Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/jxS2wXeG6lxvCjcAhghQuvJS5_I.roa
File: jxS2wXeG6lxvCjcAhghQuvJS5_I.roa (raw, json)
Hash identifier: qZf2LOxcGWVBHKceml47Tqbbv5T/aJ5F5PubfrwiV0Q=
Subject key identifier: 8F:14:B6:C1:77:86:EA:5C:6F:0A:37:00:86:08:50:BA:F2:52:E7:F2
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 018CC79368D0AFCEECCE787B9238DE9BE5B7
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/jxS2wXeG6lxvCjcAhghQuvJS5_I.roa
Signing time: Tue 02 Jan 2024 00:29:35 +0000
ROA not before: Tue 02 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.88.0/24 maxlen: 24
141.101.89.0/24 maxlen: 24
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3614::/48 maxlen: 48
2a06:98c0:360f::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3615::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3613::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:3610::/48 maxlen: 48
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3611::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:68:d0:af:ce:ec:ce:78:7b:92:38:de:9b:e5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 2 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f14b6c17786ea5c6f0a3700860850baf252e7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e9:90:f9:3d:73:37:a0:16:f3:d5:0a:1f:42:
0e:e1:17:9e:82:dc:31:15:ea:37:3d:3e:eb:d0:2d:
c3:8a:35:68:35:2b:f0:45:cd:2e:f0:9a:a1:3e:73:
49:c7:50:4c:46:1b:31:45:1e:3e:43:a5:eb:be:d7:
4a:af:da:46:00:b3:d2:48:a1:17:b8:b0:6d:9f:57:
4d:52:63:d9:dc:b3:20:c1:58:5e:95:94:55:94:64:
98:be:c6:1a:a6:e8:10:11:94:1e:06:8b:b0:81:24:
3b:a1:39:ad:e7:42:bb:5e:ea:0d:40:2b:e6:8e:60:
bd:fc:15:c7:90:ad:6b:06:96:42:86:26:44:9b:3d:
37:0f:c2:21:dd:79:c0:1c:3d:a6:24:59:66:40:ea:
13:8e:de:35:f3:e6:a8:b4:12:49:c4:70:9d:d0:d5:
27:42:6c:23:90:b2:44:0e:4c:a5:63:21:33:ff:ac:
11:8c:2e:6f:db:36:d6:4c:a5:f4:e2:b2:3e:00:de:
81:2f:8c:1b:02:9e:0d:df:ae:d5:8c:aa:50:90:b2:
16:55:81:02:ae:af:51:d5:84:86:46:70:75:a0:1a:
0c:26:f6:79:64:34:7f:f1:9b:2e:2b:3b:ab:e7:12:
a8:0f:7c:0a:f5:44:3a:f7:a1:84:51:41:aa:4b:c5:
5c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:14:B6:C1:77:86:EA:5C:6F:0A:37:00:86:08:50:BA:F2:52:E7:F2
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/jxS2wXeG6lxvCjcAhghQuvJS5_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360f::-2a06:98c0:3611:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3613::-2a06:98c0:3615:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:b8:15:3a:11:d8:ed:53:1f:f7:c6:87:9b:62:05:84:4b:14:
21:30:00:9f:5e:2f:94:79:0f:4e:79:98:61:1a:4d:fa:1a:1c:
ea:7c:e2:7e:49:fb:58:a0:50:b3:96:9f:e1:61:a1:13:65:48:
87:2a:9b:10:4e:16:0d:69:ae:43:f1:3e:8c:58:df:01:33:a1:
93:38:be:8a:7b:f9:03:87:80:f9:03:2b:1a:40:86:07:4b:39:
22:af:37:9c:7e:54:1a:b1:9e:98:b8:10:c8:1e:82:f0:ce:0d:
61:8b:d1:70:c1:86:cd:eb:2a:46:b7:84:e9:4e:c3:24:10:93:
e7:c4:ed:88:a9:d6:db:eb:96:f9:1d:0a:ec:ad:be:b7:6f:42:
6e:cc:7c:f2:cf:a4:12:18:ea:76:30:5f:e2:be:8d:1d:50:72:
c5:73:d4:0d:ba:c2:bb:25:ea:c3:f7:92:f1:09:25:4d:cc:27:
63:4c:77:8b:d4:fa:ea:e0:cf:fc:ce:2e:7c:53:59:bd:45:6c:
93:41:27:ac:81:dd:66:12:81:1a:53:bc:81:26:3b:06:27:e9:
18:e6:62:7c:a2:2b:da:48:27:14:a7:ed:5d:41:23:97:12:74:
2d:c7:af:df:84:f2:85:bf:a2:28:a5:64:6b:23:89:9a:d7:64:
8d:3d:8c:23
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYzHk2jQr87sznh7kjjem+W3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjQwMTAyMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjE0YjZjMTc3ODZlYTVjNmYwYTM3MDA4NjA4NTBiYWYyNTJlN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOmQ+T1zN6AW89UKH0IO4Reegtwx
Feo3PT7r0C3DijVoNSvwRc0u8JqhPnNJx1BMRhsxRR4+Q6XrvtdKr9pGALPSSKEX
uLBtn1dNUmPZ3LMgwVhelZRVlGSYvsYapugQEZQeBouwgSQ7oTmt50K7XuoNQCvm
jmC9/BXHkK1rBpZChiZEmz03D8Ih3XnAHD2mJFlmQOoTjt418+aotBJJxHCd0NUn
QmwjkLJEDkylYyEz/6wRjC5v2zbWTKX04rI+AN6BL4wbAp4N367VjKpQkLIWVYEC
rq9R1YSGRnB1oBoMJvZ5ZDR/8ZsuKzur5xKoD3wK9UQ696GEUUGqS8VcwQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFI8UtsF3hupcbwo3AIYIULryUufyMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvanhTMndYZUc2bHh2Q2pjQWhnaFF1dkpTNV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAMBAIAATAGAwQBjWVYMEEE
AgACMDswEQMGASoGmMA2AwcBKgaYwDYMMBIDBwAqBpjANg8DBwEqBpjANhAwEgMH
ACoGmMA2EwMHASoGmMA2FDANBgkqhkiG9w0BAQsFAAOCAQEATrgVOhHY7VMf98aH
m2IFhEsUITAAn14vlHkPTnmYYRpN+hoc6nzifkn7WKBQs5af4WGhE2VIhyqbEE4W
DWmuQ/E+jFjfATOhkzi+inv5A4eA+QMrGkCGB0s5Iq83nH5UGrGemLgQyB6C8M4N
YYvRcMGGzesqRreE6U7DJBCT58TtiKnW2+uW+R0K7K2+t29Cbsx88s+kEhjqdjBf
4r6NHVByxXPUDbrCuyXqw/eS8QklTcwnY0x3i9T66uDP/M4ufFNZvUVsk0EnrIHd
ZhKBGlO8gSY7BifpGOZifKIr2kgnFKftXUEjlxJ0Lcev34Tyhb+iKKVkayOJmtdk
jT2MIw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:35:00 2024 by rpki-client on console-fra.rpki-client.org