Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/jDFCxnkLzS4FMFKisncoKIYKliw.roa
File: jDFCxnkLzS4FMFKisncoKIYKliw.roa (raw, json)
Hash identifier: hs9Ep3SwMRgsMB3vq1Cmd1Wk8EAzo0RFuiqoaA6PdBU=
Subject key identifier: 8C:31:42:C6:79:0B:CD:2E:05:30:52:A2:B2:77:28:28:86:0A:96:2C
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018CC3488D81B507AD3453274DD90F2D96FE
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/jDFCxnkLzS4FMFKisncoKIYKliw.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13238
IP address blocks: 199.36.240.0/22 maxlen: 22
100.43.64.0/19 maxlen: 19
199.21.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8d:81:b5:07:ad:34:53:27:4d:d9:0f:2d:96:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c3142c6790bcd2e053052a2b2772828860a962c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:79:b9:74:2a:fb:bc:85:54:1c:4e:4e:8d:
6f:67:f0:8e:3c:3e:eb:86:a2:54:e2:25:4b:df:69:
f5:f4:0e:7f:3c:6c:8a:27:9e:5e:50:db:c6:13:48:
c8:3a:55:a3:ed:99:d3:20:b3:78:78:db:b8:9e:b7:
6c:7b:ef:88:b0:c6:6a:62:90:3d:18:6c:19:db:09:
ef:66:52:ff:f2:dc:92:05:65:e0:13:01:1e:04:d0:
e2:29:1e:35:b6:6a:3f:f8:2d:c9:04:03:51:2a:4a:
35:0c:69:c9:e3:47:85:11:2f:30:ad:14:da:50:34:
09:b7:55:bf:56:ca:74:b0:e7:80:35:90:87:66:a4:
0e:06:64:34:e9:28:38:87:28:38:10:b4:13:65:df:
7a:3e:6a:f8:d8:1a:3b:4d:c0:a6:d8:52:06:2c:47:
60:fb:9e:5b:fc:3a:20:aa:e1:b0:d4:2b:4a:d4:6f:
24:48:b2:65:34:8e:ba:9e:a2:42:d8:92:d4:4e:cb:
13:d4:c7:96:bb:a5:fb:99:d7:34:ac:40:bc:b1:b4:
7d:3d:c2:03:cf:b7:a2:b0:25:c5:57:eb:50:15:28:
36:7f:14:73:30:10:1e:f5:65:a5:10:8c:65:1b:66:
df:07:9e:4d:f0:c6:18:11:73:14:f0:b8:50:b5:17:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:31:42:C6:79:0B:CD:2E:05:30:52:A2:B2:77:28:28:86:0A:96:2C
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/jDFCxnkLzS4FMFKisncoKIYKliw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.43.64.0/19
199.21.96.0/22
199.36.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:2c:aa:d5:21:04:11:cb:22:50:68:ce:50:b9:df:92:23:cb:
29:f8:df:73:b0:1a:e5:d2:24:0b:14:da:6a:69:c2:50:5a:37:
50:70:87:2e:be:d4:28:93:c7:20:fb:c8:92:64:f4:6a:9c:95:
c4:5f:9a:1e:fe:00:38:f5:72:06:1c:f1:ff:1a:51:1b:ff:35:
7c:48:02:aa:aa:14:11:d2:01:74:f4:0f:36:82:d1:89:22:95:
b8:2c:94:b3:85:aa:7e:f9:e7:6a:90:48:72:5e:5f:67:08:84:
d6:dc:8e:fa:3f:51:e7:15:0c:71:19:04:65:d0:1a:6f:27:cd:
73:e2:76:54:02:a9:33:67:ef:d5:03:cb:44:a4:8d:9f:01:ff:
82:cc:6e:6c:83:2a:f6:eb:8d:c4:27:ba:ec:f4:10:32:10:b4:
93:df:f3:32:4f:14:e3:bf:71:26:df:ec:c2:8a:a2:7c:63:72:
22:98:ec:e3:0b:cb:68:f6:e9:2e:d2:bd:4b:fc:77:8a:f7:0f:
ef:13:6b:8e:9f:2d:05:2f:fa:83:52:b4:45:ca:a4:bf:d6:e9:
6f:c0:8c:35:77:b8:f7:be:be:fe:a9:6d:98:fc:5a:d0:19:60:
6a:c0:6f:18:f7:bb:1b:3d:32:22:a5:5b:54:b5:e5:c4:e4:99:
ec:8c:e5:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSI2BtQetNFMnTdkPLZb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzMxNDJjNjc5MGJjZDJlMDUzMDUyYTJiMjc3MjgyODg2MGE5NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn55uXQq+7yFVBxOTo1vZ/COPD7r
hqJU4iVL32n19A5/PGyKJ55eUNvGE0jIOlWj7ZnTILN4eNu4nrdse++IsMZqYpA9
GGwZ2wnvZlL/8tySBWXgEwEeBNDiKR41tmo/+C3JBANRKko1DGnJ40eFES8wrRTa
UDQJt1W/Vsp0sOeANZCHZqQOBmQ06Sg4hyg4ELQTZd96Pmr42Bo7TcCm2FIGLEdg
+55b/DogquGw1CtK1G8kSLJlNI66nqJC2JLUTssT1MeWu6X7mdc0rEC8sbR9PcID
z7eisCXFV+tQFSg2fxRzMBAe9WWlEIxlG2bfB55N8MYYEXMU8LhQtReqtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIwxQsZ5C80uBTBSorJ3KCiGCpYsMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvakRGQ3hua0x6UzRGTUZLaXNuY29LSVlLbGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFZCtAAwQC
xxVgAwQCxyTwMA0GCSqGSIb3DQEBCwUAA4IBAQAeLKrVIQQRyyJQaM5Qud+SI8sp
+N9zsBrl0iQLFNpqacJQWjdQcIcuvtQok8cg+8iSZPRqnJXEX5oe/gA49XIGHPH/
GlEb/zV8SAKqqhQR0gF09A82gtGJIpW4LJSzhap++edqkEhyXl9nCITW3I76P1Hn
FQxxGQRl0BpvJ81z4nZUAqkzZ+/VA8tEpI2fAf+CzG5sgyr2643EJ7rs9BAyELST
3/MyTxTjv3Em3+zCiqJ8Y3IimOzjC8to9uku0r1L/HeK9w/vE2uOny0FL/qDUrRF
yqS/1ulvwIw1d7j3vr7+qW2Y/FrQGWBqwG8Y97sbPTIipVtUteXE5JnsjOVb
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:55:41 2024 by rpki-client on console-ams.rpki-client.org