Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/J89YDoh5xEhrAqWYoSbRFH0kBnc.roa
File: J89YDoh5xEhrAqWYoSbRFH0kBnc.roa (raw, json)
Hash identifier: tVTN4GazW+bCd2G+xQZlMCcB0wXmPU0V9wgsT43bx/I=
Subject key identifier: 27:CF:58:0E:88:79:C4:48:6B:02:A5:98:A1:26:D1:14:7D:24:06:77
Certificate issuer: /CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Certificate serial: 018CC9BC4F102F594CD4F3D5E35EA3CE93B3
Authority key identifier: 08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/J89YDoh5xEhrAqWYoSbRFH0kBnc.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21472
IP address blocks: 162.33.228.0/23 maxlen: 23
5.2.16.0/21 maxlen: 21
5.2.16.0/23 maxlen: 23
5.2.18.0/23 maxlen: 23
5.2.23.0/24 maxlen: 24
5.2.20.0/23 maxlen: 23
185.79.56.0/24 maxlen: 24
185.79.56.0/22 maxlen: 22
185.229.40.0/22 maxlen: 22
185.149.176.0/22 maxlen: 22
195.49.144.0/22 maxlen: 22
91.224.190.0/23 maxlen: 23
2a00:e740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:4f:10:2f:59:4c:d4:f3:d5:e3:5e:a3:ce:93:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27cf580e8879c4486b02a598a126d1147d240677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:48:c0:b5:af:00:33:87:10:4c:ed:41:81:
75:da:39:86:c5:1c:2a:f7:ea:ae:a8:8e:ac:c6:79:
2e:89:ed:9d:83:c7:9a:78:2a:41:d0:1c:77:02:35:
3e:60:60:c0:50:f0:70:70:1a:fc:3e:a4:8f:ce:0f:
9f:d6:b9:93:84:9d:4d:ef:4d:b4:78:49:2d:d5:33:
2c:31:17:3c:6c:1d:ee:1d:0c:2b:2f:b3:ea:bf:a7:
1d:89:54:e3:23:1a:1b:d6:08:07:f1:8b:ad:16:2b:
11:b4:aa:8e:50:74:9a:79:40:ea:26:a0:64:e5:15:
35:82:5c:de:d2:90:6b:52:6e:4b:67:80:08:dc:94:
cc:f2:b7:a7:35:52:3b:27:72:b9:38:e5:c5:5e:46:
5a:30:71:0d:4f:3b:34:a4:4a:22:9d:df:5a:1f:e9:
a1:60:b1:35:36:6e:63:c2:99:f0:69:65:9b:c0:39:
ad:c8:06:e4:9d:f7:eb:92:6f:c8:9c:cc:4b:19:94:
cf:76:d4:25:df:7b:a1:bd:42:f5:5a:7f:eb:4c:80:
3b:34:b5:33:55:92:c3:18:c0:4d:3e:bb:53:22:1e:
f9:49:41:af:c3:23:73:e1:3a:63:b4:83:ef:8a:77:
b0:eb:31:0f:3b:d4:11:2e:41:c3:dc:a7:24:86:46:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CF:58:0E:88:79:C4:48:6B:02:A5:98:A1:26:D1:14:7D:24:06:77
X509v3 Authority Key Identifier:
keyid:08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/J89YDoh5xEhrAqWYoSbRFH0kBnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.16.0/21
91.224.190.0/23
162.33.228.0/23
185.79.56.0/22
185.149.176.0/22
185.229.40.0/22
195.49.144.0/22
IPv6:
2a00:e740::/32
Signature Algorithm: sha256WithRSAEncryption
09:10:07:dd:e1:42:9f:37:3c:87:fe:85:48:4f:b1:d8:ad:72:
bd:e2:8e:ea:97:42:80:a9:14:40:44:5d:3a:95:e3:03:e0:f4:
51:fc:7d:ef:61:9f:5a:48:4e:79:62:bc:ac:14:47:72:81:d1:
3d:30:5b:12:8e:58:2b:77:83:87:af:a3:65:58:db:07:5c:a7:
04:91:75:98:e9:c6:37:c4:3f:b3:29:3f:49:f1:bf:c8:22:33:
15:7a:6d:ea:04:00:79:90:23:1c:6b:88:fe:a7:0b:91:6a:b0:
24:ef:c7:1b:31:19:6c:52:a4:5d:21:e4:e8:e5:9d:6d:76:75:
07:22:75:3e:6c:9e:08:49:79:31:09:8b:99:9f:df:fb:a6:00:
bd:2b:48:63:dd:fb:4f:3d:c5:49:2a:36:ad:05:69:fe:4b:d1:
b7:76:95:39:31:e2:bb:95:88:1d:a9:28:d6:ab:3f:42:61:72:
78:36:60:77:fc:b1:00:af:a2:6b:a9:fb:b3:6d:67:6c:d7:be:
47:a5:f8:af:85:13:a7:76:c8:33:59:da:70:3a:0d:4d:1d:21:
10:92:e6:63:7a:fe:4f:5c:7a:bb:0e:0c:10:19:7a:1d:c0:ee:
0e:80:29:ef:c3:16:1c:35:87:d7:e7:4c:e2:f2:a9:5f:17:0a:
8a:21:c0:34
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJvE8QL1lM1PPV416jzpOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OTUzYTVmMTFhODI3OWNkZjg3OTg5NjBkZTFlMjJlYjEy
MjdkOTUwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NmNTgwZTg4NzljNDQ4NmIwMmE1OThhMTI2ZDExNDdkMjQwNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2tIwLWvADOHEEztQYF12jmGxRwq
9+quqI6sxnkuie2dg8eaeCpB0Bx3AjU+YGDAUPBwcBr8PqSPzg+f1rmThJ1N7020
eEkt1TMsMRc8bB3uHQwrL7Pqv6cdiVTjIxob1ggH8YutFisRtKqOUHSaeUDqJqBk
5RU1glze0pBrUm5LZ4AI3JTM8renNVI7J3K5OOXFXkZaMHENTzs0pEoind9aH+mh
YLE1Nm5jwpnwaWWbwDmtyAbknffrkm/InMxLGZTPdtQl33uhvUL1Wn/rTIA7NLUz
VZLDGMBNPrtTIh75SUGvwyNz4TpjtIPvinew6zEPO9QRLkHD3KckhkZpJwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCfPWA6IecRIawKlmKEm0RR9JAZ3MB8GA1UdIwQY
MBaAFAiVOl8RqCec34eYlg3h4i6xIn2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2It
NzExNjk1NjdlMzljLzEvSjg5WURvaDV4RWhyQXFXWW9TYlJGSDBrQm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2ItNzExNjk1NjdlMzlj
LzEvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBQIQAwQB
W+C+AwQBoiHkAwQCuU84AwQCuZWwAwQCueUoAwQCwzGQMA0EAgACMAcDBQAqAOdA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJEAfd4UKfNzyH/oVIT7HYrXK94o7ql0KAqRRA
RF06leMD4PRR/H3vYZ9aSE55YrysFEdygdE9MFsSjlgrd4OHr6NlWNsHXKcEkXWY
6cY3xD+zKT9J8b/IIjMVem3qBAB5kCMca4j+pwuRarAk78cbMRlsUqRdIeTo5Z1t
dnUHInU+bJ4ISXkxCYuZn9/7pgC9K0hj3ftPPcVJKjatBWn+S9G3dpU5MeK7lYgd
qSjWqz9CYXJ4NmB3/LEAr6JrqfuzbWds175HpfivhROndsgzWdpwOg1NHSEQkuZj
ev5PXHq7DgwQGXodwO4OgCnvwxYcNYfX50zi8qlfFwqKIcA0
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:14 2024 by rpki-client on console-ams.rpki-client.org