Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jCawNqW1bFrO0a9T0PNN7jTEp24.roa
File: jCawNqW1bFrO0a9T0PNN7jTEp24.roa (raw, json)
Hash identifier: fjzG/n7lC3tpfGZ1jbgXVeqAX6hrWtH+zZcK9wa5l7Q=
Subject key identifier: 8C:26:B0:36:A5:B5:6C:5A:CE:D1:AF:53:D0:F3:4D:EE:34:C4:A7:6E
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01928BADBBE0A7D74A73624E0AF0DCD74F6C
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jCawNqW1bFrO0a9T0PNN7jTEp24.roa
Signing time: Mon 14 Oct 2024 15:37:51 +0000
ROA not before: Mon 14 Oct 2024 15:37:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 91.184.240.0/22 maxlen: 24
91.184.254.0/23 maxlen: 24
109.172.94.0/23 maxlen: 24
185.197.74.0/24 maxlen: 24
185.230.143.0/24 maxlen: 24
193.188.20.0/24 maxlen: 24
193.188.21.0/24 maxlen: 24
193.188.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:ad:bb:e0:a7:d7:4a:73:62:4e:0a:f0:dc:d7:4f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 14 15:37:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c26b036a5b56c5aced1af53d0f34dee34c4a76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1b:f9:17:f9:a7:b7:38:da:15:30:54:65:05:
e2:96:f5:a5:e6:2a:c6:73:ce:34:23:f6:ae:41:07:
58:de:91:09:04:cc:df:db:fa:a5:1b:da:6d:be:aa:
16:3d:cf:fd:6e:d6:03:99:14:db:4a:aa:3c:90:ce:
84:bb:74:b9:2c:3b:7f:43:37:57:4b:b9:3d:c6:12:
db:7c:7c:e9:63:f7:51:b5:05:79:69:26:46:62:dd:
1d:8b:4c:d0:5c:af:c2:c6:2d:73:1f:a4:13:39:f8:
78:74:d8:bc:ab:42:57:60:76:e2:92:da:b2:d1:e5:
5f:93:00:f2:12:3b:f9:4d:46:27:3e:a0:9d:1b:fd:
46:15:1d:6e:78:69:f9:4f:dc:f8:1d:ed:25:fe:9c:
27:00:a7:fb:be:d2:24:6b:ca:58:a4:d8:86:ee:31:
1a:36:c3:96:7b:08:81:13:e6:e5:85:0a:6b:a2:f6:
19:9d:2b:c9:bf:42:c2:b6:0c:cd:c9:00:d7:a0:30:
fa:7f:69:3d:06:e7:9b:42:4c:55:a9:ce:98:45:f8:
7f:e2:56:b9:60:f0:cf:d5:9a:8d:63:a8:a5:00:55:
b9:05:ba:5e:e0:ba:6d:68:58:78:7a:41:4d:7f:68:
54:26:d1:0f:16:ed:bc:e5:d9:1a:9f:25:bc:9c:0b:
17:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:26:B0:36:A5:B5:6C:5A:CE:D1:AF:53:D0:F3:4D:EE:34:C4:A7:6E
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/jCawNqW1bFrO0a9T0PNN7jTEp24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.240.0/22
91.184.254.0/23
109.172.94.0/23
185.197.74.0/24
185.230.143.0/24
193.188.20.0-193.188.22.255
Signature Algorithm: sha256WithRSAEncryption
b2:e0:e4:48:a9:56:8a:ca:fd:d5:dd:b9:c0:40:0a:57:e3:10:
46:15:c2:a5:92:71:ce:cb:c3:2b:2d:21:f1:29:50:0e:63:e2:
9b:9f:95:c2:9f:e3:b2:f2:81:f3:38:90:35:13:24:aa:4d:7d:
d3:a4:35:17:40:dc:21:3a:24:0a:79:23:8c:c2:ee:8a:96:f2:
74:c8:92:91:b7:49:46:c5:55:07:bb:64:05:5b:2b:6b:e2:c6:
9f:c3:e2:40:95:ca:23:56:0f:17:c0:3f:bc:dc:86:4f:71:1f:
62:b6:fa:7b:6e:69:79:da:cf:03:b7:f5:ac:9c:db:26:8f:0f:
bc:51:f1:bc:99:94:fe:b3:85:18:8a:57:e8:6e:f6:2a:b5:52:
40:0b:60:df:93:cf:54:41:2e:0f:c8:5d:b2:7c:3a:71:0e:d5:
87:b3:10:bc:a8:38:78:8d:a6:c6:fa:fd:c4:c5:78:a9:5d:30:
a4:be:2a:e7:91:3a:c1:92:87:cd:b7:5c:0f:97:0c:9e:a5:ac:
b1:b9:04:7f:a4:d4:19:78:89:88:e0:ef:29:57:6a:93:f3:33:
ac:88:12:f9:72:2b:25:17:64:71:e8:1b:e2:f5:18:38:05:fe:
5c:11:85:ff:ca:c5:8c:f8:ed:bf:45:d4:b6:02:93:8a:4e:70:
41:5c:5c:52
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKLrbvgp9dKc2JOCvDc109sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMDE0MTUzNzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzI2YjAzNmE1YjU2YzVhY2VkMWFmNTNkMGYzNGRlZTM0YzRhNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRv5F/mntzjaFTBUZQXilvWl5irG
c840I/auQQdY3pEJBMzf2/qlG9ptvqoWPc/9btYDmRTbSqo8kM6Eu3S5LDt/QzdX
S7k9xhLbfHzpY/dRtQV5aSZGYt0di0zQXK/Cxi1zH6QTOfh4dNi8q0JXYHbiktqy
0eVfkwDyEjv5TUYnPqCdG/1GFR1ueGn5T9z4He0l/pwnAKf7vtIka8pYpNiG7jEa
NsOWewiBE+blhQprovYZnSvJv0LCtgzNyQDXoDD6f2k9BuebQkxVqc6YRfh/4la5
YPDP1ZqNY6ilAFW5Bbpe4LptaFh4ekFNf2hUJtEPFu285dkanyW8nAsX6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIwmsDaltWxaztGvU9DzTe40xKduMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvakNhd05xVzFiRnJPMGE5VDBQTk43alRFcDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCW7jwAwQB
W7j+AwQBbaxeAwQAucVKAwQAueaPMAwDBALBvBQDBADBvBYwDQYJKoZIhvcNAQEL
BQADggEBALLg5EipVorK/dXducBAClfjEEYVwqWScc7LwystIfEpUA5j4puflcKf
47LygfM4kDUTJKpNfdOkNRdA3CE6JAp5I4zC7oqW8nTIkpG3SUbFVQe7ZAVbK2vi
xp/D4kCVyiNWDxfAP7zchk9xH2K2+ntuaXnazwO39ayc2yaPD7xR8byZlP6zhRiK
V+hu9iq1UkALYN+Tz1RBLg/IXbJ8OnEO1YezELyoOHiNpsb6/cTFeKldMKS+KueR
OsGSh823XA+XDJ6lrLG5BH+k1Bl4iYjg7ylXapPzM6yIEvlyKyUXZHHoG+L1GDgF
/lwRhf/KxYz47b9F1LYCk4pOcEFcXFI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:56:07 2024 by rpki-client on console-ams.rpki-client.org