Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/jjWUbzwB8IBxfWHPdUGXQvFw6-I.roa
File: jjWUbzwB8IBxfWHPdUGXQvFw6-I.roa (raw, json)
Hash identifier: D6MdSYiqYBdY+DYrC2G9FIsLezWiD8DQl/N2mhREsxo=
Subject key identifier: 8E:35:94:6F:3C:01:F0:80:71:7D:61:CF:75:41:97:42:F1:70:EB:E2
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01925E619E76BC57BD35FED2FCE3CA616E87
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/jjWUbzwB8IBxfWHPdUGXQvFw6-I.roa
Signing time: Sat 05 Oct 2024 20:31:48 +0000
ROA not before: Sat 05 Oct 2024 20:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201207
IP address blocks: 2001:3080::/29 maxlen: 29
2001:3180::/29 maxlen: 29
2001:3280::/29 maxlen: 29
2001:3380::/29 maxlen: 29
2a14:6bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:61:9e:76:bc:57:bd:35:fe:d2:fc:e3:ca:61:6e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Oct 5 20:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e35946f3c01f080717d61cf75419742f170ebe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1a:1a:96:9d:c6:46:aa:39:b8:f7:09:0e:2f:
e0:68:29:ae:8c:16:a3:eb:31:bb:6e:c8:cd:0f:83:
e1:8f:3c:9a:c3:39:72:16:dd:c6:6a:d1:3c:55:fe:
4f:05:f5:99:54:49:eb:54:6d:1e:05:6c:fa:3c:e1:
4b:db:5d:c1:a6:a0:1e:ff:50:20:f5:3a:e5:f6:35:
99:0f:60:60:3d:cf:c7:73:75:a3:5a:66:bd:29:1a:
fe:6b:5c:13:a1:c9:4b:a8:4d:4a:27:e3:58:13:35:
09:b7:2f:e0:be:1b:de:41:11:91:8c:74:74:19:a5:
26:8a:07:8b:63:dd:26:1a:df:be:00:2d:c8:87:bc:
7f:52:f5:56:87:29:e7:f1:28:11:05:cb:71:e1:dd:
71:2e:be:02:43:af:d5:46:c4:3b:84:b7:82:ae:ce:
6c:a4:ad:29:ef:60:88:0d:ac:74:6e:25:b4:c7:22:
a1:8a:71:c5:9d:22:3d:dc:b3:1c:be:3b:e8:52:87:
79:4a:e3:e1:93:18:9b:d2:6f:f9:2f:a3:96:64:31:
7e:a0:14:6d:24:fc:ad:f9:c5:ad:93:a2:7a:f3:8f:
f4:34:5f:fa:b5:ce:44:c6:5e:7c:79:02:73:a7:68:
e4:99:a5:9d:04:c9:60:b3:d2:47:42:9c:df:69:86:
05:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:35:94:6F:3C:01:F0:80:71:7D:61:CF:75:41:97:42:F1:70:EB:E2
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/jjWUbzwB8IBxfWHPdUGXQvFw6-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2001:3180::/29
2001:3280::/29
2001:3380::/29
2a14:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:84:d2:91:0f:6f:9f:11:ca:cb:a4:5f:20:2d:6a:78:48:f6:
76:40:79:63:20:b4:be:5a:56:e2:b6:39:17:c7:cf:d1:13:05:
29:2c:3a:70:1e:b6:7d:e0:90:ae:60:45:e1:99:51:34:0b:7e:
64:87:77:81:29:06:47:a5:b6:89:f1:11:3c:1b:96:b9:84:bf:
4f:b8:b2:18:10:3a:ce:9b:02:86:e6:76:57:fc:78:e2:d8:e3:
5e:f9:53:62:4f:f3:7d:fb:d1:29:b0:f0:00:6c:84:2c:81:b9:
81:a0:c9:ce:70:88:35:cd:d5:a3:1a:96:f4:e3:d1:df:32:8c:
0d:38:28:17:61:ef:e7:43:8d:2b:a2:17:c2:38:c5:0b:b8:30:
15:58:45:c9:2f:ae:92:0a:56:d1:48:f4:a6:ee:6c:8e:a3:10:
4e:55:c5:41:df:6b:8f:fe:ac:80:a2:8a:28:b9:ee:72:af:30:
d1:32:d7:43:a6:0c:8b:6b:e2:96:84:69:77:5f:25:7b:28:aa:
bc:f1:3e:16:fb:e9:73:43:9b:ff:7c:bb:c7:f5:8e:aa:86:fa:
2c:54:61:4a:8d:18:e1:73:b1:fb:e8:32:e4:15:eb:6d:79:f4:
bc:e5:d9:d3:81:84:7b:6d:3b:38:3f:13:cb:f4:14:18:88:0d:
02:a9:fb:ee
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZJeYZ52vFe9Nf7S/OPKYW6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMDA1MjAzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM1OTQ2ZjNjMDFmMDgwNzE3ZDYxY2Y3NTQxOTc0MmYxNzBlYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Roalp3GRqo5uPcJDi/gaCmujBaj
6zG7bsjND4PhjzyawzlyFt3GatE8Vf5PBfWZVEnrVG0eBWz6POFL213BpqAe/1Ag
9Trl9jWZD2BgPc/Hc3WjWma9KRr+a1wToclLqE1KJ+NYEzUJty/gvhveQRGRjHR0
GaUmigeLY90mGt++AC3Ih7x/UvVWhynn8SgRBctx4d1xLr4CQ6/VRsQ7hLeCrs5s
pK0p72CIDax0biW0xyKhinHFnSI93LMcvjvoUod5SuPhkxib0m/5L6OWZDF+oBRt
JPyt+cWtk6J684/0NF/6tc5Exl58eQJzp2jkmaWdBMlgs9JHQpzfaYYF+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI41lG88AfCAcX1hz3VBl0LxcOviMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvampXVWJ6d0I4SUJ4ZldIUGRVR1hRdkZ3Ni1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDIAEwgAMF
AyABMYADBQMgATKAAwUDIAEzgAMFAyoUa8AwDQYJKoZIhvcNAQELBQADggEBAJWE
0pEPb58RysukXyAtanhI9nZAeWMgtL5aVuK2ORfHz9ETBSksOnAetn3gkK5gReGZ
UTQLfmSHd4EpBkeltonxETwblrmEv0+4shgQOs6bAobmdlf8eOLY4175U2JP8337
0Smw8ABshCyBuYGgyc5wiDXN1aMalvTj0d8yjA04KBdh7+dDjSuiF8I4xQu4MBVY
RckvrpIKVtFI9KbubI6jEE5VxUHfa4/+rICiiii57nKvMNEy10OmDItr4paEaXdf
JXsoqrzxPhb76XNDm/98u8f1jqqG+ixUYUqNGOFzsfvoMuQV62159Lzl2dOBhHtt
Ozg/E8v0FBiIDQKp++4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:41 2024 by rpki-client on console-ams.rpki-client.org