Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/jfmMlPqFOdf8CqytGu5LKyPRsY8.roa
File: jfmMlPqFOdf8CqytGu5LKyPRsY8.roa (raw, json)
Hash identifier: d/BME/oHNQOQEKJzlhOBrDYyCFn4Gnp2rp6jyoPGXoU=
Subject key identifier: 8D:F9:8C:94:FA:85:39:D7:FC:0A:AC:AD:1A:EE:4B:2B:23:D1:B1:8F
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 018CC5DC1CC4BFD0C570E4AD4A5C469A9CC5
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/jfmMlPqFOdf8CqytGu5LKyPRsY8.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
2a0e:bb81:2a02::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:3a01::/48 maxlen: 48
2a0e:bb81:2a01::/48 maxlen: 48
2a0e:bb81:1a01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1c:c4:bf:d0:c5:70:e4:ad:4a:5c:46:9a:9c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8df98c94fa8539d7fc0aacad1aee4b2b23d1b18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:32:51:2c:7a:09:81:2c:c2:6b:8e:4b:10:72:
10:b0:fa:ff:f9:e5:1b:44:79:33:72:a8:01:48:d7:
8d:32:f4:36:71:28:3e:3e:47:ae:fd:97:ea:ee:b8:
d2:8d:68:76:e6:06:67:cb:e7:54:1c:95:09:2d:f8:
2d:1a:3a:21:e7:d6:a3:a1:0b:82:a3:6b:9c:7c:8f:
e0:c4:1d:15:76:d8:ff:67:8d:7f:a1:a3:7c:cd:03:
53:92:8f:f4:ca:9e:46:b5:b5:5f:93:4c:dc:8d:98:
25:b3:7b:6f:88:7f:28:25:4f:28:5e:59:0b:76:6b:
2c:72:0c:95:66:c1:76:3b:60:34:9a:68:54:c3:66:
80:20:ed:0f:16:54:a2:55:02:f1:11:b0:44:90:7d:
9e:48:7b:e6:93:14:47:00:59:f4:3f:0d:fe:4d:44:
c4:24:aa:69:87:86:ae:9b:de:7d:0e:d9:87:96:cb:
e6:12:02:1d:73:49:77:0d:14:57:16:2a:f0:cd:e3:
d7:f3:4f:a8:95:d1:74:05:62:44:a1:9b:f2:37:1f:
59:c9:db:90:4b:bd:4f:47:7b:d1:c3:2b:06:09:ae:
41:5d:84:23:8f:e6:5e:15:d4:f4:21:73:42:aa:e5:
bd:3f:1d:02:8d:7f:8c:96:89:2a:16:8a:dc:5e:26:
55:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F9:8C:94:FA:85:39:D7:FC:0A:AC:AD:1A:EE:4B:2B:23:D1:B1:8F
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/jfmMlPqFOdf8CqytGu5LKyPRsY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:1000::/48
2a0e:bb81:1a01::/48
2a0e:bb81:2a01::-2a0e:bb81:2a02:ffff:ffff:ffff:ffff:ffff
2a0e:bb81:3a01::/48
Signature Algorithm: sha256WithRSAEncryption
7a:80:36:42:c7:20:c5:f8:a3:3a:d2:d4:e1:6a:fb:2a:d4:da:
fe:15:38:88:0b:ce:da:1f:e5:9e:26:b1:1c:a3:3f:33:15:4b:
7a:43:62:2e:7d:26:6b:ba:c0:e9:e4:12:9d:f3:b2:7e:73:a2:
50:44:65:c8:4c:7a:b5:fa:8f:4a:01:32:fe:19:e5:d5:62:54:
6a:dd:7f:3a:ff:3b:da:15:b5:33:98:2f:c5:9a:60:a9:8f:22:
8c:d5:e3:24:28:a2:8e:15:07:fb:3b:dc:c9:6d:a1:e1:55:90:
b6:10:cb:78:1e:3c:f5:50:4f:9b:fd:42:53:b1:49:a3:0b:ba:
d1:e0:b3:97:3d:06:57:c2:73:7e:51:c0:42:53:5b:67:e4:fc:
21:98:4f:ce:46:0b:78:cb:de:43:c2:d8:5c:dc:be:ab:39:a9:
71:62:d5:f9:76:5c:f1:fb:3c:ef:33:e4:28:4c:9d:cf:7b:75:
12:e2:7b:75:93:72:3d:c5:3a:43:30:64:8e:18:98:9a:5a:c3:
e6:8a:cc:fe:97:c3:c4:28:5f:25:e8:00:9d:9b:8c:44:d8:bf:
88:9a:8b:ad:2c:b6:65:e5:62:34:12:1d:2e:d9:dc:80:11:53:
1a:36:7f:1b:c1:c1:68:75:ff:93:d9:26:04:4f:af:0a:33:98:
0e:1f:b5:26
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzF3BzEv9DFcOStSlxGmpzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY5OGM5NGZhODUzOWQ3ZmMwYWFjYWQxYWVlNGIyYjIzZDFiMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDJRLHoJgSzCa45LEHIQsPr/+eUb
RHkzcqgBSNeNMvQ2cSg+Pkeu/Zfq7rjSjWh25gZny+dUHJUJLfgtGjoh59ajoQuC
o2ucfI/gxB0Vdtj/Z41/oaN8zQNTko/0yp5GtbVfk0zcjZgls3tviH8oJU8oXlkL
dmsscgyVZsF2O2A0mmhUw2aAIO0PFlSiVQLxEbBEkH2eSHvmkxRHAFn0Pw3+TUTE
JKpph4aum959DtmHlsvmEgIdc0l3DRRXFirwzePX80+oldF0BWJEoZvyNx9ZyduQ
S71PR3vRwysGCa5BXYQjj+ZeFdT0IXNCquW9Px0CjX+MlokqForcXiZVIQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFI35jJT6hTnX/AqsrRruSysj0bGPMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvamZtTWxQcUZPZGY4Q3F5dEd1NUxLeVBSc1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQALVVJMD4E
AgACMDgDBwAqDruBAAADBwAqDruBEAADBwAqDruBGgEwEgMHACoOu4EqAQMHACoO
u4EqAgMHACoOu4E6ATANBgkqhkiG9w0BAQsFAAOCAQEAeoA2QscgxfijOtLU4Wr7
KtTa/hU4iAvO2h/lniaxHKM/MxVLekNiLn0ma7rA6eQSnfOyfnOiUERlyEx6tfqP
SgEy/hnl1WJUat1/Ov872hW1M5gvxZpgqY8ijNXjJCiijhUH+zvcyW2h4VWQthDL
eB489VBPm/1CU7FJowu60eCzlz0GV8JzflHAQlNbZ+T8IZhPzkYLeMveQ8LYXNy+
qzmpcWLV+XZc8fs87zPkKEydz3t1EuJ7dZNyPcU6QzBkjhiYmlrD5orM/pfDxChf
JegAnZuMRNi/iJqLrSy2ZeViNBIdLtncgBFTGjZ/G8HBaHX/k9kmBE+vCjOYDh+1
Jg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:12:06 2024 by rpki-client on console-fra.rpki-client.org