Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Jt9b3fZfT_CLq9TZmbcgob67QK8.roa
File: Jt9b3fZfT_CLq9TZmbcgob67QK8.roa (raw, json)
Hash identifier: Glahka348WvApywlwyfNy/D4YX/eX7UcrB1nQBCBm90=
Subject key identifier: 26:DF:5B:DD:F6:5F:4F:F0:8B:AB:D4:D9:99:B7:20:A1:BE:BB:40:AF
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018CCA2B5075B0247BC87250A35BCABAB87A
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Jt9b3fZfT_CLq9TZmbcgob67QK8.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 79.127.0.0/21 maxlen: 32
46.143.24.0/21 maxlen: 32
46.143.32.0/20 maxlen: 32
79.127.64.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:50:75:b0:24:7b:c8:72:50:a3:5b:ca:ba:b8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26df5bddf65f4ff08babd4d999b720a1bebb40af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ca:4c:fa:2c:2b:45:51:8f:ff:ec:7a:65:38:
c9:cc:07:2c:36:2c:94:a5:e3:7a:f9:5e:f2:20:56:
55:a0:89:91:d2:c2:82:a4:e5:02:58:bc:4b:d2:19:
19:8c:5e:01:e5:35:41:f8:f1:80:a6:42:8d:18:5a:
6e:0e:46:a1:6a:4e:0d:2f:c9:aa:ec:41:12:5a:ee:
40:40:1d:7a:77:b7:b4:2a:aa:13:79:4f:a9:45:7d:
dd:0c:db:69:e7:63:89:f5:8e:66:f9:72:9a:fc:e6:
f4:41:5c:aa:2f:68:bb:4a:b2:39:d1:7a:ef:c0:51:
45:4f:6a:b1:cf:97:1e:62:8e:c6:fd:00:a9:73:ae:
37:0c:39:88:c4:d2:1b:43:de:24:b8:81:64:59:a2:
74:dc:e2:db:9a:f3:5e:1b:29:53:d4:3c:6f:bf:e4:
34:4e:3d:9a:ea:b1:18:61:b3:fc:23:dd:68:8d:7f:
47:e7:10:9e:95:08:78:83:ab:a9:4c:64:34:90:be:
5b:e3:ba:5e:5f:a1:28:cf:67:10:73:8b:7c:cc:3d:
bd:dc:fd:6a:93:0d:20:4d:aa:f4:3d:bc:de:b7:36:
67:02:81:9d:a8:4c:8d:cb:4f:d4:23:9f:be:fa:00:
32:7b:99:a5:4f:83:0f:29:62:7d:e6:49:0c:cf:c8:
af:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DF:5B:DD:F6:5F:4F:F0:8B:AB:D4:D9:99:B7:20:A1:BE:BB:40:AF
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Jt9b3fZfT_CLq9TZmbcgob67QK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.24.0-46.143.47.255
79.127.0.0/21
79.127.64.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:26:7b:39:33:64:b3:b9:37:3a:e6:b4:60:8c:df:d5:66:5c:
53:d7:f5:9d:8a:8c:93:4b:97:6f:45:02:79:98:0f:fa:58:a5:
ba:fc:8f:3a:96:32:09:3c:f1:a9:06:7a:42:fa:6f:f9:4e:17:
0d:fa:41:9f:e1:71:f8:88:6f:b7:c4:6d:a9:e1:63:c3:3d:79:
4b:fc:f4:20:1f:a6:6d:ec:54:75:63:1a:e4:2a:9c:86:17:3a:
d6:5b:5f:d1:0d:04:00:4c:57:9f:57:ae:73:fc:74:68:ae:48:
4e:72:11:b0:79:36:16:0b:cb:45:75:54:09:8e:d0:05:b5:0e:
52:1e:0c:d2:c8:6f:91:81:d5:58:cf:42:0e:e8:e2:2a:ba:4c:
24:37:f3:90:31:85:a7:e2:29:80:c5:60:2b:4d:ba:48:19:8c:
90:54:21:61:93:07:d4:01:2d:f8:48:1b:8b:80:1a:01:13:52:
41:d8:66:ea:42:35:b7:36:c9:9d:bf:c5:98:ed:33:a9:11:d3:
fd:be:0e:26:a6:68:68:40:49:f2:fd:5a:5a:a3:7d:87:41:b0:
23:47:80:d3:97:6b:81:aa:d0:01:5d:30:c2:22:13:89:34:5d:
43:3b:2f:46:6e:e4:9f:7c:84:da:5e:29:67:08:50:10:10:1c:
ee:7b:58:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKK1B1sCR7yHJQo1vKurh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRmNWJkZGY2NWY0ZmYwOGJhYmQ0ZDk5OWI3MjBhMWJlYmI0MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcpM+iwrRVGP/+x6ZTjJzAcsNiyU
peN6+V7yIFZVoImR0sKCpOUCWLxL0hkZjF4B5TVB+PGApkKNGFpuDkahak4NL8mq
7EESWu5AQB16d7e0KqoTeU+pRX3dDNtp52OJ9Y5m+XKa/Ob0QVyqL2i7SrI50Xrv
wFFFT2qxz5ceYo7G/QCpc643DDmIxNIbQ94kuIFkWaJ03OLbmvNeGylT1Dxvv+Q0
Tj2a6rEYYbP8I91ojX9H5xCelQh4g6upTGQ0kL5b47peX6Eoz2cQc4t8zD293P1q
kw0gTar0PbzetzZnAoGdqEyNy0/UI5+++gAye5mlT4MPKWJ95kkMz8ivEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCbfW932X0/wi6vU2Zm3IKG+u0CvMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvSnQ5YjNmWmZUX0NMcTlUWm1iY2dvYjY3UUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMujxgD
BAQujyADBANPfwADBARPf0AwDQYJKoZIhvcNAQELBQADggEBABsmezkzZLO5Nzrm
tGCM39VmXFPX9Z2KjJNLl29FAnmYD/pYpbr8jzqWMgk88akGekL6b/lOFw36QZ/h
cfiIb7fEbanhY8M9eUv89CAfpm3sVHVjGuQqnIYXOtZbX9ENBABMV59XrnP8dGiu
SE5yEbB5NhYLy0V1VAmO0AW1DlIeDNLIb5GB1VjPQg7o4iq6TCQ385AxhafiKYDF
YCtNukgZjJBUIWGTB9QBLfhIG4uAGgETUkHYZupCNbc2yZ2/xZjtM6kR0/2+Diam
aGhASfL9WlqjfYdBsCNHgNOXa4Gq0AFdMMIiE4k0XUM7L0Zu5J98hNpeKWcIUBAQ
HO57WH4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:42:06 2024 by rpki-client on console-fra.rpki-client.org