Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/JIt-cN-TJtL8VtT0aqf3mjQzYRE.roa
File: JIt-cN-TJtL8VtT0aqf3mjQzYRE.roa (raw, json)
Hash identifier: rUyTWM4NtKXIeCNWMU8A/sKBiyF0x7SSDzOhB7THEmg=
Subject key identifier: 24:8B:7E:70:DF:93:26:D2:FC:56:D4:F4:6A:A7:F7:9A:34:33:61:11
Certificate issuer: /CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Certificate serial: 018CC3B70D2BC7A997D4804F0227956B130D
Authority key identifier: FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/JIt-cN-TJtL8VtT0aqf3mjQzYRE.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204272
IP address blocks: 185.108.208.0/22 maxlen: 22
2a05:4100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0d:2b:c7:a9:97:d4:80:4f:02:27:95:6b:13:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=248b7e70df9326d2fc56d4f46aa7f79a34336111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4f:39:c2:fa:33:a2:ca:36:d7:2a:9c:35:a5:
34:f8:02:da:b4:2a:50:97:e2:64:6a:89:74:db:3f:
db:0e:38:ab:ae:c7:36:ca:a0:19:46:db:37:8c:0d:
bb:44:71:24:d2:07:1b:f9:78:27:37:55:ec:89:0c:
3a:ef:77:8e:22:a3:4a:7d:9f:12:30:ad:1d:08:12:
7d:64:95:90:a7:66:30:84:dc:f0:96:6b:14:1a:87:
e2:dc:65:15:11:b0:bf:ff:31:e7:26:c8:f2:73:b7:
52:16:39:bb:6f:e7:29:79:df:aa:60:a1:2f:66:bf:
9f:f4:fd:90:3b:2d:d2:31:bd:22:db:89:70:91:da:
cb:7c:c9:63:b4:d6:34:17:92:6a:22:2d:f8:f7:41:
be:11:f1:e2:f3:8c:28:92:44:8a:62:77:08:09:28:
de:1e:20:ae:bf:dc:df:f7:29:4b:79:4d:ed:72:3e:
16:a7:c6:77:93:c7:0f:28:47:66:37:c2:57:f3:e8:
7f:be:32:2c:69:78:2c:78:1d:03:bd:18:30:d0:b4:
53:8b:28:3e:d6:05:b1:1b:bc:91:50:f7:28:4a:d2:
4e:1c:04:b2:66:12:bb:2f:46:41:df:c8:be:c4:57:
dc:cd:05:00:0d:a5:22:15:76:9d:0e:a9:11:c6:bc:
60:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8B:7E:70:DF:93:26:D2:FC:56:D4:F4:6A:A7:F7:9A:34:33:61:11
X509v3 Authority Key Identifier:
keyid:FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/JIt-cN-TJtL8VtT0aqf3mjQzYRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.208.0/22
IPv6:
2a05:4100::/29
Signature Algorithm: sha256WithRSAEncryption
81:2d:53:01:35:48:f7:66:f8:f3:2a:fe:a1:27:ba:60:04:c5:
88:8c:c5:d8:3f:ec:5b:fe:ee:d2:0b:18:5b:43:87:ee:42:6d:
fc:80:af:47:98:68:bb:2a:d3:16:14:e3:2d:e9:11:c1:cf:68:
d0:4b:af:5d:f1:6c:c6:c1:17:96:b5:74:80:94:a6:69:f3:e5:
b7:08:89:8d:a8:c2:27:24:ea:0b:7e:4e:80:59:ed:21:d4:00:
64:e6:81:e5:a4:9a:9b:bd:38:e0:26:9b:f5:a4:2a:70:b5:1c:
57:71:ff:62:58:be:11:74:f4:ee:79:65:a9:f2:c7:c8:db:7a:
6b:52:eb:c4:9f:97:2a:d5:a4:ae:e3:58:39:0c:e2:3d:5d:e1:
30:7d:c1:93:02:bf:e4:f6:91:79:7a:ec:96:ee:5d:76:82:51:
9d:22:53:e0:73:dc:f7:d3:b4:e0:d3:18:20:fe:52:60:49:ca:
9c:a4:ec:b6:44:50:1b:31:73:05:fb:71:86:c3:67:7b:5b:ce:
16:25:1f:8c:0a:c3:36:df:4a:84:21:57:e5:4e:32:74:f4:13:
b6:ab:14:7d:76:d2:bd:ed:5b:81:90:5a:bb:37:45:6d:b3:e4:
34:40:67:38:d4:97:34:82:da:d5:d2:83:fa:9c:98:83:38:55:
fd:f6:74:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtw0rx6mX1IBPAieVaxMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYzBmMGRhMzlhMjJhNzlmODBjMWYzNzliNjY4YjkwZjZk
NzQ3MDgwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhiN2U3MGRmOTMyNmQyZmM1NmQ0ZjQ2YWE3Zjc5YTM0MzM2MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh085wvozoso21yqcNaU0+ALatCpQ
l+Jkaol02z/bDjirrsc2yqAZRts3jA27RHEk0gcb+XgnN1XsiQw673eOIqNKfZ8S
MK0dCBJ9ZJWQp2YwhNzwlmsUGofi3GUVEbC//zHnJsjyc7dSFjm7b+cped+qYKEv
Zr+f9P2QOy3SMb0i24lwkdrLfMljtNY0F5JqIi3490G+EfHi84wokkSKYncICSje
HiCuv9zf9ylLeU3tcj4Wp8Z3k8cPKEdmN8JX8+h/vjIsaXgseB0DvRgw0LRTiyg+
1gWxG7yRUPcoStJOHASyZhK7L0ZB38i+xFfczQUADaUiFXadDqkRxrxg1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCSLfnDfkybS/FbU9Gqn95o0M2ERMB8GA1UdIwQY
MBaAFPrA8No5oip5+AwfN5tmi5D210cIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zRHcyam1pS25uNERCODNtMmFMa1BiWFJ3Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRh
LWI5OWQ0ZDAwZjgzMS8xL0pJdC1jTi1USnRMOFZ0VDBhcWYzbWpRellSRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRhLWI5OWQ0ZDAwZjgz
MS8xLzEtc0R3MmptaUtubjREQjgzbTJhTGtQYlhSd2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5bNAw
DQQCAAIwBwMFAyoFQQAwDQYJKoZIhvcNAQELBQADggEBAIEtUwE1SPdm+PMq/qEn
umAExYiMxdg/7Fv+7tILGFtDh+5CbfyAr0eYaLsq0xYU4y3pEcHPaNBLr13xbMbB
F5a1dICUpmnz5bcIiY2owick6gt+ToBZ7SHUAGTmgeWkmpu9OOAmm/WkKnC1HFdx
/2JYvhF09O55Zanyx8jbemtS68SflyrVpK7jWDkM4j1d4TB9wZMCv+T2kXl67Jbu
XXaCUZ0iU+Bz3PfTtODTGCD+UmBJypyk7LZEUBsxcwX7cYbDZ3tbzhYlH4wKwzbf
SoQhV+VOMnT0E7arFH120r3tW4GQWrs3RW2z5DRAZzjUlzSC2tXSg/qcmIM4Vf32
dOU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:37 2024 by rpki-client on console-ams.rpki-client.org