Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/jalSk_9M-jp2JziUFcL42vg8J5Q.roa
File: jalSk_9M-jp2JziUFcL42vg8J5Q.roa (raw, json)
Hash identifier: uvltO/PpvYYSzBwcM7o8nDEtUstGGhCcIf8eSWCeY2A=
Subject key identifier: 8D:A9:52:93:FF:4C:FA:3A:76:27:38:94:15:C2:F8:DA:F8:3C:27:94
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018CC56EB37764938C3075AFC476D2DAB585
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/jalSk_9M-jp2JziUFcL42vg8J5Q.roa
Signing time: Mon 01 Jan 2024 14:30:15 +0000
ROA not before: Mon 01 Jan 2024 14:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 37.19.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b3:77:64:93:8c:30:75:af:c4:76:d2:da:b5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 14:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da95293ff4cfa3a7627389415c2f8daf83c2794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:47:bf:d8:91:a4:58:f0:4c:4f:8c:a5:02:1c:
85:fc:10:c7:8e:18:80:96:7b:ec:4e:6b:a3:56:95:
98:8b:ef:a5:04:8a:7f:0f:d4:6b:1f:00:9c:5e:dd:
94:9e:74:c5:7f:06:8f:e3:5e:aa:f1:06:db:88:01:
97:a8:4d:21:2d:dd:d7:7f:33:2f:19:fc:48:16:79:
d5:c4:2d:ca:c9:a1:2a:72:8a:c1:3d:05:e1:43:a5:
76:44:10:19:d0:78:5c:f2:43:f5:c1:81:4f:4e:bc:
91:8d:f7:9f:2f:5d:bb:7b:90:6a:c5:6c:f4:66:9a:
29:ec:50:24:c0:ec:88:90:65:9d:86:57:8b:60:ec:
98:ea:3b:ba:c2:e2:84:20:36:2f:91:9a:e3:24:ec:
2f:49:14:d8:59:d4:b4:31:ba:df:57:f8:b9:f0:af:
13:fc:50:ab:17:06:b5:4b:90:95:2c:9d:d5:77:d1:
cf:7e:8b:42:0a:b0:b7:36:9d:4d:38:7a:9a:38:ed:
39:65:b1:32:f1:48:2b:b0:ac:2a:12:49:01:1f:54:
41:73:b8:1c:d5:5b:d5:88:0d:ec:6c:15:f9:c5:02:
d0:39:2f:c1:97:22:aa:ac:6f:0f:ef:ee:8b:fb:03:
4c:2c:37:d4:b4:5d:ee:76:6d:c1:80:7e:f1:fa:c8:
41:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A9:52:93:FF:4C:FA:3A:76:27:38:94:15:C2:F8:DA:F8:3C:27:94
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/jalSk_9M-jp2JziUFcL42vg8J5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:95:ff:2d:e0:80:ff:11:c2:b7:e2:67:68:e7:5b:12:f7:75:
46:cf:d2:35:89:65:06:e7:4b:d4:09:aa:26:94:31:a1:a5:12:
3e:41:27:48:56:95:ab:c0:6e:df:1e:6d:de:db:91:ab:c9:2f:
8c:95:f8:b0:b3:2d:b5:96:1a:af:4a:91:94:87:86:ff:26:97:
22:4a:0e:8e:15:3c:10:b1:2c:cb:d5:da:ca:c0:7c:66:1f:b3:
df:26:f8:11:11:64:12:04:24:9b:94:04:db:df:ee:41:20:11:
35:9f:88:09:14:c0:f2:55:19:0a:28:2d:80:f5:ab:b1:d1:a0:
2e:36:c7:39:4a:af:9b:22:d4:60:3e:67:b1:5a:a5:4a:75:68:
58:03:59:22:7a:42:a3:41:a2:3f:43:ce:f0:f6:93:cf:af:c8:
a2:88:a1:32:0d:f8:ea:a3:a9:5a:75:5a:f0:f3:9b:14:45:1d:
08:e8:91:d4:7f:d3:0d:a5:6c:fc:4d:09:12:30:06:88:96:c3:
75:a8:71:27:b7:69:22:a0:06:fb:79:17:b3:99:34:bc:1c:b4:
55:0e:f9:9a:94:47:d0:6a:31:f9:bc:4d:eb:be:a2:17:2f:e2:
11:fd:3d:a6:b0:71:e9:45:54:60:7a:0c:32:3c:89:07:24:d3:
ed:53:4f:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbrN3ZJOMMHWvxHbS2rWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE5NTI5M2ZmNGNmYTNhNzYyNzM4OTQxNWMyZjhkYWY4M2MyNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhke/2JGkWPBMT4ylAhyF/BDHjhiA
lnvsTmujVpWYi++lBIp/D9RrHwCcXt2UnnTFfwaP416q8QbbiAGXqE0hLd3XfzMv
GfxIFnnVxC3KyaEqcorBPQXhQ6V2RBAZ0Hhc8kP1wYFPTryRjfefL127e5BqxWz0
Zpop7FAkwOyIkGWdhleLYOyY6ju6wuKEIDYvkZrjJOwvSRTYWdS0MbrfV/i58K8T
/FCrFwa1S5CVLJ3Vd9HPfotCCrC3Np1NOHqaOO05ZbEy8UgrsKwqEkkBH1RBc7gc
1VvViA3sbBX5xQLQOS/BlyKqrG8P7+6L+wNMLDfUtF3udm3BgH7x+shBfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2pUpP/TPo6dic4lBXC+Nr4PCeUMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvamFsU2tfOU0tanAySnppVUZjTDQydmc4SjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRNAMA0G
CSqGSIb3DQEBCwUAA4IBAQCdlf8t4ID/EcK34mdo51sS93VGz9I1iWUG50vUCaom
lDGhpRI+QSdIVpWrwG7fHm3e25GryS+Mlfiwsy21lhqvSpGUh4b/JpciSg6OFTwQ
sSzL1drKwHxmH7PfJvgREWQSBCSblATb3+5BIBE1n4gJFMDyVRkKKC2A9aux0aAu
Nsc5Sq+bItRgPmexWqVKdWhYA1kiekKjQaI/Q87w9pPPr8iiiKEyDfjqo6ladVrw
85sURR0I6JHUf9MNpWz8TQkSMAaIlsN1qHEnt2kioAb7eRezmTS8HLRVDvmalEfQ
ajH5vE3rvqIXL+IR/T2msHHpRVRgegwyPIkHJNPtU08n
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:38 2024 by rpki-client on console-ams.rpki-client.org