Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/JYGBw210xUUzzztNJcZfU1PR4cc.roa
File: JYGBw210xUUzzztNJcZfU1PR4cc.roa (raw, json)
Hash identifier: SpBwM82o0JFP1YGoJbRAHij4QP5G4kbkTK4E3Kks6XM=
Subject key identifier: 25:81:81:C3:6D:74:C5:45:33:CF:3B:4D:25:C6:5F:53:53:D1:E1:C7
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 01914796EF552959019DBFC0F5C6673B6D07
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/JYGBw210xUUzzztNJcZfU1PR4cc.roa
Signing time: Mon 12 Aug 2024 17:15:59 +0000
ROA not before: Mon 12 Aug 2024 17:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61002
IP address blocks: 89.44.246.0/24 maxlen: 24
185.170.11.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
193.3.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:96:ef:55:29:59:01:9d:bf:c0:f5:c6:67:3b:6d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Aug 12 17:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=258181c36d74c54533cf3b4d25c65f5353d1e1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:95:bf:89:ec:7a:2b:04:26:c0:cf:a0:06:
c0:cb:ef:14:7a:d9:a4:e6:74:81:26:3a:bb:d9:3d:
fc:cb:77:b3:8f:0e:e0:4d:f3:9c:0f:fd:f3:14:fc:
aa:43:24:8b:02:5b:77:6b:1a:48:f2:c7:38:7e:ad:
48:57:ff:b4:0b:79:fa:60:0e:71:54:79:19:a1:4b:
b7:bd:c3:0f:dd:01:92:32:32:f3:12:39:ff:a9:c7:
2d:5b:ff:be:f6:02:7b:5a:f8:5e:46:4f:e1:d8:b6:
94:4a:3e:49:56:bf:e6:7e:71:ba:06:f7:7b:f9:70:
16:0e:c1:d6:d8:0a:9d:d2:37:97:3d:c2:1c:11:ec:
4f:db:93:0a:10:6b:f5:09:6c:bd:23:38:59:09:b5:
2e:84:51:c5:46:0c:a0:4f:51:79:06:a3:50:e1:ec:
6b:53:e3:63:99:12:24:00:cb:99:9d:f7:b3:d3:90:
3d:9d:90:5a:2c:92:cd:20:5e:0a:65:20:47:e9:97:
9e:ef:27:9e:78:0b:f6:36:e6:99:cc:14:ab:ca:4a:
16:46:2f:6a:ba:1f:f2:e3:8f:47:9a:48:c0:bc:d8:
b8:f5:93:52:51:27:92:61:6b:88:35:4c:43:46:43:
a4:97:95:5d:76:e9:93:75:d3:96:94:dd:5f:34:4f:
f3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:81:81:C3:6D:74:C5:45:33:CF:3B:4D:25:C6:5F:53:53:D1:E1:C7
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/JYGBw210xUUzzztNJcZfU1PR4cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.246.0/24
185.170.11.0/24
188.211.164.0/23
193.3.55.0/24
Signature Algorithm: sha256WithRSAEncryption
81:58:b9:f4:9f:5c:7e:f4:c2:38:8e:67:d2:58:15:5c:7c:55:
0a:46:80:90:23:d5:3e:17:9e:f2:46:00:79:b2:2e:8b:63:00:
29:97:85:3a:f5:95:c9:07:97:0e:47:2d:83:5b:ee:90:50:84:
bd:fc:9e:b8:11:80:87:f2:ed:35:8a:a9:bf:02:d2:7b:e2:75:
92:d9:fe:aa:bc:2e:bf:f1:62:58:c2:47:5b:ed:e3:ed:f9:35:
0d:35:ff:ef:63:54:bf:c5:d9:16:92:5a:b1:13:63:d4:0c:6f:
a1:51:1e:1a:d5:d0:3b:2f:9c:bb:63:ab:a0:9c:02:8c:b2:a5:
61:76:e2:6e:8d:7a:d8:0a:a1:12:66:d9:fb:aa:1b:8d:09:5f:
cc:9c:06:59:68:c4:54:9a:97:38:d1:8c:50:27:55:8d:cb:7a:
3a:76:62:17:42:0b:e6:bd:7b:74:3d:02:c5:a9:b7:f0:1e:6b:
a8:e6:69:33:85:80:c2:49:88:5c:d1:d1:0e:67:f3:38:a0:00:
be:2b:04:22:d0:3c:ca:17:13:40:9e:08:84:41:56:97:31:9a:
2a:44:76:7e:65:32:fd:41:9e:cd:56:e4:94:09:af:37:a1:91:
33:24:e6:0e:86:62:d1:8e:ee:57:bb:a1:91:69:24:14:40:5b:
c4:da:6f:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFHlu9VKVkBnb/A9cZnO20HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwODEyMTcxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgxODFjMzZkNzRjNTQ1MzNjZjNiNGQyNWM2NWY1MzUzZDFlMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk6Vv4nseisEJsDPoAbAy+8Uetmk
5nSBJjq72T38y3ezjw7gTfOcD/3zFPyqQySLAlt3axpI8sc4fq1IV/+0C3n6YA5x
VHkZoUu3vcMP3QGSMjLzEjn/qcctW/++9gJ7WvheRk/h2LaUSj5JVr/mfnG6Bvd7
+XAWDsHW2Aqd0jeXPcIcEexP25MKEGv1CWy9IzhZCbUuhFHFRgygT1F5BqNQ4exr
U+NjmRIkAMuZnfez05A9nZBaLJLNIF4KZSBH6Zee7yeeeAv2NuaZzBSrykoWRi9q
uh/y449HmkjAvNi49ZNSUSeSYWuINUxDRkOkl5VddumTddOWlN1fNE/zpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCWBgcNtdMVFM887TSXGX1NT0eHHMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvSllHQncyMTB4VVV6enp0TkpjWmZVMVBSNGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSz2AwQA
uaoLAwQBvNOkAwQAwQM3MA0GCSqGSIb3DQEBCwUAA4IBAQCBWLn0n1x+9MI4jmfS
WBVcfFUKRoCQI9U+F57yRgB5si6LYwApl4U69ZXJB5cORy2DW+6QUIS9/J64EYCH
8u01iqm/AtJ74nWS2f6qvC6/8WJYwkdb7ePt+TUNNf/vY1S/xdkWklqxE2PUDG+h
UR4a1dA7L5y7Y6ugnAKMsqVhduJujXrYCqESZtn7qhuNCV/MnAZZaMRUmpc40YxQ
J1WNy3o6dmIXQgvmvXt0PQLFqbfwHmuo5mkzhYDCSYhc0dEOZ/M4oAC+KwQi0DzK
FxNAngiEQVaXMZoqRHZ+ZTL9QZ7NVuSUCa83oZEzJOYOhmLRju5Xu6GRaSQUQFvE
2m+F
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:50 2024 by rpki-client on console-fra.rpki-client.org