Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jLXy7U84-pujNwCX8FoB4TUzii4.roa
File: jLXy7U84-pujNwCX8FoB4TUzii4.roa (raw, json)
Hash identifier: X4pZf3ZlkwQrMjdZUBKB5VNGdW/dNnziV7WNdulfJEs=
Subject key identifier: 8C:B5:F2:ED:4F:38:FA:9B:A3:37:00:97:F0:5A:01:E1:35:33:8A:2E
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018EEB2AFB2C14E6A7394095C5993A3F5F5F
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jLXy7U84-pujNwCX8FoB4TUzii4.roa
Signing time: Wed 17 Apr 2024 08:27:26 +0000
ROA not before: Wed 17 Apr 2024 08:27:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209411
IP address blocks: 185.114.144.0/23 maxlen: 24
209.16.142.0/23 maxlen: 23
2a0e:ce40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:2a:fb:2c:14:e6:a7:39:40:95:c5:99:3a:3f:5f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Apr 17 08:27:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cb5f2ed4f38fa9ba3370097f05a01e135338a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:21:00:41:c9:a9:de:16:59:65:e1:71:9d:93:
8c:a5:cd:9f:2c:2e:fd:f7:0d:70:2d:00:d7:cc:c5:
fa:eb:31:4b:cc:45:d0:bd:1d:a6:df:da:b7:6e:c7:
b5:53:87:05:9b:17:ea:9f:e6:ca:91:b1:06:e5:65:
1c:27:86:36:38:ea:01:db:37:0e:af:de:d9:b7:df:
c7:48:54:ee:6b:1d:89:bc:46:67:66:48:ed:b1:6f:
36:8b:31:82:c7:90:a3:3f:90:9a:c3:e0:fd:94:ed:
65:17:a2:53:c6:92:a0:f0:19:c7:7f:36:e2:cd:f2:
73:22:3f:dc:22:48:8a:c2:67:c6:5f:64:f9:17:f8:
a2:da:55:d3:97:a1:5a:c2:48:91:e0:8f:3f:92:80:
7c:06:f6:73:41:93:8d:5d:97:a6:0f:54:be:ec:ba:
b8:09:7c:1f:e7:ff:39:73:ca:59:6c:f6:eb:32:1b:
7a:da:d5:43:e6:ad:52:3b:f5:e7:cf:37:20:41:50:
79:51:10:19:d3:9e:a1:b1:5c:92:91:7e:80:cf:2d:
b9:ce:b7:d9:88:08:8a:f5:b0:cd:b4:5f:e4:b3:48:
20:c1:27:97:3a:86:48:53:a1:82:b3:eb:9f:02:14:
42:c7:ce:14:45:b9:5b:fe:c5:1a:32:1e:f2:ce:0b:
7b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B5:F2:ED:4F:38:FA:9B:A3:37:00:97:F0:5A:01:E1:35:33:8A:2E
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jLXy7U84-pujNwCX8FoB4TUzii4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.144.0/23
209.16.142.0/23
IPv6:
2a0e:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
71:ab:89:9d:f2:22:ca:65:8c:c1:22:52:8f:ea:37:21:36:1f:
67:fa:b3:1a:cc:51:b1:c1:fe:26:a8:5e:f9:1c:2b:4b:a2:de:
a5:75:3f:97:e7:de:1f:d3:cc:68:db:b8:f8:1e:ee:59:c6:5a:
0b:b8:be:a7:c7:0f:af:a0:9a:9a:b0:da:4b:cc:cb:25:50:7d:
14:0e:66:55:58:16:2a:31:e2:f1:29:d6:43:09:3a:89:08:db:
d5:67:f4:3a:b5:d8:df:78:44:f6:91:1b:b9:3b:b4:31:15:f4:
55:e7:d3:2f:a1:6a:87:18:de:10:e3:27:4e:49:21:00:9c:1d:
f5:5d:99:63:01:0c:0c:3e:d6:c4:10:5f:a8:90:a9:64:2b:32:
5c:7b:6c:59:f5:1d:d4:ae:82:42:f5:a6:2f:4d:55:90:94:44:
39:2b:d8:95:1a:6f:b5:28:7c:f9:f4:c1:a1:29:64:25:91:8e:
2f:fc:a0:73:16:44:42:6e:10:7f:c1:ff:84:37:d2:2a:e4:27:
25:8b:ae:f8:91:c3:7b:01:db:41:2a:8b:9d:56:29:d9:b9:f6:
26:1e:b5:40:98:6d:05:28:ba:d6:4c:c3:74:42:5f:be:85:9a:
ea:84:3a:65:08:bc:ec:33:6b:30:1a:a4:33:52:bc:27:f4:40:
73:f4:8e:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7rKvssFOanOUCVxZk6P19fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwNDE3MDgyNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I1ZjJlZDRmMzhmYTliYTMzNzAwOTdmMDVhMDFlMTM1MzM4YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviEAQcmp3hZZZeFxnZOMpc2fLC79
9w1wLQDXzMX66zFLzEXQvR2m39q3bse1U4cFmxfqn+bKkbEG5WUcJ4Y2OOoB2zcO
r97Zt9/HSFTuax2JvEZnZkjtsW82izGCx5CjP5Caw+D9lO1lF6JTxpKg8BnHfzbi
zfJzIj/cIkiKwmfGX2T5F/ii2lXTl6FawkiR4I8/koB8BvZzQZONXZemD1S+7Lq4
CXwf5/85c8pZbPbrMht62tVD5q1SO/XnzzcgQVB5URAZ056hsVySkX6Azy25zrfZ
iAiK9bDNtF/ks0ggwSeXOoZIU6GCs+ufAhRCx84URblb/sUaMh7yzgt7qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIy18u1POPqbozcAl/BaAeE1M4ouMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvakxYeTdVODQtcHVqTndDWDhGb0I0VFV6aWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuXKQAwQB
0RCOMA0EAgACMAcDBQMqDs5AMA0GCSqGSIb3DQEBCwUAA4IBAQBxq4md8iLKZYzB
IlKP6jchNh9n+rMazFGxwf4mqF75HCtLot6ldT+X594f08xo27j4Hu5ZxloLuL6n
xw+voJqasNpLzMslUH0UDmZVWBYqMeLxKdZDCTqJCNvVZ/Q6tdjfeET2kRu5O7Qx
FfRV59MvoWqHGN4Q4ydOSSEAnB31XZljAQwMPtbEEF+okKlkKzJce2xZ9R3UroJC
9aYvTVWQlEQ5K9iVGm+1KHz59MGhKWQlkY4v/KBzFkRCbhB/wf+EN9Iq5Ccli674
kcN7AdtBKoudVinZufYmHrVAmG0FKLrWTMN0Ql++hZrqhDplCLzsM2swGqQzUrwn
9EBz9I41
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:51 2024 by rpki-client on console-fra.rpki-client.org