Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/JxN8aFVykcA-39CGItS6YlnUJ5o.roa
File: JxN8aFVykcA-39CGItS6YlnUJ5o.roa (raw, json)
Hash identifier: m2bFYD3CJSZqj8xisMrB71iYAunnSfsJx/hUNW1cUjY=
Subject key identifier: 27:13:7C:68:55:72:91:C0:3E:DF:D0:86:22:D4:BA:62:59:D4:27:9A
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018CC94C95EFFC00E33ECCA8573BBFB1B9F0
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/JxN8aFVykcA-39CGItS6YlnUJ5o.roa
Signing time: Tue 02 Jan 2024 08:31:28 +0000
ROA not before: Tue 02 Jan 2024 08:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 185.190.250.0/24 maxlen: 24
91.247.36.0/23 maxlen: 23
91.215.152.0/24 maxlen: 24
91.215.153.0/24 maxlen: 24
91.215.154.0/24 maxlen: 24
91.215.155.0/24 maxlen: 24
91.210.166.0/24 maxlen: 24
2001:67c:2f4c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:95:ef:fc:00:e3:3e:cc:a8:57:3b:bf:b1:b9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 2 08:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27137c68557291c03edfd08622d4ba6259d4279a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:6d:a6:1c:ba:9f:4f:63:94:87:c6:b4:2c:
1a:b8:8a:0d:7a:8c:c0:f1:52:8c:f8:11:71:cb:d0:
d1:5a:f3:50:f7:25:71:63:36:6e:39:05:55:97:62:
da:e8:58:8b:73:e0:d9:55:16:d2:7d:2b:ca:12:a0:
09:f8:50:43:72:b7:aa:4b:53:6e:9d:bd:b6:11:bd:
05:b3:e0:fe:4e:33:b9:76:fb:0a:a7:62:da:bb:d5:
12:18:8a:da:65:af:a8:ed:85:44:e8:ba:e6:53:7a:
2d:30:59:80:64:75:c9:3e:11:ef:a1:12:83:a6:c4:
1b:b0:b9:e7:28:ef:92:2c:1b:d8:4c:44:e1:b7:bf:
bb:de:7d:e0:ad:56:4c:25:b1:c4:ad:3c:ba:09:33:
1a:fe:85:f1:dc:57:6e:12:2d:3c:ab:ba:41:1c:4c:
43:8f:b5:47:f2:bd:34:a6:f0:f6:6c:e1:23:54:b6:
44:8e:fe:62:a1:57:ff:b3:ef:96:b8:c1:da:16:a6:
d3:29:58:e6:ec:6a:65:73:8d:79:2c:68:b1:0a:64:
ab:05:8a:97:b4:1a:df:ac:97:dd:a0:97:2c:7c:19:
e7:59:31:a4:67:41:2b:f5:9d:9c:e0:5f:01:da:5c:
7a:4a:00:b6:b3:89:8e:eb:08:2f:0e:2c:11:73:a5:
13:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:13:7C:68:55:72:91:C0:3E:DF:D0:86:22:D4:BA:62:59:D4:27:9A
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/JxN8aFVykcA-39CGItS6YlnUJ5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.166.0/24
91.215.152.0/22
91.247.36.0/23
185.190.250.0/24
IPv6:
2001:67c:2f4c::/48
Signature Algorithm: sha256WithRSAEncryption
1c:83:3c:6d:90:09:8d:16:f7:b4:2d:cd:4c:bc:aa:a7:61:f9:
e3:71:e8:5a:af:55:2d:81:9d:05:93:2f:9b:be:18:55:47:c0:
10:06:6a:48:fb:d2:9b:df:7e:b1:2e:e1:b8:fa:f3:5b:0e:aa:
7a:22:d3:cb:7b:61:ba:0d:a8:e1:cc:4b:fc:7c:98:75:62:1b:
64:a1:a7:2b:1a:30:ae:60:d6:62:53:91:d3:b8:71:a5:d4:50:
9e:8d:b3:84:40:af:13:22:88:6e:e5:22:ea:e1:0e:af:79:2e:
d1:52:94:e9:84:79:32:26:80:ed:29:b6:74:15:3b:db:26:32:
2a:56:7e:5f:41:43:74:0a:87:0d:8b:af:53:2e:50:f3:a2:b2:
73:61:2e:80:0f:0d:a0:fa:0c:e6:34:bb:8a:7f:0c:cf:1e:3d:
ab:ee:b4:47:2c:2c:d1:0d:86:aa:0a:0a:10:14:f3:cf:0d:c7:
b6:66:ff:80:16:31:ab:6f:86:7c:fc:4b:4f:07:f0:58:a5:9b:
5e:af:51:49:6f:e0:cd:c0:43:a9:48:f6:3c:69:00:de:13:95:
79:ee:d4:57:cd:3f:3f:6c:11:0e:9f:dc:50:c6:e7:1f:a9:1f:
a8:be:f2:84:8d:c4:b9:b5:b2:c4:cc:33:5e:bc:bc:04:51:66:
af:00:41:da
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzJTJXv/ADjPsyoVzu/sbnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjQwMTAyMDgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzEzN2M2ODU1NzI5MWMwM2VkZmQwODYyMmQ0YmE2MjU5ZDQyNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb1tphy6n09jlIfGtCwauIoNeozA
8VKM+BFxy9DRWvNQ9yVxYzZuOQVVl2La6FiLc+DZVRbSfSvKEqAJ+FBDcreqS1Nu
nb22Eb0Fs+D+TjO5dvsKp2Lau9USGIraZa+o7YVE6LrmU3otMFmAZHXJPhHvoRKD
psQbsLnnKO+SLBvYTETht7+73n3grVZMJbHErTy6CTMa/oXx3FduEi08q7pBHExD
j7VH8r00pvD2bOEjVLZEjv5ioVf/s++WuMHaFqbTKVjm7Gplc415LGixCmSrBYqX
tBrfrJfdoJcsfBnnWTGkZ0Er9Z2c4F8B2lx6SgC2s4mO6wgvDiwRc6UTDQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCcTfGhVcpHAPt/QhiLUumJZ1CeaMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvSnhOOGFGVnlrY0EtMzlDR0l0UzZZbG5VSjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW9KmAwQC
W9eYAwQBW/ckAwQAub76MA8EAgACMAkDBwAgAQZ8L0wwDQYJKoZIhvcNAQELBQAD
ggEBAByDPG2QCY0W97QtzUy8qqdh+eNx6FqvVS2BnQWTL5u+GFVHwBAGakj70pvf
frEu4bj681sOqnoi08t7YboNqOHMS/x8mHViG2ShpysaMK5g1mJTkdO4caXUUJ6N
s4RArxMiiG7lIurhDq95LtFSlOmEeTImgO0ptnQVO9smMipWfl9BQ3QKhw2Lr1Mu
UPOisnNhLoAPDaD6DOY0u4p/DM8ePavutEcsLNENhqoKChAU888Nx7Zm/4AWMatv
hnz8S08H8Film16vUUlv4M3AQ6lI9jxpAN4TlXnu1FfNPz9sEQ6f3FDG5x+pH6i+
8oSNxLm1ssTMM168vARRZq8AQdo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:21 2024 by rpki-client on console-fra.rpki-client.org