Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jTmYzQ9cNjXldeMTYNpyUS3USDM.roa
File: jTmYzQ9cNjXldeMTYNpyUS3USDM.roa (raw, json)
Hash identifier: k4FAbMOK57vwnqeHf44P3VWa2YCdK3a+4qU8QWvETy8=
Subject key identifier: 8D:39:98:CD:0F:5C:36:35:E5:75:E3:13:60:DA:72:51:2D:D4:48:33
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAEBBD0AF1722D6C318140CDDEB720
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jTmYzQ9cNjXldeMTYNpyUS3USDM.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3163
IP address blocks: 81.88.21.0/24 maxlen: 24
178.250.169.0/24 maxlen: 24
93.90.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:bd:0a:f1:72:2d:6c:31:81:40:cd:de:b7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d3998cd0f5c3635e575e31360da72512dd44833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:26:c9:94:01:60:d2:e1:87:5d:bf:b5:e9:
be:b6:a8:e3:83:f4:2e:32:d9:4e:b7:78:41:16:f7:
3e:53:5d:0b:0f:20:2c:2b:69:be:c9:f6:42:4d:d3:
cb:2f:51:05:b1:c9:6f:d1:84:46:76:21:a9:db:87:
df:2d:a5:4a:83:81:41:03:ce:74:54:52:55:c1:72:
7e:e2:e9:a3:3b:b3:bb:34:5a:ad:71:b0:12:76:24:
ec:7e:15:e9:41:0d:c4:9b:aa:cf:ae:07:41:a3:85:
4d:48:29:71:0e:e1:b5:46:99:18:ae:ae:f9:19:6f:
2c:09:97:be:e8:c0:88:c7:c8:92:16:07:8a:ca:53:
e8:b5:a7:46:71:86:61:f3:0d:82:ec:2a:06:7f:18:
4c:77:1e:4f:6c:6a:35:76:c9:9e:f7:4f:1d:8c:25:
e1:a6:ed:bb:72:fd:fd:7d:9a:3f:cb:50:9c:12:9d:
e1:04:10:d4:3e:ad:83:6d:1c:5e:b2:e9:0a:74:ae:
df:04:98:6b:a9:02:97:84:ac:de:36:74:30:30:0a:
5d:88:6a:8e:fa:88:fd:cb:3f:59:a1:fb:cb:69:75:
82:11:a2:df:82:c0:f0:16:cf:34:c8:8f:dd:96:f9:
a7:d1:43:29:e4:c5:96:f7:26:68:72:26:90:09:3b:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:39:98:CD:0F:5C:36:35:E5:75:E3:13:60:DA:72:51:2D:D4:48:33
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jTmYzQ9cNjXldeMTYNpyUS3USDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.21.0/24
93.90.183.0/24
178.250.169.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:3e:52:e7:c8:23:63:7c:e1:8a:02:f1:4b:5b:eb:29:d6:10:
aa:3f:85:63:ee:d5:39:31:3d:61:70:36:1b:81:26:8e:d0:3d:
01:46:9a:b2:ef:88:7f:2d:5e:b1:44:13:f3:f5:f3:25:aa:dd:
c6:73:82:8a:12:ac:38:4c:e2:c2:c6:4c:11:fc:1e:d0:52:33:
6f:1c:ce:7d:c0:2d:ee:d7:3a:d5:0e:03:81:2a:ac:3c:f9:48:
b4:74:f9:c3:0f:f7:bc:2e:2d:2b:b4:14:9c:a4:d4:2b:cc:8f:
c4:d2:87:7e:2e:29:26:98:05:0d:96:41:0b:1e:b4:3a:9f:8e:
cb:cc:9c:3f:a5:1f:aa:3c:f1:d9:58:9a:61:e8:d1:a5:35:bf:
d1:70:f9:16:cf:2c:19:ad:f2:67:80:7d:a4:30:8e:16:fe:9d:
c6:f9:00:f4:3b:82:41:2d:18:d4:23:18:0a:33:50:4e:e7:d6:
d2:dc:97:63:b0:e8:25:54:b7:3c:a2:d1:f2:21:20:6f:7e:08:
e6:cb:29:ac:8c:e4:00:04:5e:dc:d4:d2:b2:5d:f3:b5:00:67:
c2:77:c0:40:dc:2a:b2:04:ad:fb:36:10:e5:54:1a:8f:58:94:
0e:5a:c0:88:be:0f:27:3c:54:ed:41:ec:6f:d9:ac:42:46:fc:
4b:16:c2:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2uu9CvFyLWwxgUDN3rcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM5OThjZDBmNWMzNjM1ZTU3NWUzMTM2MGRhNzI1MTJkZDQ0ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqwmyZQBYNLhh12/tem+tqjjg/Qu
MtlOt3hBFvc+U10LDyAsK2m+yfZCTdPLL1EFsclv0YRGdiGp24ffLaVKg4FBA850
VFJVwXJ+4umjO7O7NFqtcbASdiTsfhXpQQ3Em6rPrgdBo4VNSClxDuG1RpkYrq75
GW8sCZe+6MCIx8iSFgeKylPotadGcYZh8w2C7CoGfxhMdx5PbGo1dsme908djCXh
pu27cv39fZo/y1CcEp3hBBDUPq2DbRxesukKdK7fBJhrqQKXhKzeNnQwMApdiGqO
+oj9yz9ZofvLaXWCEaLfgsDwFs80yI/dlvmn0UMp5MWW9yZociaQCTsrdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI05mM0PXDY15XXjE2DaclEt1EgzMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvalRtWXpROWNOalhsZGVNVFlOcHlVUzNVU0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUVgVAwQA
XVq3AwQAsvqpMA0GCSqGSIb3DQEBCwUAA4IBAQAtPlLnyCNjfOGKAvFLW+sp1hCq
P4Vj7tU5MT1hcDYbgSaO0D0BRpqy74h/LV6xRBPz9fMlqt3Gc4KKEqw4TOLCxkwR
/B7QUjNvHM59wC3u1zrVDgOBKqw8+Ui0dPnDD/e8Li0rtBScpNQrzI/E0od+Likm
mAUNlkELHrQ6n47LzJw/pR+qPPHZWJph6NGlNb/RcPkWzywZrfJngH2kMI4W/p3G
+QD0O4JBLRjUIxgKM1BO59bS3JdjsOglVLc8otHyISBvfgjmyymsjOQABF7c1NKy
XfO1AGfCd8BA3CqyBK37NhDlVBqPWJQOWsCIvg8nPFTtQexv2axCRvxLFsJ2
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:47 2024 by rpki-client on console-ams.rpki-client.org