Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/d-J-JzSjDy0d7b0jm7GYnmpfl5I.roa
File: d-J-JzSjDy0d7b0jm7GYnmpfl5I.roa (raw, json)
Hash identifier: 6BsjdmSa5vwVYH8KiVWTftshi6Gm4LwHlHsjJQZL0ic=
Subject key identifier: 77:E2:7E:27:34:A3:0F:2D:1D:ED:BD:23:9B:B1:98:9E:6A:5F:97:92
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 018CC26D10BE0D481DAA56CEE58BA94E8452
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/d-J-JzSjDy0d7b0jm7GYnmpfl5I.roa
Signing time: Mon 01 Jan 2024 00:29:36 +0000
ROA not before: Mon 01 Jan 2024 00:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58069
IP address blocks: 157.180.228.0/22 maxlen: 22
157.180.232.0/22 maxlen: 22
192.108.45.0/24 maxlen: 24
192.108.46.0/23 maxlen: 23
192.108.68.0/24 maxlen: 24
2a00:139c::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:10:be:0d:48:1d:aa:56:ce:e5:8b:a9:4e:84:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 00:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77e27e2734a30f2d1dedbd239bb1989e6a5f9792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ba:ce:9e:9d:44:a5:47:45:37:44:ff:9d:66:
bd:cb:e8:37:ae:60:77:e9:3b:65:99:d2:10:89:f2:
e4:ea:c8:1b:32:22:e1:4a:6c:e9:28:31:1b:eb:41:
2c:29:e1:ba:72:6c:65:4f:85:e6:c3:76:a5:83:f0:
2e:66:2a:3e:29:c3:1d:ca:7b:a1:82:47:39:6f:18:
0a:84:86:87:d2:ec:3d:35:e0:83:9d:37:e4:68:4d:
02:11:ce:76:f0:6c:9c:e4:49:0e:12:84:32:2b:a0:
56:8e:39:86:74:c6:8d:1e:35:a4:9a:98:4d:5c:f5:
df:24:23:af:8d:60:b6:2e:a5:70:01:54:ef:5f:31:
b4:bf:c3:ff:0b:1a:16:06:6d:c3:dd:76:c9:05:4e:
b3:7d:d6:02:7a:04:a1:ed:42:6b:8c:ae:87:86:9c:
89:2c:a6:91:3e:95:84:c4:81:52:88:e5:a6:d3:68:
4e:52:40:b6:66:f8:99:64:af:03:f4:5b:32:a9:d7:
a0:ae:a8:8a:05:7f:4d:7f:c2:d1:fc:bf:46:8d:98:
1c:69:e6:2e:e4:a1:56:ee:46:75:48:55:41:3f:51:
29:7e:56:85:d6:dc:59:6f:24:25:24:f7:66:1f:03:
af:61:56:e1:d4:29:ea:41:53:05:c2:03:5a:86:65:
d5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E2:7E:27:34:A3:0F:2D:1D:ED:BD:23:9B:B1:98:9E:6A:5F:97:92
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/d-J-JzSjDy0d7b0jm7GYnmpfl5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.180.228.0-157.180.235.255
192.108.45.0-192.108.47.255
192.108.68.0/24
IPv6:
2a00:139c::/32
Signature Algorithm: sha256WithRSAEncryption
92:e6:1d:5d:63:53:20:1f:13:9b:1a:d9:0e:ee:23:5e:f1:3e:
b3:b6:c8:27:2d:ec:5b:62:6a:b2:07:95:91:86:5e:ad:f7:2f:
12:76:bc:20:bf:69:7a:f2:63:2d:99:63:46:5f:1c:bf:47:32:
01:79:53:66:83:c8:82:dd:2c:b8:3c:95:23:d7:3d:b6:32:33:
bd:a7:f6:17:54:0d:ad:1f:55:9c:1b:ae:af:a0:f6:a6:b5:35:
ff:83:55:c6:a9:d0:50:ef:98:79:6b:14:7e:4d:ca:ac:59:e7:
5b:74:f4:91:d7:b4:7e:7c:22:80:e4:69:59:b8:69:1a:a2:f1:
23:7d:09:9d:4a:89:54:b4:f7:5e:23:bd:38:68:38:4f:9c:4e:
ea:6a:e5:fa:54:6e:43:06:6f:86:d3:61:be:21:c6:4c:9a:14:
e7:20:05:d7:23:58:4f:f6:23:aa:a1:a3:59:78:4c:84:cd:b5:
bd:be:df:c3:19:c3:eb:88:7a:a1:b7:c8:af:da:f2:d9:30:79:
7e:bc:7c:84:1c:84:74:14:57:79:15:9c:a7:ca:ae:81:22:26:
5d:53:db:fa:78:de:f5:02:0f:84:b2:4a:6d:c9:f4:ab:d9:37:
8f:1f:53:3f:d2:d6:0d:dd:56:30:15:45:78:04:bc:9e:4c:5e:
37:ee:d3:90
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzCbRC+DUgdqlbO5YupToRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjQwMTAxMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2UyN2UyNzM0YTMwZjJkMWRlZGJkMjM5YmIxOTg5ZTZhNWY5NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbrOnp1EpUdFN0T/nWa9y+g3rmB3
6TtlmdIQifLk6sgbMiLhSmzpKDEb60EsKeG6cmxlT4Xmw3alg/AuZio+KcMdynuh
gkc5bxgKhIaH0uw9NeCDnTfkaE0CEc528Gyc5EkOEoQyK6BWjjmGdMaNHjWkmphN
XPXfJCOvjWC2LqVwAVTvXzG0v8P/CxoWBm3D3XbJBU6zfdYCegSh7UJrjK6HhpyJ
LKaRPpWExIFSiOWm02hOUkC2ZviZZK8D9FsyqdegrqiKBX9Nf8LR/L9GjZgcaeYu
5KFW7kZ1SFVBP1EpflaF1txZbyQlJPdmHwOvYVbh1CnqQVMFwgNahmXVNwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHfific0ow8tHe29I5uxmJ5qX5eSMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvZC1KLUp6U2pEeTBkN2Iwam03R1lubXBmbDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAKdtOQD
BAKdtOgwDAMEAMBsLQMEBMBsIAMEAMBsRDANBAIAAjAHAwUAKgATnDANBgkqhkiG
9w0BAQsFAAOCAQEAkuYdXWNTIB8TmxrZDu4jXvE+s7bIJy3sW2JqsgeVkYZerfcv
Ena8IL9pevJjLZljRl8cv0cyAXlTZoPIgt0suDyVI9c9tjIzvaf2F1QNrR9VnBuu
r6D2prU1/4NVxqnQUO+YeWsUfk3KrFnnW3T0kde0fnwigORpWbhpGqLxI30JnUqJ
VLT3XiO9OGg4T5xO6mrl+lRuQwZvhtNhviHGTJoU5yAF1yNYT/YjqqGjWXhMhM21
vb7fwxnD64h6obfIr9ry2TB5frx8hByEdBRXeRWcp8qugSImXVPb+nje9QIPhLJK
bcn0q9k3jx9TP9LWDd1WMBVFeAS8nkxeN+7TkA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:36 2024 by rpki-client on console-ams.rpki-client.org