Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/JCUwibuFKIr_u5CBfNqhZ56CgTk.roa
File: JCUwibuFKIr_u5CBfNqhZ56CgTk.roa (raw, json)
Hash identifier: VJ/GhrdsMGqkwkObxfySxch7qO+77No4jGKQK4ytlIs=
Subject key identifier: 24:25:30:89:BB:85:28:8A:FF:BB:90:81:7C:DA:A1:67:9E:82:81:39
Certificate issuer: /CN=9d69b6b2a0a72818d1fa9a46ef2ad7812b95bcc0
Certificate serial: 0193556BD341E81B935C5BD35D94AC9CB44B
Authority key identifier: 9D:69:B6:B2:A0:A7:28:18:D1:FA:9A:46:EF:2A:D7:81:2B:95:BC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/JCUwibuFKIr_u5CBfNqhZ56CgTk.roa
Signing time: Fri 22 Nov 2024 19:49:09 +0000
ROA not before: Fri 22 Nov 2024 19:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48847
IP address blocks: 185.176.208.0/22 maxlen: 22
185.176.208.0/24 maxlen: 24
185.176.209.0/24 maxlen: 24
185.176.210.0/24 maxlen: 24
185.176.210.48/29 maxlen: 29
185.176.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:6b:d3:41:e8:1b:93:5c:5b:d3:5d:94:ac:9c:b4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d69b6b2a0a72818d1fa9a46ef2ad7812b95bcc0
Validity
Not Before: Nov 22 19:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24253089bb85288affbb90817cdaa1679e828139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:5f:ba:f2:5a:1b:93:a1:47:3a:5e:a6:ba:
a6:5b:89:a3:ce:fa:e7:0c:57:91:98:46:98:9c:26:
0d:c0:26:a6:87:d1:9b:53:e5:d4:1e:1d:ef:c8:1a:
f2:c3:1a:5a:b6:a1:64:41:c5:d0:2d:72:47:f0:bd:
1d:7e:49:bf:06:c6:58:13:9c:9e:b6:0a:c8:ec:48:
e2:b3:e0:b9:ab:25:9b:61:15:b6:e0:fc:29:04:93:
26:e2:b2:76:dc:58:70:01:ae:b3:bc:a7:b4:96:09:
1f:5b:33:00:c5:06:37:56:4f:83:65:15:62:ac:df:
18:8d:46:a5:db:85:14:f7:6a:a7:ee:a1:ba:ca:30:
d2:68:0b:06:f5:68:57:42:93:e7:35:ab:55:34:51:
65:99:34:38:0f:86:23:e9:6e:ee:2e:6d:a8:03:38:
16:50:fc:7a:af:04:0d:88:e9:c8:ef:01:40:38:33:
97:c0:ca:68:f7:25:17:1f:98:71:b0:25:f2:5b:67:
46:bc:3a:c6:15:cc:4e:53:dd:ef:10:a4:b9:2c:cf:
c8:0f:99:a4:c2:2b:68:82:fe:c8:99:a0:fe:bb:7a:
62:24:b6:00:dc:80:a2:b8:21:05:18:02:ea:49:ec:
66:4a:07:b8:e7:2f:6a:af:8f:9d:2e:d9:f9:ab:d6:
d6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:25:30:89:BB:85:28:8A:FF:BB:90:81:7C:DA:A1:67:9E:82:81:39
X509v3 Authority Key Identifier:
keyid:9D:69:B6:B2:A0:A7:28:18:D1:FA:9A:46:EF:2A:D7:81:2B:95:BC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/JCUwibuFKIr_u5CBfNqhZ56CgTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.208.0/22
Signature Algorithm: sha256WithRSAEncryption
56:fa:14:e2:bd:dc:99:09:27:3c:73:4c:a3:41:67:54:28:b0:
a2:e2:3b:2e:65:73:8e:fc:8c:e6:c9:b3:36:fc:53:7a:a5:c8:
4d:eb:ff:8c:92:49:e2:e6:fa:4e:a8:26:fc:ac:a0:d9:cc:ea:
7d:7c:fb:24:75:13:55:de:4f:13:de:86:e8:fc:c7:73:b5:38:
aa:a2:37:75:9e:9e:cb:80:65:45:e4:ca:c3:4b:78:fe:49:5d:
20:94:5e:17:19:5a:45:76:3e:31:e2:71:3d:e1:ff:c9:75:a7:
e5:10:ae:7c:ef:9a:b5:f3:d5:f9:3b:8c:d9:23:65:04:a9:86:
96:a1:6e:9d:a5:b5:29:05:1f:d2:e8:0a:84:50:c5:bb:0a:13:
71:b8:a9:4b:13:6b:2c:53:d9:95:9b:e1:07:02:8b:c3:da:c2:
f8:1a:fd:97:1e:6e:06:63:39:3a:c7:75:af:09:c9:be:4b:f5:
e4:8e:20:47:ee:3f:8f:5b:e9:f8:ab:03:dc:04:75:59:2a:1b:
20:82:31:65:d1:14:79:71:ba:17:dc:d0:b4:08:51:6b:d1:9c:
85:83:ab:c0:0d:3b:42:e7:58:8b:3e:2e:9a:0c:d3:d8:0b:8c:
f3:72:64:c3:4c:14:cb:34:3e:7c:8d:64:23:b1:1f:6a:f9:61:
73:8a:f7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNVa9NB6BuTXFvTXZSsnLRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNjliNmIyYTBhNzI4MThkMWZhOWE0NmVmMmFkNzgxMmI5
NWJjYzAwHhcNMjQxMTIyMTk0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDI1MzA4OWJiODUyODhhZmZiYjkwODE3Y2RhYTE2NzllODI4MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKpfuvJaG5OhRzpeprqmW4mjzvrn
DFeRmEaYnCYNwCamh9GbU+XUHh3vyBrywxpatqFkQcXQLXJH8L0dfkm/BsZYE5ye
tgrI7Ejis+C5qyWbYRW24PwpBJMm4rJ23FhwAa6zvKe0lgkfWzMAxQY3Vk+DZRVi
rN8YjUal24UU92qn7qG6yjDSaAsG9WhXQpPnNatVNFFlmTQ4D4Yj6W7uLm2oAzgW
UPx6rwQNiOnI7wFAODOXwMpo9yUXH5hxsCXyW2dGvDrGFcxOU93vEKS5LM/ID5mk
witogv7ImaD+u3piJLYA3ICiuCEFGALqSexmSge45y9qr4+dLtn5q9bWdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQlMIm7hSiK/7uQgXzaoWeegoE5MB8GA1UdIwQY
MBaAFJ1ptrKgpygY0fqaRu8q14ErlbzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbldtMnNxQ25LQmpSLXBwRzd5clhnU3VWdk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82MzNhZjItNWI0ZS00YTRjLWIxMzkt
Mzk2MDc4MjFhMDlhLzEvSkNVd2lidUZLSXJfdTVDQmZOcWhaNTZDZ1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82MzNhZjItNWI0ZS00YTRjLWIxMzktMzk2MDc4MjFhMDlh
LzEvbldtMnNxQ25LQmpSLXBwRzd5clhnU3VWdk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBW+hTivdyZCSc8c0yjQWdUKLCi4jsuZXOO/IzmybM2
/FN6pchN6/+Mkkni5vpOqCb8rKDZzOp9fPskdRNV3k8T3obo/MdztTiqojd1np7L
gGVF5MrDS3j+SV0glF4XGVpFdj4x4nE94f/JdaflEK5875q189X5O4zZI2UEqYaW
oW6dpbUpBR/S6AqEUMW7ChNxuKlLE2ssU9mVm+EHAovD2sL4Gv2XHm4GYzk6x3Wv
Ccm+S/XkjiBH7j+PW+n4qwPcBHVZKhsggjFl0RR5cboX3NC0CFFr0ZyFg6vADTtC
51iLPi6aDNPYC4zzcmTDTBTLND58jWQjsR9q+WFzivfa
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:27:44 2024 by rpki-client on console-fra.rpki-client.org