Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/JJ9vwwZaKnMPELFMUCGNjq5QjEM.roa
File: JJ9vwwZaKnMPELFMUCGNjq5QjEM.roa (raw, json)
Hash identifier: ml/5eGilszv/9/LobqtjckMSRZR4StjwrnwtPv5wSPQ=
Subject key identifier: 24:9F:6F:C3:06:5A:2A:73:0F:10:B1:4C:50:21:8D:8E:AE:50:8C:43
Certificate issuer: /CN=1ef36d6dba097ea6d4b2ada4e763e84ecb3d817a
Certificate serial: 018ECD71BCE51AB40596B47410FCD8F08991
Authority key identifier: 1E:F3:6D:6D:BA:09:7E:A6:D4:B2:AD:A4:E7:63:E8:4E:CB:3D:81:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/JJ9vwwZaKnMPELFMUCGNjq5QjEM.roa
Signing time: Thu 11 Apr 2024 13:56:06 +0000
ROA not before: Thu 11 Apr 2024 13:56:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 145.11.48.0/24 maxlen: 24
145.11.60.0/24 maxlen: 24
145.11.61.0/24 maxlen: 24
145.11.62.0/24 maxlen: 24
145.11.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:71:bc:e5:1a:b4:05:96:b4:74:10:fc:d8:f0:89:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef36d6dba097ea6d4b2ada4e763e84ecb3d817a
Validity
Not Before: Apr 11 13:56:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=249f6fc3065a2a730f10b14c50218d8eae508c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:cf:a6:7b:cc:99:87:a3:26:27:d7:53:95:
90:db:3a:0a:33:79:1f:fd:0b:5c:a7:a5:ba:78:6a:
a8:2d:51:24:5e:10:5b:aa:fc:81:6a:71:9f:dc:45:
2e:f8:aa:51:1a:79:e6:43:5a:83:30:b3:39:62:4a:
d8:49:0b:65:b3:de:8c:ce:52:27:ef:25:26:a6:50:
ae:42:95:31:88:61:13:e9:5f:fb:30:9a:32:2a:eb:
35:a3:47:07:d8:d6:ce:88:ab:c5:3b:4a:fe:44:19:
f3:07:62:68:06:5a:28:d4:f8:5a:12:d1:3b:39:41:
21:91:b6:5a:f8:3e:a9:ea:0b:2f:93:0a:3f:8a:17:
a2:d5:e2:bb:79:d7:ae:0b:86:05:4d:92:ba:f2:fa:
62:d3:34:94:ac:20:0d:bb:6d:e3:a0:b3:e6:d4:40:
96:e1:47:70:7b:79:0a:e4:02:ca:4f:d6:35:6b:13:
10:75:51:3d:35:35:05:4e:b6:13:80:8e:8b:25:c8:
a0:ed:e9:cc:fc:0a:8a:b3:4a:8f:12:7b:b4:20:6a:
ec:6b:83:d8:16:68:88:ba:2b:96:6e:84:24:c1:c4:
23:48:d6:4d:f8:f9:64:18:99:3e:9d:be:46:87:70:
1c:60:41:83:b0:c8:a0:90:41:7d:f2:66:e7:7d:34:
50:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9F:6F:C3:06:5A:2A:73:0F:10:B1:4C:50:21:8D:8E:AE:50:8C:43
X509v3 Authority Key Identifier:
keyid:1E:F3:6D:6D:BA:09:7E:A6:D4:B2:AD:A4:E7:63:E8:4E:CB:3D:81:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/JJ9vwwZaKnMPELFMUCGNjq5QjEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.11.48.0/24
145.11.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:4e:2c:43:33:c3:37:57:e7:1f:95:7b:26:74:8d:5c:10:b7:
7a:4e:79:fc:04:a9:3b:20:9f:95:e6:ed:d5:38:eb:e9:88:df:
84:c9:e5:9c:f5:76:b7:97:2c:f2:a8:85:f3:37:5f:53:d4:72:
e0:94:9e:9d:81:25:3f:4d:d4:66:81:23:ef:cf:6e:21:46:51:
1f:5a:97:3e:4b:d5:f9:39:e5:4f:b0:20:33:8e:d3:4a:09:c4:
31:2f:b0:89:c3:1e:30:6b:63:29:41:88:2d:1a:fa:96:c6:a8:
1b:30:f7:70:a5:61:c3:9a:20:67:94:e2:75:76:1a:a6:08:7b:
18:e1:1d:06:96:97:58:ec:97:54:49:72:0f:82:2b:88:ab:94:
ea:38:c0:0d:eb:d0:41:72:ff:2d:9b:31:ee:e5:9c:58:a4:95:
ea:28:f9:e4:e3:f9:cb:3c:20:ad:a9:3a:74:6c:d2:d9:68:4b:
f2:3e:24:52:86:9f:64:04:a7:08:4d:c0:ab:7a:ba:14:ff:00:
94:d5:16:40:39:c3:6e:51:3e:6a:a8:39:be:b4:93:4a:1e:17:
ec:6f:ce:6a:27:d4:a3:9d:dc:67:5e:88:f5:62:4e:06:cd:c4:
f7:de:59:e3:98:9d:db:c8:1c:22:ac:2f:c5:24:8c:62:66:68:
32:48:57:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7NcbzlGrQFlrR0EPzY8ImRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjM2ZDZkYmEwOTdlYTZkNGIyYWRhNGU3NjNlODRlY2Iz
ZDgxN2EwHhcNMjQwNDExMTM1NjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDlmNmZjMzA2NWEyYTczMGYxMGIxNGM1MDIxOGQ4ZWFlNTA4YzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmefPpnvMmYejJifXU5WQ2zoKM3kf
/Qtcp6W6eGqoLVEkXhBbqvyBanGf3EUu+KpRGnnmQ1qDMLM5YkrYSQtls96MzlIn
7yUmplCuQpUxiGET6V/7MJoyKus1o0cH2NbOiKvFO0r+RBnzB2JoBloo1PhaEtE7
OUEhkbZa+D6p6gsvkwo/ihei1eK7edeuC4YFTZK68vpi0zSUrCANu23joLPm1ECW
4Udwe3kK5ALKT9Y1axMQdVE9NTUFTrYTgI6LJcig7enM/AqKs0qPEnu0IGrsa4PY
FmiIuiuWboQkwcQjSNZN+PlkGJk+nb5Gh3AcYEGDsMigkEF98mbnfTRQQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCSfb8MGWipzDxCxTFAhjY6uUIxDMB8GA1UdIwQY
MBaAFB7zbW26CX6m1LKtpOdj6E7LPYF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZOdGJib0pmcWJVc3EyazUyUG9Uc3M5Z1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8zZWQzN2ItYjgwYS00YjEwLTkxNGIt
NTdjOTI0MzFkM2QzLzEvSko5dnd3WmFLbk1QRUxGTVVDR05qcTVRakVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8zZWQzN2ItYjgwYS00YjEwLTkxNGItNTdjOTI0MzFkM2Qz
LzEvSHZOdGJib0pmcWJVc3EyazUyUG9Uc3M5Z1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkQswAwQC
kQs8MA0GCSqGSIb3DQEBCwUAA4IBAQB6TixDM8M3V+cflXsmdI1cELd6Tnn8BKk7
IJ+V5u3VOOvpiN+EyeWc9Xa3lyzyqIXzN19T1HLglJ6dgSU/TdRmgSPvz24hRlEf
Wpc+S9X5OeVPsCAzjtNKCcQxL7CJwx4wa2MpQYgtGvqWxqgbMPdwpWHDmiBnlOJ1
dhqmCHsY4R0GlpdY7JdUSXIPgiuIq5TqOMAN69BBcv8tmzHu5ZxYpJXqKPnk4/nL
PCCtqTp0bNLZaEvyPiRShp9kBKcITcCreroU/wCU1RZAOcNuUT5qqDm+tJNKHhfs
b85qJ9SjndxnXoj1Yk4GzcT33lnjmJ3byBwirC/FJIxiZmgySFfY
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:13:47 2024 by rpki-client on console-ams.rpki-client.org