Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/JlNM9w7-91PZB8Hap_TDo4JUCRk.roa
File: JlNM9w7-91PZB8Hap_TDo4JUCRk.roa (raw, json)
Hash identifier: idWr2q/dqzgCpmaaitmmr7sJLI5Yo8fsNgEArKmJj+E=
Subject key identifier: 26:53:4C:F7:0E:FE:F7:53:D9:07:C1:DA:A7:F4:C3:A3:82:54:09:19
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 01922E633F2F869D5B4C8B2E2B2399D19C6D
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/JlNM9w7-91PZB8Hap_TDo4JUCRk.roa
Signing time: Thu 26 Sep 2024 12:51:49 +0000
ROA not before: Thu 26 Sep 2024 12:51:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 185.126.236.0/24 maxlen: 24
185.213.22.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:2::/48 maxlen: 48
2a11:840:4::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:63:3f:2f:86:9d:5b:4c:8b:2e:2b:23:99:d1:9c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 26 12:51:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26534cf70efef753d907c1daa7f4c3a382540919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:15:fd:dc:da:79:af:3f:94:42:ae:46:6e:
1e:6b:0e:da:f5:26:ea:60:12:59:55:18:c8:d7:73:
3f:41:7f:ab:2c:5f:f4:68:74:8b:65:8f:62:56:ca:
59:cc:b7:68:87:ef:9e:72:4c:13:86:af:07:11:a1:
2f:62:59:2c:fa:4a:dd:cc:dd:ef:74:c3:b0:ff:e1:
87:d3:e4:bf:c8:03:81:4b:70:4b:42:90:c4:15:3e:
b4:17:2f:d3:24:01:f6:77:c6:b1:ec:b3:69:c7:5b:
0f:e0:12:0f:fb:8d:4b:98:04:17:bb:2d:23:6e:9d:
71:81:f3:4a:f2:4f:6e:d5:7c:9c:d1:42:13:d3:ae:
b1:ad:bb:22:bb:b5:e0:19:c1:5b:bb:20:ff:fe:41:
86:ee:70:e5:df:2e:04:39:13:36:e5:5d:ec:a7:eb:
04:57:8c:11:78:04:78:71:28:47:08:a5:f9:06:71:
bd:81:09:3c:46:fa:dd:6e:78:3f:22:42:04:66:ec:
86:ff:c0:ff:7d:34:5c:42:40:e8:00:82:aa:23:35:
a7:f0:4f:2a:c9:31:5d:05:8b:76:e3:0a:ed:25:0b:
ad:3e:0a:ab:ce:81:dc:6e:9d:55:57:31:75:aa:3a:
49:c4:11:47:c7:ef:72:19:32:9b:66:a7:82:1f:94:
ce:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:53:4C:F7:0E:FE:F7:53:D9:07:C1:DA:A7:F4:C3:A3:82:54:09:19
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/JlNM9w7-91PZB8Hap_TDo4JUCRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.236.0/24
185.213.22.0/24
IPv6:
2a11:840:1::-2a11:840:2:ffff:ffff:ffff:ffff:ffff
2a11:840:4::/47
2a11:840:9::/48
Signature Algorithm: sha256WithRSAEncryption
90:67:05:d1:2c:eb:df:8a:e1:8c:49:12:5d:cf:c5:fc:77:d2:
db:da:04:66:4d:dc:a4:26:71:b4:0e:d9:07:bf:ea:12:09:e2:
18:79:d1:fc:b4:51:1d:d4:a4:31:47:7e:c7:0c:9b:35:3e:ed:
4e:8c:85:10:5f:d8:64:91:ab:8c:8c:db:30:1e:8a:22:af:2c:
e3:36:21:97:be:80:d3:5f:d9:09:70:ba:96:9e:ba:1b:fe:4a:
85:30:66:f7:8a:02:99:93:0d:f6:e6:c2:10:98:d1:64:7b:1f:
73:2c:32:c2:0c:43:3b:b7:af:98:84:a1:89:59:a0:d4:ba:33:
26:58:86:f1:4d:4f:49:00:73:d2:49:07:5d:02:e0:9b:f5:81:
62:2d:4b:a1:8a:85:ee:12:71:a3:f8:d5:6b:1c:02:33:30:8b:
6b:f0:00:e6:fa:3f:fb:10:87:e7:a7:dd:37:76:05:0f:f1:c4:
d4:c8:db:76:0f:fd:4e:5a:9c:bd:b3:69:5d:b0:da:2b:fc:a9:
ea:a2:27:fb:14:bb:eb:c9:31:21:ca:21:1f:80:51:cd:9e:1e:
ae:ae:0e:62:b1:ac:70:1b:04:aa:c6:44:80:54:e6:a1:67:94:
45:bd:42:19:5e:71:55:9e:83:74:e0:57:47:51:6d:d1:33:31:
8d:9c:e5:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZIuYz8vhp1bTIsuKyOZ0ZxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwOTI2MTI1MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjUzNGNmNzBlZmVmNzUzZDkwN2MxZGFhN2Y0YzNhMzgyNTQwOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrIV/dzaea8/lEKuRm4eaw7a9Sbq
YBJZVRjI13M/QX+rLF/0aHSLZY9iVspZzLdoh++eckwThq8HEaEvYlks+krdzN3v
dMOw/+GH0+S/yAOBS3BLQpDEFT60Fy/TJAH2d8ax7LNpx1sP4BIP+41LmAQXuy0j
bp1xgfNK8k9u1Xyc0UIT066xrbsiu7XgGcFbuyD//kGG7nDl3y4EORM25V3sp+sE
V4wReAR4cShHCKX5BnG9gQk8Rvrdbng/IkIEZuyG/8D/fTRcQkDoAIKqIzWn8E8q
yTFdBYt24wrtJQutPgqrzoHcbp1VVzF1qjpJxBFHx+9yGTKbZqeCH5TOvwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCZTTPcO/vdT2QfB2qf0w6OCVAkZMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvSmxOTTl3Ny05MVBaQjhIYXBfVERvNEpVQ1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjASBAIAATAMAwQAuX7sAwQA
udUWMCwEAgACMCYwEgMHACoRCEAAAQMHACoRCEAAAgMHASoRCEAABAMHACoRCEAA
CTANBgkqhkiG9w0BAQsFAAOCAQEAkGcF0Szr34rhjEkSXc/F/HfS29oEZk3cpCZx
tA7ZB7/qEgniGHnR/LRRHdSkMUd+xwybNT7tToyFEF/YZJGrjIzbMB6KIq8s4zYh
l76A01/ZCXC6lp66G/5KhTBm94oCmZMN9ubCEJjRZHsfcywywgxDO7evmIShiVmg
1LozJliG8U1PSQBz0kkHXQLgm/WBYi1LoYqF7hJxo/jVaxwCMzCLa/AA5vo/+xCH
56fdN3YFD/HE1Mjbdg/9TlqcvbNpXbDaK/yp6qIn+xS768kxIcohH4BRzZ4erq4O
YrGscBsEqsZEgFTmoWeURb1CGV5xVZ6DdOBXR1Ft0TMxjZzl1Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:05:34 2024 by rpki-client on console-ams.rpki-client.org