Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/jUtKE4FK6pP66kkBOjDDaGzwqCI.roa
File: jUtKE4FK6pP66kkBOjDDaGzwqCI.roa (raw, json)
Hash identifier: 3Zgj37u8D3PSrFTShPjOGOp6oxpXATBj2ullep6jG0A=
Subject key identifier: 8D:4B:4A:13:81:4A:EA:93:FA:EA:49:01:3A:30:C3:68:6C:F0:A8:22
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCE92FA638CA3A56EBCC4A572DB95
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/jUtKE4FK6pP66kkBOjDDaGzwqCI.roa
Signing time: Tue 02 Jan 2024 10:32:57 +0000
ROA not before: Tue 02 Jan 2024 10:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41694
IP address blocks: 195.56.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ce:92:fa:63:8c:a3:a5:6e:bc:c4:a5:72:db:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d4b4a13814aea93faea49013a30c3686cf0a822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cc:c7:71:9d:80:cb:c5:32:84:d7:67:a7:47:
bb:10:c4:98:b0:50:2c:da:5c:bf:fe:89:4a:88:4b:
97:90:06:f1:50:f4:06:12:32:80:8b:a1:0e:ae:50:
f5:09:e9:20:7c:0f:cd:91:58:05:ac:74:b6:88:41:
b1:55:8a:9f:0f:ad:5d:61:a0:42:92:36:06:11:19:
36:66:74:73:50:ac:47:5a:5f:96:60:ab:5d:32:4a:
78:64:4f:1f:6d:19:ce:f1:7b:83:89:45:20:9c:e5:
16:48:5b:33:a2:e6:92:18:53:52:a3:ae:96:f6:89:
cd:45:72:e8:e9:5e:0e:51:d0:27:b1:78:e2:da:09:
ac:e7:72:40:49:01:85:1d:36:b0:85:a2:17:59:7a:
48:03:7f:a9:49:15:25:3f:0c:97:9d:6d:e4:a0:5d:
1e:3a:81:15:19:59:1a:aa:3f:41:60:b2:de:39:6d:
ae:bf:2a:92:4b:09:d1:75:f3:96:5d:29:ae:50:ee:
c4:fb:9a:8d:b4:4f:b3:5b:eb:d0:86:5c:55:4c:73:
10:9d:ce:cf:3c:25:aa:09:52:7e:92:d6:0d:78:09:
74:8b:b6:89:56:5b:9b:00:7e:c8:62:e6:b9:f9:ec:
87:0b:35:09:b2:81:ba:d1:50:21:3b:c9:2c:0a:90:
d7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4B:4A:13:81:4A:EA:93:FA:EA:49:01:3A:30:C3:68:6C:F0:A8:22
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/jUtKE4FK6pP66kkBOjDDaGzwqCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.56.199.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7e:61:7f:62:a6:57:fe:28:7b:7f:61:d4:bf:c9:7a:43:1c:
d5:d1:b0:4c:f8:80:77:d4:ff:c1:0e:44:fd:88:5f:1f:1f:ce:
bc:e8:31:0f:e4:16:8b:28:e4:60:8c:19:d3:12:a3:21:23:de:
82:29:e1:b4:8c:cc:52:0c:aa:5c:e7:c3:dc:8e:ee:f6:e6:84:
51:d7:32:a3:2f:0e:71:cc:2e:98:6a:79:be:46:71:7c:09:31:
05:f9:49:0a:fd:62:39:89:2b:a1:6d:43:cd:60:8a:c0:9a:1f:
bb:92:83:0f:d9:c2:92:34:88:be:39:54:b0:69:d2:49:24:d3:
cd:01:c6:0a:5c:2b:20:84:fe:65:cc:01:1e:98:b2:5c:d3:38:
a6:60:27:ad:07:16:60:29:ec:20:f3:ed:f2:dd:6f:d6:c8:4b:
11:ba:23:8f:f6:3c:22:f4:d7:78:64:79:c1:0f:0e:a8:a2:ba:
71:b7:98:09:08:b7:84:ab:f5:e9:ce:b2:2a:3c:8c:b7:b7:d5:
70:f4:ef:59:b1:07:7f:46:fd:39:c4:39:0b:5a:c0:7a:1f:ae:
22:76:44:56:d4:a2:88:f1:cf:4d:87:f6:7c:c4:37:8f:d7:c2:
fd:03:4b:5e:a9:b3:04:99:45:f3:d9:e8:e0:82:f8:f1:f7:cd:
b1:cf:09:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu86S+mOMo6VuvMSlctuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDRiNGExMzgxNGFlYTkzZmFlYTQ5MDEzYTMwYzM2ODZjZjBhODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8zHcZ2Ay8UyhNdnp0e7EMSYsFAs
2ly//olKiEuXkAbxUPQGEjKAi6EOrlD1CekgfA/NkVgFrHS2iEGxVYqfD61dYaBC
kjYGERk2ZnRzUKxHWl+WYKtdMkp4ZE8fbRnO8XuDiUUgnOUWSFszouaSGFNSo66W
9onNRXLo6V4OUdAnsXji2gms53JASQGFHTawhaIXWXpIA3+pSRUlPwyXnW3koF0e
OoEVGVkaqj9BYLLeOW2uvyqSSwnRdfOWXSmuUO7E+5qNtE+zW+vQhlxVTHMQnc7P
PCWqCVJ+ktYNeAl0i7aJVlubAH7IYua5+eyHCzUJsoG60VAhO8ksCpDXRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1LShOBSuqT+upJAToww2hs8KgiMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvalV0S0U0Rks2cFA2NmtrQk9qRERhR3p3cUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzjHMA0G
CSqGSIb3DQEBCwUAA4IBAQB5fmF/YqZX/ih7f2HUv8l6QxzV0bBM+IB31P/BDkT9
iF8fH8686DEP5BaLKORgjBnTEqMhI96CKeG0jMxSDKpc58Pcju725oRR1zKjLw5x
zC6Yanm+RnF8CTEF+UkK/WI5iSuhbUPNYIrAmh+7koMP2cKSNIi+OVSwadJJJNPN
AcYKXCsghP5lzAEemLJc0zimYCetBxZgKewg8+3y3W/WyEsRuiOP9jwi9Nd4ZHnB
Dw6oorpxt5gJCLeEq/XpzrIqPIy3t9Vw9O9ZsQd/Rv05xDkLWsB6H64idkRW1KKI
8c9Nh/Z8xDeP18L9A0teqbMEmUXz2ejggvjx982xzwnb
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:08 2024 by rpki-client on console-ams.rpki-client.org