:5e:09:fb:2c:18:11:78:9b:a2:
eb:74:53:b8:88:1c:12:33:3c:45:99:19:71:db:3f:c5:ef:1a:
f6:f4:6d:07
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvBG3cNkpRZZGy8OYCz4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2
OGI4NjQwHhcNMjQwMTAyMTAzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTAzNmRmY2NhOGJlOTg3NWQ4MjA0ZTg0NjY2MTE4MzM5MmU3OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgim7R+xWlXWlT2zf0nUZJXnUymb
eTT1zqAeYidcmC9JyBSN4gEKMe4QiqFkMqT3//sw/UUdgRc/MXyYAh0L7Uy+3Qul
vmBxV2r4BCKMjv4+W4M8I2EkhHuwOMp2k+lpfvKeFZiNdI9r7HCk0JkBRhXAkAza
K43Mak4D+OmGFKF8/INjJUe4AHYwKo8B54WmDsP0vxy9aFK/4kcJFDKJQ0gyd2km
rbiYczoQczEaOXHGlHSUBF8sylkjFoJT6p7BwQl3vEAMN5kTzI7c8nA0VURnfNah
L7FqrTSQphfphgQp63iPFqWKHN//SmuZPmJfSdxzHFBJQwNCk/qZRsNpNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCUDbfzKi+mHXYIE6EZmEYM5LnmLMB8GA1UdIwQY
MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt
MTFlOWU5ZjAxMzQzLzEvSlFOdF9NcUw2WWRkZ2dUb1JtWVJnemt1ZVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz
LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBa9QAwQE
XmcQAwQDn//YAwQCuapcMA0EAgACMAcDBQAqA2mAMA0GCSqGSIb3DQEBCwUAA4IB
AQBc/giJkP5PwnY3rOVYISvqIjhKi6H2b5QPrGS44CSG/tDsAHtIz56ZR4bR4abY
n/xZnQ4YnVYaD8CTA3vmQrQzaROcUS8gaLPjl87rERFoSd/16Z+xTFxe8YkyzDPd
H3803OwWP5beKJbu/rvwq0jVBmEcxYnlK4Ffb/4mSFknxOAv67fA0iSIzZXb3RVN
QMWM3R+IYRU+aWdGe8dIN6FK9oyJMCj7cvwd8kXBKDPKMeZdIYegUfLCg1jReAo6
uRwKNH3srgieNDz+fe33kF4g0BMdtAaiGLMbPKK5fE5FeK9eCfssGBF4m6LrdFO4
iBwSMzxFmRlx2z/F7xr29G0H
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:02 2024 by rpki-client on console-ams.rpki-client.org