Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/Jets4GFTC9FOTixDIMjE7i4eK30.roa
File: Jets4GFTC9FOTixDIMjE7i4eK30.roa (raw, json)
Hash identifier: ndu0crd+O0Tz75oYp9h+E0BHRU0q39rMuCU6Ymz4tOE=
Subject key identifier: 25:EB:6C:E0:61:53:0B:D1:4E:4E:2C:43:20:C8:C4:EE:2E:1E:2B:7D
Certificate issuer: /CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Certificate serial: 018CC2DAD2A4945DE602209681D162584C1F
Authority key identifier: 6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/Jets4GFTC9FOTixDIMjE7i4eK30.roa
Signing time: Mon 01 Jan 2024 02:29:29 +0000
ROA not before: Mon 01 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197296
IP address blocks: 45.139.88.0/22 maxlen: 22
46.23.48.0/20 maxlen: 32
185.17.100.0/22 maxlen: 32
185.74.62.0/23 maxlen: 32
2a02:d280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d2:a4:94:5d:e6:02:20:96:81:d1:62:58:4c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Validity
Not Before: Jan 1 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25eb6ce061530bd14e4e2c4320c8c4ee2e1e2b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c9:f2:a8:ed:4c:13:42:a0:06:91:33:45:da:
35:e8:95:1a:83:03:e7:b3:50:df:b6:1e:86:52:66:
28:ab:9f:4b:76:ec:d1:2c:51:5b:4e:91:56:b9:93:
00:4c:49:90:6c:fa:20:78:29:62:51:4e:82:eb:74:
15:d9:9f:7a:60:3e:ae:26:e0:81:2e:d7:46:f8:11:
33:1c:40:10:9c:61:f9:5b:0d:5e:4b:a6:41:86:66:
33:5f:1c:1b:73:5f:ff:7d:0d:cc:bd:da:97:08:84:
b2:8c:23:51:4c:71:5d:3b:64:3b:46:dc:1c:28:45:
78:e4:30:65:4d:61:3e:5d:bc:40:d9:f7:48:a0:c2:
51:18:b2:0d:34:e9:ff:b2:0a:50:f6:55:d1:46:bd:
bd:83:06:d9:d4:c0:2a:d2:36:20:d2:74:22:f0:64:
75:58:5f:6f:b8:c4:fc:54:29:4f:ef:ff:f9:9e:7c:
ec:15:3f:45:79:b0:51:3d:b4:64:0d:ba:10:40:72:
a1:86:8f:77:9b:05:8a:6c:af:7b:d7:d1:03:f4:0a:
b0:94:c0:ba:49:ea:4d:7d:72:57:6a:69:cc:ae:97:
6c:6f:54:7d:30:8e:82:94:d5:f1:7b:c5:16:06:c0:
32:aa:54:0e:11:cb:b9:8f:71:3a:81:d0:1b:23:90:
a8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EB:6C:E0:61:53:0B:D1:4E:4E:2C:43:20:C8:C4:EE:2E:1E:2B:7D
X509v3 Authority Key Identifier:
keyid:6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/Jets4GFTC9FOTixDIMjE7i4eK30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.88.0/22
46.23.48.0/20
185.17.100.0/22
185.74.62.0/23
IPv6:
2a02:d280::/29
Signature Algorithm: sha256WithRSAEncryption
14:ae:6c:51:60:08:a1:29:71:c2:9d:b3:86:a8:90:ff:4b:d3:
4c:24:ae:cd:5d:74:a0:f8:8f:be:19:47:ed:32:ad:15:28:8c:
88:cb:db:be:3f:30:4a:3b:a2:48:a9:31:74:8d:d5:74:6f:99:
f8:76:ba:6c:49:47:60:72:66:cf:ca:7b:b7:9c:f9:39:0a:55:
03:d5:81:17:cc:ed:4d:ee:89:b4:f5:55:4c:d0:c2:a4:45:62:
53:5f:e4:5e:6c:ae:b8:40:92:8d:d4:2f:be:df:9e:06:7f:07:
71:e4:a6:78:02:7d:4a:d3:09:cf:57:94:63:be:0c:69:54:78:
ea:a1:3d:09:43:b6:96:34:26:79:85:11:53:9a:c0:45:25:6c:
2d:93:71:5c:a1:95:64:28:17:12:f5:51:88:41:1a:53:a6:fb:
f9:1f:4e:2c:96:a2:22:39:8a:9d:f1:c0:15:15:d7:02:bb:8e:
f4:76:4d:25:f4:2d:33:dc:f6:74:df:3b:9c:4f:49:ad:ab:dc:
7c:7c:2e:d8:87:ec:6d:78:71:02:ca:73:f4:a5:7c:a6:07:47:
86:db:b4:1a:20:f7:3e:25:bf:1e:51:61:d8:e0:56:91:c1:e9:
cb:54:86:96:28:db:12:20:ba:ee:0a:5c:78:43:5a:29:db:08:
71:c6:f9:be
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2tKklF3mAiCWgdFiWEwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2IzZmIzYmVhOGNjOGUzNmUzZGE3ZDljNDcwNDliZmM2
ZmZiMTQwHhcNMjQwMTAxMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWViNmNlMDYxNTMwYmQxNGU0ZTJjNDMyMGM4YzRlZTJlMWUyYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8nyqO1ME0KgBpEzRdo16JUagwPn
s1Dfth6GUmYoq59LduzRLFFbTpFWuZMATEmQbPogeCliUU6C63QV2Z96YD6uJuCB
LtdG+BEzHEAQnGH5Ww1eS6ZBhmYzXxwbc1//fQ3MvdqXCISyjCNRTHFdO2Q7Rtwc
KEV45DBlTWE+XbxA2fdIoMJRGLINNOn/sgpQ9lXRRr29gwbZ1MAq0jYg0nQi8GR1
WF9vuMT8VClP7//5nnzsFT9FebBRPbRkDboQQHKhho93mwWKbK9719ED9AqwlMC6
SepNfXJXamnMrpdsb1R9MI6ClNXxe8UWBsAyqlQOEcu5j3E6gdAbI5Co7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCXrbOBhUwvRTk4sQyDIxO4uHit9MB8GA1UdIwQY
MBaAFG7LP7O+qMyONuPafZxHBJv8b/sUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUt
YTM3MGY0YmEyZDJiLzEvSmV0czRHRlRDOUZPVGl4RElNakU3aTRlSzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUtYTM3MGY0YmEyZDJi
LzEvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYtYAwQE
LhcwAwQCuRFkAwQBuUo+MA0EAgACMAcDBQMqAtKAMA0GCSqGSIb3DQEBCwUAA4IB
AQAUrmxRYAihKXHCnbOGqJD/S9NMJK7NXXSg+I++GUftMq0VKIyIy9u+PzBKO6JI
qTF0jdV0b5n4drpsSUdgcmbPynu3nPk5ClUD1YEXzO1N7om09VVM0MKkRWJTX+Re
bK64QJKN1C++354Gfwdx5KZ4An1K0wnPV5RjvgxpVHjqoT0JQ7aWNCZ5hRFTmsBF
JWwtk3FcoZVkKBcS9VGIQRpTpvv5H04slqIiOYqd8cAVFdcCu470dk0l9C0z3PZ0
3zucT0mtq9x8fC7Yh+xteHECynP0pXymB0eG27QaIPc+Jb8eUWHY4FaRwenLVIaW
KNsSILruClx4Q1op2whxxvm+
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:01:28 2024 by rpki-client on console-fra.rpki-client.org