Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/jai8NAPKlbldP-sGGajEfggRv8k.roa
File: jai8NAPKlbldP-sGGajEfggRv8k.roa (raw, json)
Hash identifier: jEyVg7mO2viDJtg7lxpBGNfzmQfINJRqdMlFeW+sxmk=
Subject key identifier: 8D:A8:BC:34:03:CA:95:B9:5D:3F:EB:06:19:A8:C4:7E:08:11:BF:C9
Certificate issuer: /CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Certificate serial: 018CC50023A6CAFCCC328F6051ADA045068A
Authority key identifier: 30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/jai8NAPKlbldP-sGGajEfggRv8k.roa
Signing time: Mon 01 Jan 2024 12:29:29 +0000
ROA not before: Mon 01 Jan 2024 12:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204989
IP address blocks: 185.104.160.0/22 maxlen: 24
45.89.168.0/22 maxlen: 24
2a06:3200::/29 maxlen: 32
2a0f:a7c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:23:a6:ca:fc:cc:32:8f:60:51:ad:a0:45:06:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Validity
Not Before: Jan 1 12:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da8bc3403ca95b95d3feb0619a8c47e0811bfc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:7e:5d:5b:9d:30:b8:65:7e:7c:6c:5b:70:
16:8a:fc:49:33:7d:86:bb:99:88:64:95:b9:25:6c:
08:ec:95:ce:ae:d1:67:08:ea:44:7a:f4:17:fa:5e:
ec:21:ad:4d:c5:44:ec:4a:66:be:0b:1a:40:52:22:
52:6b:0a:a0:e9:47:7b:97:2e:40:cb:7f:a4:66:4b:
17:92:2a:51:22:5b:9e:2f:eb:31:20:74:a8:96:1e:
ab:a3:a9:7e:43:1f:2b:1e:f6:3a:3f:1d:e3:5f:b8:
0a:23:62:24:2d:39:ee:1a:ad:34:27:88:e3:7f:f6:
ab:4c:bc:20:82:ab:e1:c8:11:ce:aa:56:cb:bf:95:
3c:26:61:98:48:44:f0:99:2a:3f:82:7a:5e:e4:36:
b7:90:72:0c:f5:7a:de:00:3b:d2:90:fb:c3:f4:c5:
d6:a4:3d:05:5c:92:cf:6a:a6:c8:51:3b:74:db:fd:
a5:4c:5f:89:32:dd:77:02:fe:34:45:71:f5:f6:30:
1d:bd:7e:a3:6f:af:3b:f0:13:05:d9:73:53:bf:cc:
d5:b4:28:ff:df:b8:bc:0b:8a:f9:e0:5e:61:79:f8:
74:50:1f:5a:3d:ea:53:ae:97:22:2c:ba:80:82:0b:
98:0b:23:dc:bf:1a:60:9c:e9:d8:1c:ba:ed:bf:56:
38:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A8:BC:34:03:CA:95:B9:5D:3F:EB:06:19:A8:C4:7E:08:11:BF:C9
X509v3 Authority Key Identifier:
keyid:30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/jai8NAPKlbldP-sGGajEfggRv8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.168.0/22
185.104.160.0/22
IPv6:
2a06:3200::/29
2a0f:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:61:8e:1b:a3:67:b4:1f:30:d8:92:8e:b9:5d:4b:11:56:86:
09:94:12:53:68:ba:1c:28:09:5b:4a:8d:4e:34:71:8e:aa:16:
62:ec:80:7f:fd:ac:dc:e6:e9:60:62:7d:c6:a1:af:69:96:92:
b5:74:bc:2e:f1:8d:70:b3:4f:e9:44:92:dc:50:75:23:3d:97:
4f:ba:72:08:6e:55:ba:31:37:3f:1b:de:e8:63:58:50:69:af:
74:62:8a:4b:63:f2:0f:a8:8e:f2:0a:8d:4d:ea:30:c8:b3:b9:
fa:53:93:e2:31:b4:d6:8e:2a:b7:93:18:62:59:d4:99:0f:a8:
7d:05:b9:25:f0:ab:f7:f2:a3:44:37:a4:ff:b6:de:e9:d9:8c:
be:b3:6d:43:95:f2:bb:8b:5e:e0:14:94:16:51:d8:af:00:25:
52:e5:88:95:6a:40:dc:59:68:96:c4:a5:66:81:a5:c4:bb:37:
20:f5:b6:4e:c2:e4:bb:71:32:2a:42:30:3b:ea:82:98:8f:f1:
dd:02:e3:4b:a2:b4:8e:c4:aa:86:73:44:3c:62:ef:b2:42:19:
4c:d1:0d:66:48:0c:25:6d:1b:7f:71:c0:f5:57:6f:03:b1:67:
12:32:03:9b:cc:86:00:8a:7d:8a:45:99:7d:78:f2:55:59:61:
f9:5c:6f:93
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFACOmyvzMMo9gUa2gRQaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzRkNjUxZGZlYzRiMGQzNzFlMDI1MDViMWY4NjkzZWQx
ZDhlMDIwHhcNMjQwMTAxMTIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE4YmMzNDAzY2E5NWI5NWQzZmViMDYxOWE4YzQ3ZTA4MTFiZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosV+XVudMLhlfnxsW3AWivxJM32G
u5mIZJW5JWwI7JXOrtFnCOpEevQX+l7sIa1NxUTsSma+CxpAUiJSawqg6Ud7ly5A
y3+kZksXkipRIlueL+sxIHSolh6ro6l+Qx8rHvY6Px3jX7gKI2IkLTnuGq00J4jj
f/arTLwggqvhyBHOqlbLv5U8JmGYSETwmSo/gnpe5Da3kHIM9XreADvSkPvD9MXW
pD0FXJLPaqbIUTt02/2lTF+JMt13Av40RXH19jAdvX6jb6878BMF2XNTv8zVtCj/
37i8C4r54F5hefh0UB9aPepTrpciLLqAgguYCyPcvxpgnOnYHLrtv1Y4hwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFI2ovDQDypW5XT/rBhmoxH4IEb/JMB8GA1UdIwQY
MBaAFDB01lHf7EsNNx4CUFsfhpPtHY4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhUV1VkX3NTdzAzSGdKUVd4LUdrLTBkamdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMTI4M2YtZjdhYS00YTY3LTk1NzAt
OTJiYTJkNTA3N2MzLzEvamFpOE5BUEtsYmxkUC1zR0dhakVmZ2dSdjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMTI4M2YtZjdhYS00YTY3LTk1NzAtOTJiYTJkNTA3N2Mz
LzEvTUhUV1VkX3NTdzAzSGdKUVd4LUdrLTBkamdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVmoAwQC
uWigMBQEAgACMA4DBQMqBjIAAwUDKg+nwDANBgkqhkiG9w0BAQsFAAOCAQEAhGGO
G6NntB8w2JKOuV1LEVaGCZQSU2i6HCgJW0qNTjRxjqoWYuyAf/2s3ObpYGJ9xqGv
aZaStXS8LvGNcLNP6USS3FB1Iz2XT7pyCG5VujE3Pxve6GNYUGmvdGKKS2PyD6iO
8gqNTeowyLO5+lOT4jG01o4qt5MYYlnUmQ+ofQW5JfCr9/KjRDek/7be6dmMvrNt
Q5Xyu4te4BSUFlHYrwAlUuWIlWpA3FlolsSlZoGlxLs3IPW2TsLku3EyKkIwO+qC
mI/x3QLjS6K0jsSqhnNEPGLvskIZTNENZkgMJW0bf3HA9VdvA7FnEjIDm8yGAIp9
ikWZfXjyVVlh+Vxvkw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:32:04 2024 by rpki-client on console-fra.rpki-client.org