Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/JbNoC95w1JQtWygUocBhQxahhfw.roa
File: JbNoC95w1JQtWygUocBhQxahhfw.roa (raw, json)
Hash identifier: oSqHY8wrfsHUCJnTv6dBbHL24NN7EUdvpj9xGsnyrLY=
Subject key identifier: 25:B3:68:0B:DE:70:D4:94:2D:5B:28:14:A1:C0:61:43:16:A1:85:FC
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018CC26D562131FC645CBBE54D4CE9B6B9DA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/JbNoC95w1JQtWygUocBhQxahhfw.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208861
IP address blocks: 2a0a:4780::/32 maxlen: 32
2a0d:60c1::/32 maxlen: 32
2a0f:cc82::/32 maxlen: 32
2a0a:4782::/32 maxlen: 32
2a0a:4783::/32 maxlen: 32
2a0a:4781::/32 maxlen: 32
2a05:fb45::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:56:21:31:fc:64:5c:bb:e5:4d:4c:e9:b6:b9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25b3680bde70d4942d5b2814a1c0614316a185fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:03:10:d9:aa:a6:ff:1c:ab:6e:b7:9c:d7:32:
ab:9c:3a:34:5e:41:e3:61:4b:89:01:89:45:f2:53:
8b:7e:8c:d2:39:00:23:17:56:cb:be:39:42:67:38:
08:66:12:bd:cf:ec:e9:05:54:1f:ca:af:a9:a6:87:
f0:6f:ae:03:e3:8d:c2:a0:45:0f:f6:8c:cb:ff:52:
10:1a:27:cd:5b:7f:8b:4a:a1:fb:0f:ce:f3:99:13:
f9:3e:b8:68:bb:3c:c7:0c:89:00:96:ac:16:b7:c3:
19:e2:31:c8:d8:94:5e:c0:d4:a0:66:8c:ef:47:78:
23:33:71:7a:72:03:2a:6c:18:93:cc:32:b6:c8:d1:
0a:ec:69:98:d7:5d:3e:77:da:9d:e7:9e:28:fb:de:
4b:39:b4:7e:70:18:ec:a1:80:b8:d1:88:6b:e7:7b:
14:0e:59:46:3c:c2:d1:f3:13:f6:34:26:2a:2b:89:
25:20:dc:02:46:a6:a0:1e:2f:b8:99:c9:b8:f4:03:
2e:36:cd:f6:87:26:37:50:ac:55:cb:e0:ac:a1:c8:
30:bf:4c:21:ef:95:64:4e:69:de:6d:1c:fe:5c:79:
4c:3e:5c:6c:35:6b:c3:b8:b0:15:f3:3f:72:cf:dc:
ea:6d:2c:84:e4:2f:08:68:81:fd:a2:b9:5d:37:58:
e5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B3:68:0B:DE:70:D4:94:2D:5B:28:14:A1:C0:61:43:16:A1:85:FC
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/JbNoC95w1JQtWygUocBhQxahhfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:fb45::/32
2a0a:4780::/30
2a0d:60c1::/32
2a0f:cc82::/32
Signature Algorithm: sha256WithRSAEncryption
07:e6:e9:47:00:dc:77:ea:20:90:05:7d:78:c3:81:f2:04:d8:
3d:d4:fd:03:2f:53:ab:04:28:5c:67:50:d0:39:61:db:9d:87:
89:fa:65:74:37:d7:12:17:84:9a:87:01:09:10:3c:f8:cf:49:
25:99:85:80:90:39:f9:e6:8b:b6:2e:3f:ff:64:22:2c:3e:fa:
ec:b9:e7:fe:4e:b5:e6:93:2e:95:50:d5:61:0e:7e:23:fd:2a:
31:bb:1c:29:de:0a:79:5c:4e:a5:4f:ee:b4:e6:63:7c:e3:70:
7d:50:ee:e0:8f:85:36:62:24:19:36:8b:26:70:5a:94:b2:d5:
37:7d:55:05:f1:68:bf:a6:1c:87:d0:c2:dc:99:a8:07:1d:2d:
f4:e1:51:bd:ce:7c:05:4f:65:e5:d1:5c:d3:cd:5d:16:03:65:
53:a3:d6:f7:ac:11:3b:ed:95:da:69:b5:e6:1f:25:34:7e:1d:
a4:2f:5f:5f:e1:4a:3c:af:7e:8b:7e:84:79:58:98:f2:98:43:
99:c2:0e:26:3b:bf:67:cd:ca:fb:c4:59:25:b1:6b:90:c0:72:
ab:82:21:6b:9d:a3:22:a1:56:4b:38:92:51:4d:4f:5d:24:43:
35:7e:0a:3e:d4:fb:c7:7c:e4:1d:9f:e0:76:ad:44:0d:ed:02:
ca:9d:42:3b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzCbVYhMfxkXLvlTUzptrnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWIzNjgwYmRlNzBkNDk0MmQ1YjI4MTRhMWMwNjE0MzE2YTE4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAMQ2aqm/xyrbrec1zKrnDo0XkHj
YUuJAYlF8lOLfozSOQAjF1bLvjlCZzgIZhK9z+zpBVQfyq+ppofwb64D443CoEUP
9ozL/1IQGifNW3+LSqH7D87zmRP5PrhouzzHDIkAlqwWt8MZ4jHI2JRewNSgZozv
R3gjM3F6cgMqbBiTzDK2yNEK7GmY110+d9qd554o+95LObR+cBjsoYC40Yhr53sU
DllGPMLR8xP2NCYqK4klINwCRqagHi+4mcm49AMuNs32hyY3UKxVy+Csocgwv0wh
75VkTmnebRz+XHlMPlxsNWvDuLAV8z9yz9zqbSyE5C8IaIH9orldN1jlvwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCWzaAvecNSULVsoFKHAYUMWoYX8MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvSmJOb0M5NXcxSlF0V3lnVW9jQmhReGFoaGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgX7RQMF
AioKR4ADBQAqDWDBAwUAKg/MgjANBgkqhkiG9w0BAQsFAAOCAQEAB+bpRwDcd+og
kAV9eMOB8gTYPdT9Ay9TqwQoXGdQ0Dlh252HifpldDfXEheEmocBCRA8+M9JJZmF
gJA5+eaLti4//2QiLD767Lnn/k615pMulVDVYQ5+I/0qMbscKd4KeVxOpU/utOZj
fONwfVDu4I+FNmIkGTaLJnBalLLVN31VBfFov6Ych9DC3JmoBx0t9OFRvc58BU9l
5dFc081dFgNlU6PW96wRO+2V2mm15h8lNH4dpC9fX+FKPK9+i36EeViY8phDmcIO
Jju/Z83K+8RZJbFrkMByq4Iha52jIqFWSziSUU1PXSRDNX4KPtT7x3zkHZ/gdq1E
De0Cyp1COw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:52:44 2024 by rpki-client on console-ams.rpki-client.org