Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/jjbkFgxddA7EZggn92DHiRq9Ats.roa
File: jjbkFgxddA7EZggn92DHiRq9Ats.roa (raw, json)
Hash identifier: C4SZeY5jHLqEwzFyu6RIM9+wkRolsK2L53zoQfW1zcg=
Subject key identifier: 8E:36:E4:16:0C:5D:74:0E:C4:66:08:27:F7:60:C7:89:1A:BD:02:DB
Certificate issuer: /CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Certificate serial: 018CCA29715EEF1535676739EA4E2C030966
Authority key identifier: B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/jjbkFgxddA7EZggn92DHiRq9Ats.roa
Signing time: Tue 02 Jan 2024 12:32:42 +0000
ROA not before: Tue 02 Jan 2024 12:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42477
IP address blocks: 81.25.16.0/21 maxlen: 21
109.234.40.0/21 maxlen: 21
2a00:1800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:71:5e:ef:15:35:67:67:39:ea:4e:2c:03:09:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Validity
Not Before: Jan 2 12:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e36e4160c5d740ec4660827f760c7891abd02db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:b9:6a:24:83:03:5c:18:02:b9:dc:d4:e5:
ac:ec:56:43:92:a0:49:15:ab:e1:79:5e:5e:c6:85:
d7:da:cd:09:3e:30:e3:b1:ab:c9:b0:cc:29:cf:d0:
b2:78:9d:a0:83:d9:94:7c:08:88:1c:3f:97:fe:2c:
00:6d:3a:06:91:26:3c:99:1e:68:60:b6:e9:fb:db:
ef:24:a5:52:83:35:4e:df:74:c4:35:71:c1:ea:57:
3a:13:1d:31:d3:5f:cd:34:ad:de:3c:b2:9f:b7:95:
9d:df:a8:19:64:5b:f1:6a:74:dd:1c:1b:15:eb:f8:
0b:1b:d0:c6:5d:42:36:63:7e:a8:2e:ac:48:f3:46:
5c:c5:fe:fe:71:c2:3b:54:d4:27:99:ce:77:6b:85:
1f:eb:5f:ee:b1:48:8d:74:8a:a5:e8:fb:f8:60:d2:
c4:d5:56:06:79:64:84:de:cd:74:63:39:05:fd:d8:
fb:f5:02:f9:55:7b:30:fa:1a:d5:ad:8a:9c:84:a2:
15:84:d9:32:1e:7b:79:d2:ca:5b:ea:9b:b1:d9:f3:
d3:78:72:6b:44:12:05:8f:55:3e:19:89:cc:c8:f8:
19:fe:e5:68:76:af:3e:17:7e:71:8c:42:d2:de:dc:
b9:58:d3:7f:93:62:57:2f:a2:ef:15:fa:59:0b:0d:
e0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:E4:16:0C:5D:74:0E:C4:66:08:27:F7:60:C7:89:1A:BD:02:DB
X509v3 Authority Key Identifier:
keyid:B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/jjbkFgxddA7EZggn92DHiRq9Ats.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.16.0/21
109.234.40.0/21
IPv6:
2a00:1800::/32
Signature Algorithm: sha256WithRSAEncryption
1e:49:2f:d5:f8:d2:55:72:00:a5:70:8a:56:4f:4d:16:7f:e5:
88:c0:19:62:d0:e3:36:61:99:74:3c:7c:f9:d9:9d:81:0c:3a:
37:3c:ef:dc:3c:5a:e9:bf:0e:26:78:57:8b:3a:df:b6:b6:f3:
71:76:be:1f:56:05:be:7f:b3:43:e8:7f:bf:bd:c9:4b:e9:ce:
ac:4d:65:6d:fb:65:4b:68:92:3e:95:47:ab:95:b4:e8:68:ce:
ba:52:59:a9:3d:70:d4:c5:8d:f5:a4:0b:77:14:35:61:dc:d2:
f6:00:2b:83:8a:ba:d8:5b:1b:f7:a6:14:21:a0:bc:3c:e7:74:
0e:88:f2:58:69:c4:6c:83:9a:3f:f6:6a:6c:ae:9d:97:ba:31:
a0:61:5f:1f:05:5a:3e:4c:78:ec:c3:9e:5b:de:a2:30:cb:57:
49:5e:1a:34:ff:55:e3:de:55:f9:1a:6e:37:63:b5:1d:cd:cf:
b7:8e:e0:8d:6d:cc:8e:16:40:fc:f2:32:77:c5:ea:28:0c:58:
d0:70:e2:9b:3e:42:cd:bf:cd:74:5a:dd:55:1b:20:05:1b:d5:
9f:4a:86:16:ca:a8:c3:23:da:a7:41:91:b2:3b:1a:df:8b:ac:
da:d6:57:d0:5e:78:43:0b:56:09:8c:d5:51:63:80:35:d2:1e:
58:98:a1:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKXFe7xU1Z2c56k4sAwlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTQzOTIwOTU2ODAyYThlYjRiNDYyN2EyZmY0ZjM5ODdl
YzFhM2QwHhcNMjQwMTAyMTIzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2ZTQxNjBjNWQ3NDBlYzQ2NjA4MjdmNzYwYzc4OTFhYmQwMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4q5aiSDA1wYArnc1OWs7FZDkqBJ
FavheV5exoXX2s0JPjDjsavJsMwpz9CyeJ2gg9mUfAiIHD+X/iwAbToGkSY8mR5o
YLbp+9vvJKVSgzVO33TENXHB6lc6Ex0x01/NNK3ePLKft5Wd36gZZFvxanTdHBsV
6/gLG9DGXUI2Y36oLqxI80Zcxf7+ccI7VNQnmc53a4Uf61/usUiNdIql6Pv4YNLE
1VYGeWSE3s10YzkF/dj79QL5VXsw+hrVrYqchKIVhNkyHnt50spb6pux2fPTeHJr
RBIFj1U+GYnMyPgZ/uVodq8+F35xjELS3ty5WNN/k2JXL6LvFfpZCw3gyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI425BYMXXQOxGYIJ/dgx4kavQLbMB8GA1UdIwQY
MBaAFLMUOSCVaAKo60tGJ6L/TzmH7Bo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzkt
NmVmMmI5ZDdmMTA0LzEvampia0ZneGRkQTdFWmdnbjkyREhpUnE5QXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzktNmVmMmI5ZDdmMTA0
LzEvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDURkQAwQD
beooMA0EAgACMAcDBQAqABgAMA0GCSqGSIb3DQEBCwUAA4IBAQAeSS/V+NJVcgCl
cIpWT00Wf+WIwBli0OM2YZl0PHz52Z2BDDo3PO/cPFrpvw4meFeLOt+2tvNxdr4f
VgW+f7ND6H+/vclL6c6sTWVt+2VLaJI+lUerlbToaM66UlmpPXDUxY31pAt3FDVh
3NL2ACuDirrYWxv3phQhoLw853QOiPJYacRsg5o/9mpsrp2XujGgYV8fBVo+THjs
w55b3qIwy1dJXho0/1Xj3lX5Gm43Y7Udzc+3juCNbcyOFkD88jJ3xeooDFjQcOKb
PkLNv810Wt1VGyAFG9WfSoYWyqjDI9qnQZGyOxrfi6za1lfQXnhDC1YJjNVRY4A1
0h5YmKHN
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:15:16 2024 by rpki-client on console-fra.rpki-client.org