Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/jjPh3XiWlMhjcSc3_nU4f0cc2w8.roa
File: jjPh3XiWlMhjcSc3_nU4f0cc2w8.roa (raw, json)
Hash identifier: 6ZPYbZ2+eTngd/Wv0JZHVIDm1R1A58Wb/PyU8UK6zcM=
Subject key identifier: 8E:33:E1:DD:78:96:94:C8:63:71:27:37:FE:75:38:7F:47:1C:DB:0F
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 018CC86F23B7BBAB0F2275EEA66C892D0E53
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/jjPh3XiWlMhjcSc3_nU4f0cc2w8.roa
Signing time: Tue 02 Jan 2024 04:29:36 +0000
ROA not before: Tue 02 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41095
IP address blocks: 176.56.160.0/19 maxlen: 24
91.194.116.0/23 maxlen: 24
185.65.172.0/22 maxlen: 24
193.33.70.0/23 maxlen: 24
195.189.120.0/22 maxlen: 24
87.239.184.0/21 maxlen: 24
2a03:9d40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:23:b7:bb:ab:0f:22:75:ee:a6:6c:89:2d:0e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 2 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e33e1dd789694c863712737fe75387f471cdb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ea:d2:ea:23:32:13:91:bf:cb:d5:21:fa:73:
87:d4:b4:3b:9f:80:4a:4c:3a:d4:c0:99:5f:a2:a0:
51:c4:e7:a4:29:16:9e:d1:c6:6d:fa:a0:b6:8e:66:
1d:e0:b5:7a:ec:5c:a6:a9:f0:e5:3d:ad:1b:e4:97:
cf:a7:7e:30:9f:f1:b1:0a:98:b4:f6:7d:2f:03:91:
51:67:62:60:c1:42:50:75:c4:2b:0e:69:8f:a3:d8:
0e:ed:f1:50:f4:8a:1e:60:24:45:85:92:32:91:18:
ce:6c:2b:e9:bc:bf:c2:b2:75:0f:b5:3a:6c:25:33:
90:10:ac:cc:d4:c1:e4:d3:0b:25:d7:86:82:00:a1:
40:92:a6:fd:cd:a1:4a:32:0a:fe:14:64:47:96:28:
14:17:c1:34:fc:02:2a:69:75:7c:84:61:5e:db:5a:
30:da:dc:fc:c5:b3:73:dc:e8:1a:37:52:a2:81:13:
85:02:5f:1d:56:48:fa:6f:c8:fd:e2:1b:e6:a5:2c:
30:36:44:6b:a7:25:e9:ae:01:b0:6a:dd:d5:1f:7d:
e7:21:bf:51:5f:f8:4a:f4:4d:44:cc:5b:7a:84:3a:
f5:f2:8b:7b:ea:17:ad:3b:b5:e0:ed:2a:37:ca:bb:
af:07:be:8c:7b:04:a1:a0:ef:85:e1:0b:ac:f3:b6:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:33:E1:DD:78:96:94:C8:63:71:27:37:FE:75:38:7F:47:1C:DB:0F
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/jjPh3XiWlMhjcSc3_nU4f0cc2w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.184.0/21
91.194.116.0/23
176.56.160.0/19
185.65.172.0/22
193.33.70.0/23
195.189.120.0/22
IPv6:
2a03:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
7a:50:18:6b:91:a3:aa:ac:99:90:b7:76:9e:06:47:35:f9:39:
a0:b1:86:3a:f1:c8:16:b6:c3:14:08:66:bf:52:c5:d5:b7:4a:
05:e4:d7:84:95:ea:49:c1:65:9c:ec:4f:30:1e:b1:2b:56:f3:
e1:41:62:78:bc:a1:e5:2b:aa:7e:c6:72:8c:76:b7:f7:cb:8a:
16:71:b1:01:f6:d5:49:b3:45:86:d4:63:61:ca:5f:0a:d2:27:
fe:3b:61:1d:5f:01:71:1a:1f:29:03:f8:e1:97:2c:1e:dc:d3:
fd:bf:12:0d:17:a0:a8:4a:3c:aa:66:14:69:d2:e3:4e:e7:46:
fb:0d:52:c5:bb:0c:de:1c:45:13:38:09:85:33:8a:c4:3f:a5:
17:b9:14:6a:5d:9b:34:98:8f:a8:9c:9c:8b:56:25:ca:8e:6f:
8f:59:22:79:b7:a4:cb:5d:ad:6a:fe:a0:29:6f:4c:cf:27:b7:
e3:c6:f4:c7:74:0d:f4:0e:6d:ee:e2:1d:b0:72:21:4c:6f:fd:
8e:99:56:79:08:c2:1d:88:16:97:8f:5f:01:83:f9:93:aa:8c:
57:4f:46:41:34:7c:50:10:a4:7e:bf:3f:01:43:e2:ad:7d:e5:
cb:f1:cd:6c:be:bc:03:4e:88:cb:9a:69:e5:d1:b5:3f:b8:fe:
85:22:85:dd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIbyO3u6sPInXupmyJLQ5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk
ZTg5OTcwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTMzZTFkZDc4OTY5NGM4NjM3MTI3MzdmZTc1Mzg3ZjQ3MWNkYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+rS6iMyE5G/y9Uh+nOH1LQ7n4BK
TDrUwJlfoqBRxOekKRae0cZt+qC2jmYd4LV67FymqfDlPa0b5JfPp34wn/GxCpi0
9n0vA5FRZ2JgwUJQdcQrDmmPo9gO7fFQ9IoeYCRFhZIykRjObCvpvL/CsnUPtTps
JTOQEKzM1MHk0wsl14aCAKFAkqb9zaFKMgr+FGRHligUF8E0/AIqaXV8hGFe21ow
2tz8xbNz3OgaN1KigROFAl8dVkj6b8j94hvmpSwwNkRrpyXprgGwat3VH33nIb9R
X/hK9E1EzFt6hDr18ot76hetO7Xg7So3yruvB76MewShoO+F4Qus87acJwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI4z4d14lpTIY3EnN/51OH9HHNsPMB8GA1UdIwQY
MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt
ZTQ2ZDhkMTZhMTVmLzEvampQaDNYaVdsTWhqY1NjM19uVTRmMGNjMnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm
LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV++4AwQB
W8J0AwQFsDigAwQCuUGsAwQBwSFGAwQCw714MA0EAgACMAcDBQAqA51AMA0GCSqG
SIb3DQEBCwUAA4IBAQB6UBhrkaOqrJmQt3aeBkc1+TmgsYY68cgWtsMUCGa/UsXV
t0oF5NeElepJwWWc7E8wHrErVvPhQWJ4vKHlK6p+xnKMdrf3y4oWcbEB9tVJs0WG
1GNhyl8K0if+O2EdXwFxGh8pA/jhlywe3NP9vxINF6CoSjyqZhRp0uNO50b7DVLF
uwzeHEUTOAmFM4rEP6UXuRRqXZs0mI+onJyLViXKjm+PWSJ5t6TLXa1q/qApb0zP
J7fjxvTHdA30Dm3u4h2wciFMb/2OmVZ5CMIdiBaXj18Bg/mTqoxXT0ZBNHxQEKR+
vz8BQ+KtfeXL8c1svrwDTojLmmnl0bU/uP6FIoXd
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:26 2024 by rpki-client on console-ams.rpki-client.org