Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/JpnPWy0dmX5wLoYLX-DT0X3RdYQ.roa
File: JpnPWy0dmX5wLoYLX-DT0X3RdYQ.roa (raw, json)
Hash identifier: 9ItAEJubNlpwYqFr0ttvgQEYZvEr3awiUvAfdqcT++o=
Subject key identifier: 26:99:CF:5B:2D:1D:99:7E:70:2E:86:0B:5F:E0:D3:D1:7D:D1:75:84
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5E143A02E162D964169200C0BB20
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/JpnPWy0dmX5wLoYLX-DT0X3RdYQ.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60560
IP address blocks: 46.10.194.0/24 maxlen: 24
90.154.232.0/24 maxlen: 24
90.154.237.0/24 maxlen: 24
90.154.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5e:14:3a:02:e1:62:d9:64:16:92:00:c0:bb:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2699cf5b2d1d997e702e860b5fe0d3d17dd17584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:26:71:5d:32:66:15:4c:fe:3d:73:38:01:93:
5b:b1:37:64:90:4e:a6:b9:ab:df:9b:24:e1:35:7a:
5a:ec:28:fa:8c:2f:bc:d0:90:82:a2:90:8a:bc:7f:
c1:69:ab:14:6b:93:53:59:eb:5b:e3:ea:25:7c:af:
cc:97:6b:0b:43:f0:03:49:3d:09:88:88:12:bc:fe:
a2:92:5f:6b:e7:17:4c:a0:7a:90:99:35:0e:58:8a:
8d:9d:3f:c3:29:ec:ac:4a:fc:64:bd:3d:7e:b0:92:
80:83:5f:6c:76:5b:ea:d1:19:8f:d9:67:fd:4a:9f:
2b:95:c0:23:58:0d:f2:5d:83:e2:88:21:07:7e:2f:
5f:81:52:34:f0:63:d7:18:3d:aa:40:0c:4c:9e:42:
3d:26:39:cd:a1:75:5c:36:bc:53:13:4d:eb:76:5a:
64:26:e2:e1:da:13:f7:9b:03:d6:8c:a0:f3:82:0b:
ed:f9:6e:75:65:a5:48:fc:a9:85:80:89:93:a6:24:
3f:49:5d:36:f4:a6:00:5e:42:4a:06:a1:03:d6:bc:
ff:c5:83:84:42:66:7b:ec:97:85:34:8a:3d:d8:8c:
9a:11:d8:79:ef:c6:b3:74:91:66:0e:86:0f:af:3c:
2b:5d:c2:a1:0b:3f:d5:6e:e6:9f:94:c7:d0:0e:51:
2e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:99:CF:5B:2D:1D:99:7E:70:2E:86:0B:5F:E0:D3:D1:7D:D1:75:84
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/JpnPWy0dmX5wLoYLX-DT0X3RdYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.194.0/24
90.154.232.0/24
90.154.236.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:4c:13:26:8e:ee:4a:46:d3:78:b5:26:71:2d:9f:89:00:91:
bd:68:0e:09:9a:7f:a5:01:e9:e9:19:06:15:43:3b:aa:e4:f4:
c8:36:a3:ee:e3:a4:93:14:d4:8e:fa:8e:a7:4e:e1:79:49:a3:
16:14:11:a3:b9:74:ae:90:f6:be:c8:e0:c6:56:f9:dc:e9:d8:
33:7f:ed:a8:cb:d8:1d:57:8d:bc:4c:c4:64:07:16:28:69:6f:
44:3d:bf:5b:fe:03:15:bb:c2:b0:fc:0f:23:c8:b3:86:46:6f:
b4:4c:10:62:26:69:f9:5d:d6:15:8d:f2:fd:db:9a:5b:c8:c8:
59:b7:76:b2:6a:75:38:b4:61:6e:b2:af:17:a2:a6:1a:40:b8:
bd:6f:b0:0f:39:07:b8:38:ee:ba:f5:de:f5:78:ad:88:e3:ec:
91:81:9d:10:2b:c6:3b:16:d3:a5:66:be:e3:89:b2:49:d7:ea:
1b:93:c3:5f:f0:c5:ce:a5:4e:8d:e5:fe:71:1b:99:9e:98:a2:
aa:19:9d:cb:09:c9:26:f0:64:66:5f:12:1c:91:8d:3a:29:42:
ab:f8:6d:1d:70:6f:0f:b9:60:9e:ab:4e:85:ca:28:d5:ea:69:
b3:59:30:77:29:c4:91:9c:c5:3f:b9:e6:c5:67:1d:e0:ef:e4:
46:4e:2f:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbV4UOgLhYtlkFpIAwLsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjk5Y2Y1YjJkMWQ5OTdlNzAyZTg2MGI1ZmUwZDNkMTdkZDE3NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiZxXTJmFUz+PXM4AZNbsTdkkE6m
uavfmyThNXpa7Cj6jC+80JCCopCKvH/BaasUa5NTWetb4+olfK/Ml2sLQ/ADST0J
iIgSvP6ikl9r5xdMoHqQmTUOWIqNnT/DKeysSvxkvT1+sJKAg19sdlvq0RmP2Wf9
Sp8rlcAjWA3yXYPiiCEHfi9fgVI08GPXGD2qQAxMnkI9JjnNoXVcNrxTE03rdlpk
JuLh2hP3mwPWjKDzggvt+W51ZaVI/KmFgImTpiQ/SV029KYAXkJKBqED1rz/xYOE
QmZ77JeFNIo92IyaEdh578azdJFmDoYPrzwrXcKhCz/VbuaflMfQDlEuMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCaZz1stHZl+cC6GC1/g09F90XWEMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvSnBuUFd5MGRtWDV3TG9ZTFgtRFQwWDNSZFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgrCAwQA
WproAwQBWprsMA0GCSqGSIb3DQEBCwUAA4IBAQCuTBMmju5KRtN4tSZxLZ+JAJG9
aA4Jmn+lAenpGQYVQzuq5PTINqPu46STFNSO+o6nTuF5SaMWFBGjuXSukPa+yODG
Vvnc6dgzf+2oy9gdV428TMRkBxYoaW9EPb9b/gMVu8Kw/A8jyLOGRm+0TBBiJmn5
XdYVjfL925pbyMhZt3ayanU4tGFusq8XoqYaQLi9b7APOQe4OO669d71eK2I4+yR
gZ0QK8Y7FtOlZr7jibJJ1+obk8Nf8MXOpU6N5f5xG5memKKqGZ3LCckm8GRmXxIc
kY06KUKr+G0dcG8PuWCeq06FyijV6mmzWTB3KcSRnMU/uebFZx3g7+RGTi9B
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:14 2024 by rpki-client on console-ams.rpki-client.org