Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/jRmhGBJu8nix6gfoAdeFmybqgOo.roa
File: jRmhGBJu8nix6gfoAdeFmybqgOo.roa (raw, json)
Hash identifier: esfMr/OgwaqQWKBiFqU8lBYmWpgfvbqMdhmAtUknCCM=
Subject key identifier: 8D:19:A1:18:12:6E:F2:78:B1:EA:07:E8:01:D7:85:9B:26:EA:80:EA
Certificate issuer: /CN=f061db4be695ea495a283bbe33022abd289d5ea8
Certificate serial: 018CC3492FADE82B8BE5811B10250BE43D32
Authority key identifier: F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/jRmhGBJu8nix6gfoAdeFmybqgOo.roa
Signing time: Mon 01 Jan 2024 04:30:02 +0000
ROA not before: Mon 01 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59441
IP address blocks: 185.89.22.0/24 maxlen: 24
2a07:7ec0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/8GHbS-aV6klaKDu-MwIqvSidXqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/8GHbS-aV6klaKDu-MwIqvSidXqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2f:ad:e8:2b:8b:e5:81:1b:10:25:0b:e4:3d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f061db4be695ea495a283bbe33022abd289d5ea8
Validity
Not Before: Jan 1 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d19a118126ef278b1ea07e801d7859b26ea80ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:18:58:1f:1f:13:a9:8c:40:16:4b:fe:8e:34:
31:9e:9c:e2:a7:2a:8a:45:52:aa:24:c6:e4:da:e4:
98:ec:1d:bf:69:81:51:bb:4a:5c:56:bc:c1:59:b1:
4b:fb:45:95:1b:6c:03:1a:a4:06:50:a0:11:dc:3e:
cc:17:8f:f5:b6:39:56:18:73:31:1b:a7:d9:49:f6:
b1:fc:64:43:0a:f0:7f:dc:25:1d:5f:20:eb:68:e2:
40:65:4b:bf:a2:5f:08:a6:eb:6f:96:e9:2d:05:a3:
c0:4a:f7:42:cf:03:a7:c3:bb:a5:80:c5:6e:0b:d3:
b7:25:e1:fd:81:1c:50:be:b3:f8:72:7a:7d:e1:33:
58:c4:33:ab:38:4e:f3:21:5f:d1:d7:8e:90:00:79:
94:b0:e3:fb:ee:3c:77:bc:bf:13:ff:b7:de:f8:92:
c9:ac:06:09:9e:a2:e9:5e:a4:96:3f:d3:6d:fc:9a:
96:c9:bf:04:35:45:02:b7:6a:de:c4:3b:26:b3:4a:
bf:e6:71:7f:49:f5:54:ef:ea:a1:f6:2e:51:13:55:
ce:6d:af:f4:61:23:25:f1:6c:58:86:9d:9f:e1:60:
f3:a1:d5:0d:25:30:31:b7:53:5d:52:44:94:9e:d5:
28:4f:4c:a8:52:04:ba:6d:f8:d0:0f:88:97:60:5e:
ac:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:19:A1:18:12:6E:F2:78:B1:EA:07:E8:01:D7:85:9B:26:EA:80:EA
X509v3 Authority Key Identifier:
keyid:F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/jRmhGBJu8nix6gfoAdeFmybqgOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/8GHbS-aV6klaKDu-MwIqvSidXqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.22.0/24
IPv6:
2a07:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
17:db:66:92:86:3d:05:70:2c:5d:05:d4:d0:a0:e9:66:34:de:
1a:7b:98:05:59:b2:8f:78:81:13:b5:14:42:c0:51:90:da:c4:
4c:6c:3b:5a:83:eb:1f:9f:d2:57:92:27:ea:03:76:29:ad:44:
55:aa:c7:5c:c7:97:97:ef:1a:ea:86:15:2c:5e:6d:37:6a:9e:
1d:ad:44:e3:66:0a:f8:f9:0f:6d:d5:ba:8f:f1:b3:f0:d1:19:
54:6a:45:38:64:fe:5c:39:98:6f:27:dc:e8:bc:09:37:66:a2:
43:09:b0:49:45:31:5a:06:e9:75:aa:fd:2f:15:27:8c:be:d5:
57:93:68:a7:89:f5:65:4d:d3:bd:8c:a5:f6:5c:6f:82:93:54:
86:91:10:13:c2:bc:52:46:ff:83:70:4b:0d:be:90:f4:3b:a8:
a2:5e:3c:91:86:c2:49:63:1a:17:2b:ee:b3:e5:be:7c:4b:46:
e0:21:6e:aa:f6:9f:e9:e3:e7:6a:09:79:2c:0f:b4:77:02:6a:
a8:af:cd:a0:2a:db:de:16:6f:a9:97:b3:cd:dd:0c:07:90:08:
6c:17:4e:5f:93:9c:5b:68:a0:ae:16:54:54:22:14:04:cc:f5:
6e:76:03:e1:e4:d6:d5:ee:71:67:82:17:3d:1a:0f:c4:62:97:
7d:95:a0:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSS+t6CuL5YEbECUL5D0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNjFkYjRiZTY5NWVhNDk1YTI4M2JiZTMzMDIyYWJkMjg5
ZDVlYTgwHhcNMjQwMTAxMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDE5YTExODEyNmVmMjc4YjFlYTA3ZTgwMWQ3ODU5YjI2ZWE4MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RhYHx8TqYxAFkv+jjQxnpzipyqK
RVKqJMbk2uSY7B2/aYFRu0pcVrzBWbFL+0WVG2wDGqQGUKAR3D7MF4/1tjlWGHMx
G6fZSfax/GRDCvB/3CUdXyDraOJAZUu/ol8IputvluktBaPASvdCzwOnw7ulgMVu
C9O3JeH9gRxQvrP4cnp94TNYxDOrOE7zIV/R146QAHmUsOP77jx3vL8T/7fe+JLJ
rAYJnqLpXqSWP9Nt/JqWyb8ENUUCt2rexDsms0q/5nF/SfVU7+qh9i5RE1XOba/0
YSMl8WxYhp2f4WDzodUNJTAxt1NdUkSUntUoT0yoUgS6bfjQD4iXYF6sCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI0ZoRgSbvJ4seoH6AHXhZsm6oDqMB8GA1UdIwQY
MBaAFPBh20vmlepJWig7vjMCKr0onV6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEdIYlMtYVY2a2xhS0R1LU13SXF2U2lkWHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNTkyM2ItZjY0ZS00Nzk4LWEzN2Et
ZGEzYTNkZWUwNWQ0LzEvalJtaEdCSnU4bml4Nmdmb0FkZUZteWJxZ09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNTkyM2ItZjY0ZS00Nzk4LWEzN2EtZGEzYTNkZWUwNWQ0
LzEvOEdIYlMtYVY2a2xhS0R1LU13SXF2U2lkWHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVkWMA0E
AgACMAcDBQMqB37AMA0GCSqGSIb3DQEBCwUAA4IBAQAX22aShj0FcCxdBdTQoOlm
NN4ae5gFWbKPeIETtRRCwFGQ2sRMbDtag+sfn9JXkifqA3YprURVqsdcx5eX7xrq
hhUsXm03ap4drUTjZgr4+Q9t1bqP8bPw0RlUakU4ZP5cOZhvJ9zovAk3ZqJDCbBJ
RTFaBul1qv0vFSeMvtVXk2inifVlTdO9jKX2XG+Ck1SGkRATwrxSRv+DcEsNvpD0
O6iiXjyRhsJJYxoXK+6z5b58S0bgIW6q9p/p4+dqCXksD7R3Amqor82gKtveFm+p
l7PN3QwHkAhsF05fk5xbaKCuFlRUIhQEzPVudgPh5NbV7nFnghc9Gg/EYpd9laDB
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:23 2024 by rpki-client on console-fra.rpki-client.org