Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/JhaShqWiB8LqsFkBM0-OGgsXmHI.roa
File: JhaShqWiB8LqsFkBM0-OGgsXmHI.roa (raw, json)
Hash identifier: autan1tAGv3fk6CV+xf0EC3nhT4itgQHsyVWtRFg99I=
Subject key identifier: 26:16:92:86:A5:A2:07:C2:EA:B0:59:01:33:4F:8E:1A:0B:17:98:72
Certificate issuer: /CN=b9cc6d734492e4106608a24fa1b95efaa879c45a
Certificate serial: 018CC348933F81F2FD489A1FAEF177E76CB4
Authority key identifier: B9:CC:6D:73:44:92:E4:10:66:08:A2:4F:A1:B9:5E:FA:A8:79:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucxtc0SS5BBmCKJPoble-qh5xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/JhaShqWiB8LqsFkBM0-OGgsXmHI.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34288
IP address blocks: 109.233.176.0/21 maxlen: 21
46.234.32.0/19 maxlen: 19
81.94.112.0/20 maxlen: 20
85.158.24.0/21 maxlen: 21
2001:4b20::/32 maxlen: 32
2001:4b20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/ucxtc0SS5BBmCKJPoble-qh5xFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/ucxtc0SS5BBmCKJPoble-qh5xFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ucxtc0SS5BBmCKJPoble-qh5xFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:93:3f:81:f2:fd:48:9a:1f:ae:f1:77:e7:6c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9cc6d734492e4106608a24fa1b95efaa879c45a
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26169286a5a207c2eab05901334f8e1a0b179872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cd:4c:44:18:1f:38:88:95:2a:fc:f6:b3:36:
d8:b6:af:f2:54:76:d0:c1:2c:96:5c:88:33:6c:be:
11:f3:37:c2:08:72:f6:af:c5:dc:08:de:06:bb:05:
e2:48:72:79:67:c6:98:64:92:9b:f1:10:c1:5a:d9:
22:e5:e5:41:99:39:b2:e3:e1:fe:0e:9b:22:99:04:
dd:ff:7f:65:1b:a3:d6:ef:d6:b9:3c:1a:67:21:f0:
58:7e:35:5c:9d:d2:8a:e5:83:d1:24:66:9d:9a:3c:
67:87:6b:f4:f3:a2:09:c6:61:6f:cb:42:8f:3f:cf:
90:1f:34:0e:5a:05:a6:e5:de:86:d9:05:54:ec:15:
0c:b2:f2:7f:7f:ca:54:0f:a3:db:fc:84:07:16:54:
f9:f5:30:02:58:a9:d6:df:db:2b:c2:96:97:fa:b6:
af:92:aa:10:da:97:cd:26:c2:c0:95:14:cc:21:a3:
cc:a7:56:aa:79:d2:79:27:63:22:ec:7b:d1:e3:a6:
01:94:5b:11:42:f4:46:c3:6c:ee:a2:df:cf:89:c3:
d5:72:cf:1a:9a:1f:f0:24:8e:57:a8:4a:e3:77:fd:
e2:75:2f:94:40:cf:b1:8e:0a:09:43:40:0a:02:c8:
aa:5e:25:55:10:83:0a:a2:1e:07:6a:15:31:a1:b8:
ef:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:16:92:86:A5:A2:07:C2:EA:B0:59:01:33:4F:8E:1A:0B:17:98:72
X509v3 Authority Key Identifier:
keyid:B9:CC:6D:73:44:92:E4:10:66:08:A2:4F:A1:B9:5E:FA:A8:79:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucxtc0SS5BBmCKJPoble-qh5xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/JhaShqWiB8LqsFkBM0-OGgsXmHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f10922-9954-453f-b1c6-820d5fc44e35/1/ucxtc0SS5BBmCKJPoble-qh5xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.234.32.0/19
81.94.112.0/20
85.158.24.0/21
109.233.176.0/21
IPv6:
2001:4b20::/29
Signature Algorithm: sha256WithRSAEncryption
91:d1:bd:e8:02:a6:08:f7:bf:aa:fd:95:25:06:f1:71:ff:b8:
82:f1:c0:e5:c8:96:21:9a:61:f0:99:de:d2:d0:03:e4:77:b1:
e1:3a:b3:cd:b4:07:00:19:76:a9:45:0b:e5:f3:fd:43:b5:b0:
ee:3d:a0:da:0d:5f:1d:94:a8:21:9b:c0:06:4b:a8:84:07:2f:
7a:17:2d:4f:e4:f6:b6:ad:fd:0d:e4:9b:a9:f3:e6:0b:c0:b4:
68:c9:72:37:9a:16:03:20:d1:58:ed:02:bd:30:e8:26:c8:cc:
72:e7:18:9f:56:db:c7:b0:91:ce:ea:cf:87:c5:4b:4e:98:49:
0b:1f:13:89:e6:e7:bf:6d:7a:87:78:d7:2a:88:5c:bc:2b:1b:
a5:71:3e:a7:38:ab:a3:0c:a1:de:ff:f1:82:53:af:d4:b6:67:
49:3c:27:f4:99:3a:00:15:f4:55:6e:67:98:7b:68:70:f4:22:
41:cc:05:55:c8:f7:ef:c0:6a:93:c8:62:05:d6:78:9e:1a:6d:
b7:53:df:e8:03:c7:46:88:b5:4d:1b:6a:9d:2b:02:c5:fb:0c:
1e:20:71:76:8a:2f:af:2b:4d:df:fb:c8:ce:32:83:0e:ce:ae:
9f:a9:35:74:51:5c:0a:1a:ab:68:5e:c3:7b:b2:7c:72:82:c6:
a4:aa:ac:0d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSJM/gfL9SJofrvF352y0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Y2M2ZDczNDQ5MmU0MTA2NjA4YTI0ZmExYjk1ZWZhYTg3
OWM0NWEwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE2OTI4NmE1YTIwN2MyZWFiMDU5MDEzMzRmOGUxYTBiMTc5ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn81MRBgfOIiVKvz2szbYtq/yVHbQ
wSyWXIgzbL4R8zfCCHL2r8XcCN4GuwXiSHJ5Z8aYZJKb8RDBWtki5eVBmTmy4+H+
DpsimQTd/39lG6PW79a5PBpnIfBYfjVcndKK5YPRJGadmjxnh2v086IJxmFvy0KP
P8+QHzQOWgWm5d6G2QVU7BUMsvJ/f8pUD6Pb/IQHFlT59TACWKnW39srwpaX+rav
kqoQ2pfNJsLAlRTMIaPMp1aqedJ5J2Mi7HvR46YBlFsRQvRGw2zuot/PicPVcs8a
mh/wJI5XqErjd/3idS+UQM+xjgoJQ0AKAsiqXiVVEIMKoh4HahUxobjvwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCYWkoalogfC6rBZATNPjhoLF5hyMB8GA1UdIwQY
MBaAFLnMbXNEkuQQZgiiT6G5XvqoecRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWN4dGMwU1M1QkJtQ0tKUG9ibGUtcWg1eEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMTA5MjItOTk1NC00NTNmLWIxYzYt
ODIwZDVmYzQ0ZTM1LzEvSmhhU2hxV2lCOExxc0ZrQk0wLU9HZ3NYbUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMTA5MjItOTk1NC00NTNmLWIxYzYtODIwZDVmYzQ0ZTM1
LzEvdWN4dGMwU1M1QkJtQ0tKUG9ibGUtcWg1eEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFLuogAwQE
UV5wAwQDVZ4YAwQDbemwMA0EAgACMAcDBQMgAUsgMA0GCSqGSIb3DQEBCwUAA4IB
AQCR0b3oAqYI97+q/ZUlBvFx/7iC8cDlyJYhmmHwmd7S0APkd7HhOrPNtAcAGXap
RQvl8/1DtbDuPaDaDV8dlKghm8AGS6iEBy96Fy1P5Pa2rf0N5Jup8+YLwLRoyXI3
mhYDINFY7QK9MOgmyMxy5xifVtvHsJHO6s+HxUtOmEkLHxOJ5ue/bXqHeNcqiFy8
KxulcT6nOKujDKHe//GCU6/UtmdJPCf0mToAFfRVbmeYe2hw9CJBzAVVyPfvwGqT
yGIF1nieGm23U9/oA8dGiLVNG2qdKwLF+wweIHF2ii+vK03f+8jOMoMOzq6fqTV0
UVwKGqtoXsN7snxygsakqqwN
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:12:42 2024 by rpki-client on console-ams.rpki-client.org