Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JgCpXSNzqNIqm5ay268OqDjXeEY.roa
File: JgCpXSNzqNIqm5ay268OqDjXeEY.roa (raw, json)
Hash identifier: 2GZB2pvymABPvBlFxnVaQSaAqpNAqa5uK4O+qUagzAI=
Subject key identifier: 26:00:A9:5D:23:73:A8:D2:2A:9B:96:B2:DB:AF:0E:A8:38:D7:78:46
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC4453A4CFE2D371E839958A145E23
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JgCpXSNzqNIqm5ay268OqDjXeEY.roa
Signing time: Mon 01 Jan 2024 16:29:55 +0000
ROA not before: Mon 01 Jan 2024 16:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41740
IP address blocks: 195.208.4.0/24 maxlen: 24
195.208.6.0/24 maxlen: 24
195.208.7.0/24 maxlen: 24
195.208.5.0/24 maxlen: 24
193.232.253.0/24 maxlen: 24
193.232.147.0/24 maxlen: 24
2a0c:a9c7:b::/48 maxlen: 48
2a0c:a9c7:253::/48 maxlen: 48
2a0c:a9c7:8::/48 maxlen: 48
2a0c:a9c7:a::/48 maxlen: 48
2a0c:a9c7:147::/48 maxlen: 48
2a0c:a9c7:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:44:53:a4:cf:e2:d3:71:e8:39:95:8a:14:5e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2600a95d2373a8d22a9b96b2dbaf0ea838d77846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:62:0f:f2:1b:34:a3:52:b8:5f:67:57:99:
0a:40:2e:f9:28:f9:4b:db:5d:93:e7:49:66:69:47:
1e:8b:b5:81:ec:fe:ae:c2:88:f0:af:91:a6:3b:1b:
48:f0:87:ab:05:16:81:f2:fb:9c:dd:6e:81:33:55:
70:eb:fe:ae:ed:81:04:db:11:66:2e:69:1c:fb:22:
35:78:4a:7d:b5:89:3b:ee:ae:80:7b:c0:44:2e:62:
6a:0a:7c:97:4a:ce:06:de:b7:9c:a7:d3:3f:01:a4:
e8:92:ea:5e:39:fd:80:12:10:f3:f9:eb:e4:cc:28:
4c:12:a0:15:12:a4:93:b8:82:f4:52:49:47:04:38:
91:ef:53:45:63:ba:52:da:72:31:69:d4:be:cc:62:
09:7a:12:bc:7f:48:25:53:75:f4:39:1d:d1:ca:f5:
23:35:e5:eb:59:5b:4f:a1:23:8f:f3:c0:af:65:66:
9c:5d:fe:73:37:84:88:06:a4:02:0c:a5:3d:58:36:
bd:44:9f:28:48:3e:f6:25:a4:19:9e:46:b7:5c:61:
fb:94:e5:ab:6d:b2:ab:b8:b5:92:1b:3c:a9:42:f5:
df:5e:c6:96:e9:09:66:d8:ed:f8:65:70:c8:37:71:
2f:1d:ea:08:63:9c:b2:d5:71:4e:f6:df:04:d4:e1:
7b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:00:A9:5D:23:73:A8:D2:2A:9B:96:B2:DB:AF:0E:A8:38:D7:78:46
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JgCpXSNzqNIqm5ay268OqDjXeEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.147.0/24
193.232.253.0/24
195.208.4.0/22
IPv6:
2a0c:a9c7:8::/46
2a0c:a9c7:147::/48
2a0c:a9c7:253::/48
Signature Algorithm: sha256WithRSAEncryption
57:76:c0:23:c5:9e:1a:c5:59:df:32:23:56:ec:c7:d0:4a:49:
0f:e4:3f:54:46:e2:a4:b7:82:8c:26:5d:72:3e:f5:20:2c:62:
30:aa:0c:95:90:0a:88:fa:7d:cf:3b:ca:bb:95:fd:48:7b:6c:
ed:77:55:0d:55:2e:b8:72:ad:88:c4:96:08:88:36:24:e9:8c:
39:d2:90:61:37:6b:a8:2d:9f:d1:0b:f6:44:e2:b4:92:36:86:
26:78:5a:25:92:b5:21:82:39:50:26:15:cf:e5:79:fb:a9:99:
12:39:a7:c6:59:ed:48:a5:d8:be:32:44:bf:1a:99:c4:3d:e3:
42:52:88:b8:92:5c:6d:09:c7:a6:4f:ac:40:a9:6b:45:6d:ed:
2e:00:f4:0d:ef:15:48:c8:92:39:43:82:c6:ef:a2:05:87:20:
20:3f:30:50:e2:79:f1:36:60:f4:ec:20:88:7b:e9:f2:44:25:
6a:96:ee:d4:34:5f:e1:a2:62:07:ba:6e:71:85:cd:70:32:95:
32:61:35:58:07:4c:6d:f6:27:36:1b:2e:11:96:70:70:5c:f9:
fd:47:cf:bc:93:93:9a:55:df:7f:8a:86:4f:f3:b7:08:ae:84:
d5:6b:ba:cf:76:11:17:42:80:0e:de:66:e7:98:6b:5f:3b:2d:
c1:1c:1e:10
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzF3ERTpM/i03HoOZWKFF4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjAwYTk1ZDIzNzNhOGQyMmE5Yjk2YjJkYmFmMGVhODM4ZDc3ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf9iD/IbNKNSuF9nV5kKQC75KPlL
212T50lmaUcei7WB7P6uwojwr5GmOxtI8IerBRaB8vuc3W6BM1Vw6/6u7YEE2xFm
Lmkc+yI1eEp9tYk77q6Ae8BELmJqCnyXSs4G3recp9M/AaTokupeOf2AEhDz+evk
zChMEqAVEqSTuIL0UklHBDiR71NFY7pS2nIxadS+zGIJehK8f0glU3X0OR3RyvUj
NeXrWVtPoSOP88CvZWacXf5zN4SIBqQCDKU9WDa9RJ8oSD72JaQZnka3XGH7lOWr
bbKruLWSGzypQvXfXsaW6Qlm2O34ZXDIN3EvHeoIY5yy1XFO9t8E1OF7uwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCYAqV0jc6jSKpuWstuvDqg413hGMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvSmdDcFhTTnpxTklxbTVheTI2OE9xRGpYZUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAweiTAwQA
wej9AwQCw9AEMCEEAgACMBsDBwIqDKnHAAgDBwAqDKnHAUcDBwAqDKnHAlMwDQYJ
KoZIhvcNAQELBQADggEBAFd2wCPFnhrFWd8yI1bsx9BKSQ/kP1RG4qS3gowmXXI+
9SAsYjCqDJWQCoj6fc87yruV/Uh7bO13VQ1VLrhyrYjElgiINiTpjDnSkGE3a6gt
n9EL9kTitJI2hiZ4WiWStSGCOVAmFc/lefupmRI5p8ZZ7Uil2L4yRL8amcQ940JS
iLiSXG0Jx6ZPrECpa0Vt7S4A9A3vFUjIkjlDgsbvogWHICA/MFDiefE2YPTsIIh7
6fJEJWqW7tQ0X+GiYge6bnGFzXAylTJhNVgHTG32JzYbLhGWcHBc+f1Hz7yTk5pV
33+Khk/ztwiuhNVrus92ERdCgA7eZueYa187LcEcHhA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:43:03 2024 by rpki-client on console-fra.rpki-client.org