Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/JFAksREzHfKWE-vWu8p-pQx8dss.roa
File: JFAksREzHfKWE-vWu8p-pQx8dss.roa (raw, json)
Hash identifier: JwmWmWL8U9xr7JAfG+lAQmGDozJvEYtB8YQneBwcR5g=
Subject key identifier: 24:50:24:B1:11:33:1D:F2:96:13:EB:D6:BB:CA:7E:A5:0C:7C:76:CB
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 0190CBB2ECFC41F55CFD7339A628C5A785E3
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/JFAksREzHfKWE-vWu8p-pQx8dss.roa
Signing time: Fri 19 Jul 2024 15:53:39 +0000
ROA not before: Fri 19 Jul 2024 15:53:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.180.188.0/22 maxlen: 24
185.185.77.0/24 maxlen: 24
185.185.78.0/24 maxlen: 24
2a0f:a0c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:b2:ec:fc:41:f5:5c:fd:73:39:a6:28:c5:a7:85:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jul 19 15:53:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=245024b111331df29613ebd6bbca7ea50c7c76cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:49:4d:41:96:de:d4:16:68:44:9c:30:ce:
27:93:23:77:4f:5d:7a:a9:19:63:c3:af:85:12:48:
f9:ab:a5:60:61:f8:68:84:06:da:8e:16:db:97:ca:
86:9d:8c:07:28:20:d7:ff:f1:d4:73:2d:fa:9c:fe:
4a:a1:40:41:91:da:c5:9a:7e:1b:35:c3:09:a3:ee:
7f:63:d3:9c:66:18:15:2d:55:53:a7:3e:63:4e:20:
8a:01:39:43:6a:58:7f:55:fe:18:1b:2f:dc:b0:a4:
56:4f:8b:18:e4:03:53:9e:fc:71:21:55:05:11:f3:
2f:3f:53:2c:96:20:45:f5:17:2e:eb:6b:6b:d9:56:
1b:26:6c:36:c1:20:a4:35:9c:c0:31:1e:13:cf:15:
84:f4:8a:8f:5d:e4:4e:9a:53:a6:42:5e:a8:ba:c2:
0e:44:a0:3f:98:a4:42:54:30:6a:a1:46:80:eb:f8:
bf:27:f1:97:ac:4c:6b:a9:b2:8d:08:a6:45:bd:d5:
90:9e:61:30:fc:89:b9:77:ce:a6:90:a1:f7:90:da:
85:b1:12:a4:1c:ea:2d:94:26:13:c2:f4:bc:99:a9:
ae:10:4a:ea:f7:52:f0:a0:d0:5a:02:0c:b8:ed:69:
9f:ea:1c:f9:22:58:12:2d:9a:2a:10:2a:ca:39:3b:
8f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:50:24:B1:11:33:1D:F2:96:13:EB:D6:BB:CA:7E:A5:0C:7C:76:CB
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/JFAksREzHfKWE-vWu8p-pQx8dss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
IPv6:
2a0f:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:a0:c5:b2:b1:bc:5a:5d:64:62:67:78:7a:a8:84:45:90:3c:
c7:9a:44:bd:28:36:75:e1:20:bf:20:68:df:f9:1a:76:81:76:
f4:43:85:94:1e:04:bc:dc:b0:77:7e:24:93:1b:f8:d6:cd:92:
41:56:d8:e2:a5:74:7a:8a:5e:64:3b:bf:62:83:ff:77:e3:02:
11:74:ed:40:a1:5b:08:29:87:aa:3f:73:d6:1e:09:de:55:7f:
4d:4d:d0:6d:2e:f1:21:bd:39:5f:19:26:47:d7:5f:b3:46:24:
2a:b6:35:48:13:96:d5:2d:d4:9c:6d:e9:af:b1:29:d0:91:f5:
5e:75:73:42:74:af:b5:94:62:d1:f6:93:8d:7e:b0:ae:0d:3d:
02:5d:d3:2d:a7:a2:87:e9:9c:ae:95:27:df:42:8f:38:a4:d9:
99:42:c1:98:f3:60:2d:56:59:68:8f:fa:82:dc:f0:d3:d8:43:
e9:55:80:f5:47:48:f6:83:cd:b4:c4:31:99:dd:c3:ae:04:a9:
1a:13:79:d1:9d:2a:75:08:04:c2:c0:a0:e8:52:8e:75:f9:4b:
1f:ce:6d:8e:27:43:cb:48:93:25:bf:30:a0:21:19:3f:4b:dd:
ed:5d:67:f1:f5:02:d0:c5:90:9b:c8:21:62:55:1e:73:2b:82:
5b:7d:f1:ed
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZDLsuz8QfVc/XM5pijFp4XjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjQwNzE5MTU1MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDUwMjRiMTExMzMxZGYyOTYxM2ViZDZiYmNhN2VhNTBjN2M3NmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/9JTUGW3tQWaEScMM4nkyN3T116
qRljw6+FEkj5q6VgYfhohAbajhbbl8qGnYwHKCDX//HUcy36nP5KoUBBkdrFmn4b
NcMJo+5/Y9OcZhgVLVVTpz5jTiCKATlDalh/Vf4YGy/csKRWT4sY5ANTnvxxIVUF
EfMvP1MsliBF9Rcu62tr2VYbJmw2wSCkNZzAMR4TzxWE9IqPXeROmlOmQl6ousIO
RKA/mKRCVDBqoUaA6/i/J/GXrExrqbKNCKZFvdWQnmEw/Im5d86mkKH3kNqFsRKk
HOotlCYTwvS8mamuEErq91LwoNBaAgy47Wmf6hz5IlgSLZoqECrKOTuP8QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCRQJLERMx3ylhPr1rvKfqUMfHbLMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvSkZBa3NSRXpIZktXRS12V3U4cC1wUXg4ZHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQQCAAIwBwMFAyoPoMAwDQYJKoZIhvcNAQELBQADggEBAFKg
xbKxvFpdZGJneHqohEWQPMeaRL0oNnXhIL8gaN/5GnaBdvRDhZQeBLzcsHd+JJMb
+NbNkkFW2OKldHqKXmQ7v2KD/3fjAhF07UChWwgph6o/c9YeCd5Vf01N0G0u8SG9
OV8ZJkfXX7NGJCq2NUgTltUt1Jxt6a+xKdCR9V51c0J0r7WUYtH2k41+sK4NPQJd
0y2noofpnK6VJ99Cjzik2ZlCwZjzYC1WWWiP+oLc8NPYQ+lVgPVHSPaDzbTEMZnd
w64EqRoTedGdKnUIBMLAoOhSjnX5Sx/ObY4nQ8tIkyW/MKAhGT9L3e1dZ/H1AtDF
kJvIIWJVHnMrglt98e0=
-----END CERTIFICATE-----
Generated at Sat Sep 7 22:49:55 2024 by rpki-client on console-ams.rpki-client.org