Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/Jp3_ooNTT3fFgozYI4ApuAqfItE.roa
File: Jp3_ooNTT3fFgozYI4ApuAqfItE.roa (raw, json)
Hash identifier: VIV8LJOu9ZlndFjsFiGCxvMcqZw9zofVgY3m22wtPVw=
Subject key identifier: 26:9D:FF:A2:83:53:4F:77:C5:82:8C:D8:23:80:29:B8:0A:9F:22:D1
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018CC9BCDD07E8358C14F83FC43B4A4B80B8
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/Jp3_ooNTT3fFgozYI4ApuAqfItE.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208221
IP address blocks: 185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
2a05:7400:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:dd:07:e8:35:8c:14:f8:3f:c4:3b:4a:4b:80:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=269dffa283534f77c5828cd8238029b80a9f22d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:79:f9:8c:96:8f:7e:0b:90:eb:73:94:a1:
8c:c8:b8:84:1e:1a:2e:e2:b8:5b:b7:3f:28:a7:3e:
e2:76:52:ae:bb:8c:e7:f2:f3:22:a6:41:84:54:08:
3a:c4:0f:bd:f4:8e:8a:80:ba:31:9a:58:7d:5c:21:
05:01:e8:0e:63:b8:9a:1a:6b:fd:96:fa:3c:21:f7:
f6:6b:5a:2b:96:b2:3f:dd:cf:4d:9d:a1:cf:15:c4:
48:a0:fd:b6:83:85:39:6d:4c:f1:b4:75:b7:c3:30:
c2:38:ea:71:a1:c5:82:be:47:89:77:71:ec:d8:30:
23:9f:a3:ac:aa:ff:b5:5e:4b:ae:9b:a1:1d:bd:b5:
33:31:87:0e:7f:d2:67:6a:3f:8f:27:e1:a5:4b:02:
8e:70:58:c2:04:85:14:41:2b:12:5a:ac:6a:e0:79:
40:fe:e9:89:f3:2b:f4:76:00:7f:cb:d7:8c:f8:4f:
41:90:e6:35:9a:a9:4e:06:67:8b:6f:60:7d:12:6c:
97:25:84:b3:d2:c8:8d:af:c6:80:6e:4f:8d:da:69:
59:60:09:a0:71:7d:56:92:bc:5c:8c:0e:c6:f7:54:
f2:20:39:d8:a4:11:6a:af:e4:66:83:73:9f:56:31:
ae:57:26:b0:36:60:3d:ac:7e:28:07:8f:5f:b9:22:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9D:FF:A2:83:53:4F:77:C5:82:8C:D8:23:80:29:B8:0A:9F:22:D1
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/Jp3_ooNTT3fFgozYI4ApuAqfItE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.172.0/23
IPv6:
2a05:7400:8000::/34
Signature Algorithm: sha256WithRSAEncryption
bc:37:27:e1:38:ad:c9:42:e6:38:41:20:15:9b:6c:6b:02:0c:
64:54:c5:a0:32:4a:d3:d6:6c:8a:2c:58:88:cf:44:d8:3c:bc:
d9:cb:60:e7:ba:fa:72:43:af:e2:36:43:e6:26:3e:00:8c:59:
dd:74:ff:c5:12:69:3b:a6:a2:d1:6d:68:ac:29:42:dc:c2:9e:
c4:ec:1d:50:c6:4e:7d:48:54:8e:6e:24:26:02:3c:70:84:df:
dd:9e:cf:86:d2:91:60:3e:58:5e:45:3f:ef:0b:d2:18:2f:87:
2e:33:af:ba:79:3b:62:a0:5d:d3:b5:18:19:fb:6d:75:f6:e1:
21:36:92:c1:c8:fd:9f:4a:2f:3c:9c:ea:57:e0:2c:38:92:cf:
b1:e4:b8:66:08:dd:8e:3e:16:4b:2e:f1:31:87:7b:dc:be:e2:
3b:e0:65:61:44:93:cc:81:60:20:d1:14:a7:b4:d6:0f:49:1f:
71:4e:b6:8e:9b:b1:e7:54:ce:a1:ae:c4:fe:6f:18:38:0f:96:
f3:34:3e:df:ec:9d:44:ad:ac:b3:03:1e:4a:4d:de:24:2c:91:
3a:1f:e1:06:11:49:ea:c8:74:c0:79:58:84:17:fb:78:08:50:
e4:73:ad:49:4a:c1:39:c0:c8:1a:8d:43:2f:96:2a:4b:de:02:
20:0d:ec:e1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvN0H6DWMFPg/xDtKS4C4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjlkZmZhMjgzNTM0Zjc3YzU4MjhjZDgyMzgwMjliODBhOWYyMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSF5+YyWj34LkOtzlKGMyLiEHhou
4rhbtz8opz7idlKuu4zn8vMipkGEVAg6xA+99I6KgLoxmlh9XCEFAegOY7iaGmv9
lvo8Iff2a1orlrI/3c9NnaHPFcRIoP22g4U5bUzxtHW3wzDCOOpxocWCvkeJd3Hs
2DAjn6Osqv+1Xkuum6EdvbUzMYcOf9Jnaj+PJ+GlSwKOcFjCBIUUQSsSWqxq4HlA
/umJ8yv0dgB/y9eM+E9BkOY1mqlOBmeLb2B9EmyXJYSz0siNr8aAbk+N2mlZYAmg
cX1WkrxcjA7G91TyIDnYpBFqr+Rmg3OfVjGuVyawNmA9rH4oB49fuSIx6QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCad/6KDU093xYKM2COAKbgKnyLRMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvSnAzX29vTlRUM2ZGZ296WUk0QXB1QXFmSXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVSsMA4E
AgACMAgDBgYqBXQAgDANBgkqhkiG9w0BAQsFAAOCAQEAvDcn4TityULmOEEgFZts
awIMZFTFoDJK09ZsiixYiM9E2Dy82ctg57r6ckOv4jZD5iY+AIxZ3XT/xRJpO6ai
0W1orClC3MKexOwdUMZOfUhUjm4kJgI8cITf3Z7PhtKRYD5YXkU/7wvSGC+HLjOv
unk7YqBd07UYGfttdfbhITaSwcj9n0ovPJzqV+AsOJLPseS4Zgjdjj4WSy7xMYd7
3L7iO+BlYUSTzIFgINEUp7TWD0kfcU62jpux51TOoa7E/m8YOA+W8zQ+3+ydRK2s
swMeSk3eJCyROh/hBhFJ6sh0wHlYhBf7eAhQ5HOtSUrBOcDIGo1DL5YqS94CIA3s
4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:53:33 2024 by rpki-client on console-fra.rpki-client.org