Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/Jwk7yf_TUzOY6VErT_udu8rj1Rw.roa
File: Jwk7yf_TUzOY6VErT_udu8rj1Rw.roa (raw, json)
Hash identifier: u0sA7an11jqZVZDpteZnutpJ4hs3wq/3fqu762cxZD0=
Subject key identifier: 27:09:3B:C9:FF:D3:53:33:98:E9:51:2B:4F:FB:9D:BB:CA:E3:D5:1C
Certificate issuer: /CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Certificate serial: 018CC6B7D2E9871E2A40D5D70BFC3698915F
Authority key identifier: 13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/Jwk7yf_TUzOY6VErT_udu8rj1Rw.roa
Signing time: Mon 01 Jan 2024 20:29:45 +0000
ROA not before: Mon 01 Jan 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202140
IP address blocks: 91.236.153.0/24 maxlen: 24
185.51.218.0/24 maxlen: 24
185.51.216.0/24 maxlen: 24
185.51.219.0/24 maxlen: 24
185.51.216.0/22 maxlen: 22
185.51.217.0/24 maxlen: 24
2a00:6760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 07:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d2:e9:87:1e:2a:40:d5:d7:0b:fc:36:98:91:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Validity
Not Before: Jan 1 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27093bc9ffd3533398e9512b4ffb9dbbcae3d51c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:a4:52:41:fb:14:3c:3a:59:d0:d0:80:20:
cc:e8:8c:ef:e8:99:d1:d3:81:25:d9:0f:4a:e4:85:
f9:72:69:5e:09:29:5b:42:93:81:f6:ee:43:7e:83:
77:e5:fa:4c:ba:de:5f:00:f7:73:df:e5:a7:ff:59:
62:0a:90:a4:f2:07:08:a9:e9:7c:d0:fc:e2:cf:f4:
b3:9c:19:21:e6:8f:47:ee:4e:70:37:05:aa:f8:bc:
66:e6:70:1e:d0:6c:d5:fc:8e:79:d6:d3:bb:f4:b3:
b7:e7:3d:22:34:ff:ea:86:8b:71:c3:aa:4a:87:1c:
be:cd:87:24:e8:53:42:b4:44:89:b0:2e:8f:61:7e:
28:e6:bc:b6:c6:9b:ef:2c:12:fb:3b:ed:c5:2a:f2:
dd:ed:37:7e:48:0c:c5:de:17:a6:a7:6d:68:8c:c8:
1d:db:a5:b3:b6:f4:f2:fc:79:2d:9b:6d:88:c3:17:
73:5f:1b:ef:6e:c6:7a:f4:7e:bc:be:e3:82:c7:47:
d8:44:81:ab:ab:b0:a0:99:38:50:82:5b:d7:52:ce:
83:44:5b:a2:01:8b:98:35:44:d6:56:86:24:73:ae:
5f:90:11:08:2c:db:9e:81:c4:7e:57:64:d2:d8:53:
53:f5:2a:32:d0:18:a4:98:02:98:5a:c5:c3:a3:29:
ab:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:09:3B:C9:FF:D3:53:33:98:E9:51:2B:4F:FB:9D:BB:CA:E3:D5:1C
X509v3 Authority Key Identifier:
keyid:13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/Jwk7yf_TUzOY6VErT_udu8rj1Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.153.0/24
185.51.216.0/22
IPv6:
2a00:6760::/32
Signature Algorithm: sha256WithRSAEncryption
57:7b:10:8a:78:28:36:48:ef:ae:74:5e:31:04:a0:47:8a:11:
39:a7:cf:2d:69:66:2b:33:2e:f8:7b:c1:17:a6:16:f3:c1:28:
9d:d9:13:de:9a:c2:40:65:95:06:88:6b:bc:57:79:21:89:a7:
dd:d3:71:eb:5e:7d:a9:6c:fa:2a:cb:35:1e:70:7f:ae:31:ad:
eb:e2:75:42:d6:32:6d:f6:ed:d3:0c:b7:aa:09:bb:ea:09:3f:
ba:0d:a7:cb:72:ed:d6:3a:c9:d4:76:fa:04:f7:67:54:d4:37:
91:ac:06:0a:1e:b7:de:e8:58:9b:43:09:9c:09:7c:09:ef:ad:
70:91:7c:a2:47:9a:13:1a:39:3d:c0:a4:5f:21:eb:31:91:a1:
bb:60:f9:73:8c:27:ed:85:56:ad:8b:cf:c4:82:70:25:e8:bd:
43:b6:82:07:bc:5b:c0:72:d4:86:be:67:95:e2:f9:90:43:84:
37:a9:f8:ff:77:22:4d:ee:7c:e3:7a:3d:96:9d:c9:a5:77:f0:
13:3a:a3:8c:72:56:91:0d:be:da:03:09:13:0d:41:92:3c:35:
06:d2:13:08:c9:80:74:87:13:ce:74:59:56:3f:bd:87:63:5a:
f8:d9:f7:37:e4:93:41:fa:a3:fc:e8:fc:50:81:e0:a8:e6:54:
4c:33:70:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt9Lphx4qQNXXC/w2mJFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjBkNTcyODRiZjEyN2MyODE0MGUwNGIyNmE4ZjNlOGJk
ZWYxNzkwHhcNMjQwMTAxMjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA5M2JjOWZmZDM1MzMzOThlOTUxMmI0ZmZiOWRiYmNhZTNkNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIGkUkH7FDw6WdDQgCDM6Izv6JnR
04El2Q9K5IX5cmleCSlbQpOB9u5DfoN35fpMut5fAPdz3+Wn/1liCpCk8gcIqel8
0Pziz/SznBkh5o9H7k5wNwWq+Lxm5nAe0GzV/I551tO79LO35z0iNP/qhotxw6pK
hxy+zYck6FNCtESJsC6PYX4o5ry2xpvvLBL7O+3FKvLd7Td+SAzF3hemp21ojMgd
26WztvTy/Hktm22IwxdzXxvvbsZ69H68vuOCx0fYRIGrq7CgmThQglvXUs6DRFui
AYuYNUTWVoYkc65fkBEILNuegcR+V2TS2FNT9Soy0BikmAKYWsXDoymr8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCcJO8n/01MzmOlRK0/7nbvK49UcMB8GA1UdIwQY
MBaAFBNg1XKEvxJ8KBQOBLJqjz6L3vF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgt
YWNjMjg3OWY5ZjJlLzEvSndrN3lmX1RVek9ZNlZFclRfdWR1OHJqMVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgtYWNjMjg3OWY5ZjJl
LzEvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+yZAwQC
uTPYMA0EAgACMAcDBQAqAGdgMA0GCSqGSIb3DQEBCwUAA4IBAQBXexCKeCg2SO+u
dF4xBKBHihE5p88taWYrMy74e8EXphbzwSid2RPemsJAZZUGiGu8V3khiafd03Hr
Xn2pbPoqyzUecH+uMa3r4nVC1jJt9u3TDLeqCbvqCT+6DafLcu3WOsnUdvoE92dU
1DeRrAYKHrfe6FibQwmcCXwJ761wkXyiR5oTGjk9wKRfIesxkaG7YPlzjCfthVat
i8/EgnAl6L1DtoIHvFvActSGvmeV4vmQQ4Q3qfj/dyJN7nzjej2Wncmld/ATOqOM
claRDb7aAwkTDUGSPDUG0hMIyYB0hxPOdFlWP72HY1r42fc35JNB+qP86PxQgeCo
5lRMM3Au
-----END CERTIFICATE-----
Generated at Sun May 26 12:37:52 2024 by rpki-client on console-ams.rpki-client.org