Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JejxIRr0NCoSyHwhoFvKW66oYbA.roa
File: JejxIRr0NCoSyHwhoFvKW66oYbA.roa (raw, json)
Hash identifier: cXjtXjxHtdas8MtEi3DxlOuaSwI5K9RHQUhFcdtSSJc=
Subject key identifier: 25:E8:F1:21:1A:F4:34:2A:12:C8:7C:21:A0:5B:CA:5B:AE:A8:61:B0
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FAD8609A5C3DFD963CBC6E41B1B58
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JejxIRr0NCoSyHwhoFvKW66oYbA.roa
Signing time: Tue 02 Jan 2024 04:30:11 +0000
ROA not before: Tue 02 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 185.51.192.0/24 maxlen: 24
2a01:b2e0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ad:86:09:a5:c3:df:d9:63:cb:c6:e4:1b:1b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25e8f1211af4342a12c87c21a05bca5baea861b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5d:bd:10:9f:0e:37:05:bc:d5:b5:c4:58:c5:
ed:5f:ad:62:98:e3:e0:40:4f:3c:10:98:90:01:01:
f2:47:68:6b:4d:61:85:78:bc:8d:e2:ac:1f:8e:49:
ac:32:84:57:4b:f6:20:02:d6:79:61:92:96:38:37:
e8:ed:6d:00:db:27:fa:fc:cc:8f:78:a8:f7:8f:65:
c1:c1:8f:f6:85:54:7a:28:2c:c3:02:d8:fc:58:22:
5b:bd:db:af:78:2a:4e:af:d5:b3:2f:c5:37:93:49:
bc:00:18:5e:68:6d:06:dd:2f:a0:ad:d3:42:36:28:
34:bc:07:4a:76:b5:43:fe:49:06:0d:b2:d8:b3:6c:
42:fc:93:fc:9f:c3:8b:76:fc:87:34:43:dd:42:a4:
5e:eb:da:a0:0b:2b:70:df:fa:9f:2d:7a:47:ef:3d:
3b:f9:5a:9b:f4:34:ab:68:59:1b:76:1c:1e:d5:b0:
65:00:a1:a4:dd:9f:97:2d:71:4a:c4:3c:ff:4a:95:
4c:26:73:84:ac:47:11:d0:24:c7:a4:7e:5c:4d:c4:
3f:ed:d5:24:aa:82:27:ce:fd:6d:c4:3c:92:b0:48:
61:60:a1:f9:7f:30:e9:c7:cf:ae:f5:2c:8a:48:ea:
b6:e7:72:9e:0c:4e:69:7a:ea:85:05:3f:74:8e:d6:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E8:F1:21:1A:F4:34:2A:12:C8:7C:21:A0:5B:CA:5B:AE:A8:61:B0
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JejxIRr0NCoSyHwhoFvKW66oYbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.192.0/24
IPv6:
2a01:b2e0::/29
Signature Algorithm: sha256WithRSAEncryption
66:6c:b9:83:4e:59:ed:ee:d4:2f:ca:78:04:f5:f2:84:fd:68:
5d:65:bc:00:1d:cd:07:1c:6a:e7:e5:54:5c:c5:90:5f:2c:34:
fd:1f:df:3e:46:4b:47:1c:9a:3e:e0:8f:9d:ee:05:5c:71:d9:
18:5a:71:79:69:17:12:73:c3:b9:ca:c9:a3:67:16:7e:90:66:
0b:80:af:3b:a9:8a:2f:60:bb:4b:5d:e3:fd:36:82:76:e6:7c:
7a:a1:02:07:7f:b8:48:c3:f0:64:2f:d6:cd:53:bd:5d:7d:85:
a3:8d:86:c4:8b:28:9b:46:26:4e:81:39:e7:a7:ce:42:05:e0:
b9:a4:2b:8b:8a:a9:ec:c5:41:f1:0d:a0:13:07:58:8e:f2:07:
5e:39:52:e7:72:e3:25:0b:7e:eb:29:4e:bd:2c:dd:b1:50:ce:
8e:2a:c6:2b:85:40:54:ad:50:87:a4:28:81:8d:a7:e2:0b:dc:
b2:e5:c8:bf:0e:a6:5a:c6:63:9f:60:ed:86:56:63:96:18:21:
cd:ad:0f:85:24:45:67:8a:2d:de:3c:58:46:f9:ec:47:c4:ba:
2e:18:6d:d1:b4:92:4e:a7:97:a7:4b:1b:85:46:8c:3f:be:6d:
bb:08:c1:57:12:80:71:a3:5c:d1:3f:f0:a5:1f:60:a6:c4:f9:
dd:ca:17:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb62GCaXD39ljy8bkGxtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWU4ZjEyMTFhZjQzNDJhMTJjODdjMjFhMDViY2E1YmFlYTg2MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5l29EJ8ONwW81bXEWMXtX61imOPg
QE88EJiQAQHyR2hrTWGFeLyN4qwfjkmsMoRXS/YgAtZ5YZKWODfo7W0A2yf6/MyP
eKj3j2XBwY/2hVR6KCzDAtj8WCJbvduveCpOr9WzL8U3k0m8ABheaG0G3S+grdNC
Nig0vAdKdrVD/kkGDbLYs2xC/JP8n8OLdvyHNEPdQqRe69qgCytw3/qfLXpH7z07
+Vqb9DSraFkbdhwe1bBlAKGk3Z+XLXFKxDz/SpVMJnOErEcR0CTHpH5cTcQ/7dUk
qoInzv1txDySsEhhYKH5fzDpx8+u9SyKSOq253KeDE5peuqFBT90jta5qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCXo8SEa9DQqEsh8IaBbyluuqGGwMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSmVqeElScjBOQ29TeUh3aG9GdktXNjZvWWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTPAMA0E
AgACMAcDBQMqAbLgMA0GCSqGSIb3DQEBCwUAA4IBAQBmbLmDTlnt7tQvyngE9fKE
/WhdZbwAHc0HHGrn5VRcxZBfLDT9H98+RktHHJo+4I+d7gVccdkYWnF5aRcSc8O5
ysmjZxZ+kGYLgK87qYovYLtLXeP9NoJ25nx6oQIHf7hIw/BkL9bNU71dfYWjjYbE
iyibRiZOgTnnp85CBeC5pCuLiqnsxUHxDaATB1iO8gdeOVLncuMlC37rKU69LN2x
UM6OKsYrhUBUrVCHpCiBjafiC9yy5ci/DqZaxmOfYO2GVmOWGCHNrQ+FJEVnii3e
PFhG+exHxLouGG3RtJJOp5enSxuFRow/vm27CMFXEoBxo1zRP/ClH2CmxPndyhfR
-----END CERTIFICATE-----
Generated at Wed May 8 23:55:33 2024 by rpki-client on console-fra.rpki-client.org