Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/JovxDacTGQJqSRPCfbE2cR0Eh3w.roa
File: JovxDacTGQJqSRPCfbE2cR0Eh3w.roa (raw, json)
Hash identifier: v+9ZLdSHAB8/SKVIpXx0rOL2NDW5HM9sejsTYLXINuc=
Subject key identifier: 26:8B:F1:0D:A7:13:19:02:6A:49:13:C2:7D:B1:36:71:1D:04:87:7C
Certificate issuer: /CN=1f046cde8512802b14933b34a22f7765e295d2ab
Certificate serial: 018CC6B7BAEA059BFECCA095655EE2894DFE
Authority key identifier: 1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/JovxDacTGQJqSRPCfbE2cR0Eh3w.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198292
IP address blocks: 134.255.164.0/22 maxlen: 22
134.255.160.0/22 maxlen: 22
134.255.172.0/22 maxlen: 22
185.11.224.0/22 maxlen: 22
5.133.48.0/22 maxlen: 22
5.133.61.0/24 maxlen: 24
5.133.62.0/24 maxlen: 24
5.133.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ba:ea:05:9b:fe:cc:a0:95:65:5e:e2:89:4d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f046cde8512802b14933b34a22f7765e295d2ab
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=268bf10da71319026a4913c27db136711d04877c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0b:6f:a4:b0:67:0d:da:1e:5c:66:9d:ba:cf:
49:8c:7e:0d:84:69:3e:d0:cb:b5:79:db:4c:f7:df:
49:d4:08:95:f5:90:f8:eb:44:7a:de:03:9e:05:34:
ff:ff:82:cf:28:3b:47:6b:69:b0:71:6d:74:21:4d:
af:69:06:ee:b8:d4:22:d1:e1:6e:24:0c:8f:ca:1a:
55:dd:b9:2c:6e:00:27:3e:3d:d6:f1:a0:de:9f:22:
8d:6d:39:14:f3:e7:ba:a3:eb:0b:8e:8c:d8:0c:a9:
0b:8f:62:7b:bb:94:d9:1c:0a:34:f0:6d:9d:6a:7a:
2b:51:f1:5a:c8:4c:9c:51:e8:ad:dc:42:9b:05:99:
cf:63:e0:d3:e0:40:c0:35:2b:c5:d8:22:d4:06:f0:
bb:64:86:f6:8b:0b:8e:7e:9b:57:d3:5f:32:48:aa:
65:23:93:c0:96:1d:61:d9:f5:6a:e9:21:f5:d4:1a:
4c:9b:8c:37:d5:af:de:bf:57:33:14:0c:fc:80:38:
60:e3:a3:17:6f:fe:1b:aa:c9:e6:9f:f6:31:06:77:
09:22:4e:32:4d:1e:07:90:45:a1:5b:37:6b:d8:3c:
7a:b6:85:5d:15:99:98:39:05:78:2b:08:1d:f1:fc:
0e:f0:39:17:64:65:54:8a:38:5e:7a:da:20:67:ac:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8B:F1:0D:A7:13:19:02:6A:49:13:C2:7D:B1:36:71:1D:04:87:7C
X509v3 Authority Key Identifier:
keyid:1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/JovxDacTGQJqSRPCfbE2cR0Eh3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.48.0/22
5.133.61.0-5.133.63.255
134.255.160.0/21
134.255.172.0/22
185.11.224.0/22
Signature Algorithm: sha256WithRSAEncryption
90:09:6a:34:c6:70:ab:19:b7:86:d2:af:bd:cd:ab:fd:17:53:
e6:75:d7:ab:2d:34:80:46:27:94:88:b7:9a:08:99:7e:c5:fa:
12:b0:21:91:33:11:63:f2:48:12:2d:8f:6d:48:57:7e:55:f3:
ab:91:19:ff:1b:5f:5c:1d:cc:11:0c:27:41:1f:7b:3b:05:61:
42:d5:6f:aa:17:d2:4a:d9:7f:d9:a9:8b:7d:c6:a0:2f:3b:37:
9b:ff:47:3f:bd:01:1e:60:27:a5:46:7e:3c:69:39:8e:23:56:
ec:be:46:1e:59:ea:1d:06:ee:10:23:ca:1b:5a:5c:71:2e:5b:
ba:1b:80:5d:3e:53:d4:8f:5a:66:d6:f0:32:fc:d4:48:01:e9:
87:f0:7f:4f:f4:e0:57:70:ea:45:98:08:29:45:13:e8:a2:d9:
8c:d3:2a:ff:84:12:a4:d0:ff:f5:32:e9:02:80:73:4b:71:3f:
6a:9d:b7:43:af:89:70:14:08:5b:21:e3:95:e5:89:bc:c2:a8:
5d:91:41:e4:bb:50:4d:43:c5:2e:52:af:38:f8:bd:39:17:c1:
6a:e2:37:1e:f1:cc:f4:d5:41:0c:c4:85:c0:5e:00:66:13:a3:
20:12:d5:78:d0:50:00:88:8a:e8:8d:2c:27:1f:40:8a:74:9b:
64:09:bf:fc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGt7rqBZv+zKCVZV7iiU3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDQ2Y2RlODUxMjgwMmIxNDkzM2IzNGEyMmY3NzY1ZTI5
NWQyYWIwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjhiZjEwZGE3MTMxOTAyNmE0OTEzYzI3ZGIxMzY3MTFkMDQ4NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQtvpLBnDdoeXGadus9JjH4NhGk+
0Mu1edtM999J1AiV9ZD460R63gOeBTT//4LPKDtHa2mwcW10IU2vaQbuuNQi0eFu
JAyPyhpV3bksbgAnPj3W8aDenyKNbTkU8+e6o+sLjozYDKkLj2J7u5TZHAo08G2d
anorUfFayEycUeit3EKbBZnPY+DT4EDANSvF2CLUBvC7ZIb2iwuOfptX018ySKpl
I5PAlh1h2fVq6SH11BpMm4w31a/ev1czFAz8gDhg46MXb/4bqsnmn/YxBncJIk4y
TR4HkEWhWzdr2Dx6toVdFZmYOQV4Kwgd8fwO8DkXZGVUijheetogZ6y5+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCaL8Q2nExkCakkTwn2xNnEdBId8MB8GA1UdIwQY
MBaAFB8EbN6FEoArFJM7NKIvd2XildKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMt
MjE5YjlmNmY5MDg3LzEvSm92eERhY1RHUUpxU1JQQ2ZiRTJjUjBFaDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMtMjE5YjlmNmY5MDg3
LzEvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBYUwMAwD
BAAFhT0DBAYFhQADBAOG/6ADBAKG/6wDBAK5C+AwDQYJKoZIhvcNAQELBQADggEB
AJAJajTGcKsZt4bSr73Nq/0XU+Z116stNIBGJ5SIt5oImX7F+hKwIZEzEWPySBIt
j21IV35V86uRGf8bX1wdzBEMJ0EfezsFYULVb6oX0krZf9mpi33GoC87N5v/Rz+9
AR5gJ6VGfjxpOY4jVuy+Rh5Z6h0G7hAjyhtaXHEuW7obgF0+U9SPWmbW8DL81EgB
6Yfwf0/04Fdw6kWYCClFE+ii2YzTKv+EEqTQ//Uy6QKAc0txP2qdt0OviXAUCFsh
45XlibzCqF2RQeS7UE1DxS5Srzj4vTkXwWriNx7xzPTVQQzEhcBeAGYToyAS1XjQ
UACIiuiNLCcfQIp0m2QJv/w=
-----END CERTIFICATE-----
Generated at Sat May 18 06:08:09 2024 by rpki-client on console-fra.rpki-client.org