Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/JI-Cdf0kmPjyFyocOMbzQ8yEZ5A.roa
File: JI-Cdf0kmPjyFyocOMbzQ8yEZ5A.roa (raw, json)
Hash identifier: ageVUM05nNArcPQ4TNkYWe9ZmcbBITr8+kPTwFcuBao=
Subject key identifier: 24:8F:82:75:FD:24:98:F8:F2:17:2A:1C:38:C6:F3:43:CC:84:67:90
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 019314A02B71D3199D46A66E1F5E6F422D8F
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/JI-Cdf0kmPjyFyocOMbzQ8yEZ5A.roa
Signing time: Sun 10 Nov 2024 05:51:01 +0000
ROA not before: Sun 10 Nov 2024 05:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56414
IP address blocks: 45.15.16.0/22 maxlen: 24
62.204.40.0/24 maxlen: 24
194.26.217.0/24 maxlen: 24
2a12:7800::/29 maxlen: 32
2a12:7807::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:14:a0:2b:71:d3:19:9d:46:a6:6e:1f:5e:6f:42:2d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Nov 10 05:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=248f8275fd2498f8f2172a1c38c6f343cc846790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ed:50:0c:3b:95:a5:67:20:d3:56:46:bd:bd:
68:5e:f4:2a:fd:c2:8b:09:15:f2:77:ad:90:36:2f:
1d:86:5b:d7:6f:7c:c8:7a:52:27:3f:54:13:31:32:
b8:00:12:6a:2b:a2:53:0a:77:43:35:ac:40:78:19:
83:48:e5:ea:2a:6e:51:77:e1:0b:01:50:40:31:b6:
bf:f5:35:dc:39:90:39:b5:91:65:ed:2c:db:48:be:
64:c9:1a:57:ba:16:16:08:06:eb:d5:d0:b7:b3:1b:
5f:5e:11:61:24:c5:b6:68:ee:00:3c:da:57:6b:a6:
b2:97:e9:97:9a:b4:13:04:d5:1c:fc:a4:f1:5c:29:
f2:25:15:81:8d:c0:22:45:0e:cd:ff:53:21:eb:24:
3d:f8:cc:9c:fe:70:c3:6b:b0:62:e3:ff:d6:60:60:
65:81:85:cc:90:24:6d:04:47:3e:7c:26:bf:49:ee:
cd:27:a0:5b:3d:fc:c7:c2:8d:3f:01:6e:88:bf:9a:
9c:c7:92:b0:fd:45:f1:3c:46:b7:fd:4c:bb:96:5a:
c2:fb:91:99:16:13:f8:b7:71:7a:0c:91:be:04:40:
d7:84:59:f0:76:f7:b9:35:12:27:c6:92:e9:e7:c6:
b4:74:f8:59:21:54:89:a6:71:69:2a:06:7a:07:30:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:82:75:FD:24:98:F8:F2:17:2A:1C:38:C6:F3:43:CC:84:67:90
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/JI-Cdf0kmPjyFyocOMbzQ8yEZ5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.16.0/22
62.204.40.0/24
194.26.217.0/24
IPv6:
2a12:7800::/29
Signature Algorithm: sha256WithRSAEncryption
90:25:63:d4:83:1b:ac:96:7f:a9:cd:f3:b9:fa:c7:a6:47:11:
02:99:fc:9b:84:80:1a:49:68:ac:0d:60:7c:91:02:29:96:c6:
7e:4f:d1:19:21:a0:e2:24:9a:59:fd:35:8b:61:ec:94:97:bd:
4e:5e:b7:91:6c:4b:db:5f:2e:43:2c:7c:80:56:ec:c0:04:ed:
5a:aa:e7:dd:93:93:2f:fb:d8:26:c2:bb:67:14:d2:1b:81:6a:
ae:84:11:1c:8d:cf:35:f4:bc:87:98:40:5b:f6:ab:bc:62:ea:
e4:d9:45:8e:fd:27:68:f9:66:c7:dc:bf:4d:6d:a8:47:a9:04:
ae:99:24:8f:5c:d5:dd:2f:81:a5:4e:e4:39:02:07:31:eb:25:
33:76:3b:a9:38:a8:72:e2:8a:d1:cb:ae:23:9a:bd:39:c7:7b:
51:96:6d:8f:c0:81:04:7e:4c:53:b1:45:62:da:21:cb:e4:98:
bf:e9:62:f8:7b:8b:81:16:80:7f:3d:29:2c:6e:f9:56:43:1f:
d2:40:15:b7:5c:27:5c:15:2a:78:e6:ea:fb:eb:ad:36:5d:d8:
63:a6:72:a0:06:35:1d:41:e9:31:9b:57:f7:ef:2b:90:70:c9:
05:16:8d:bf:d8:9b:58:6a:ab:d5:1c:a3:eb:fa:1a:6a:8d:41:
f8:04:83:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMUoCtx0xmdRqZuH15vQi2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQxMTEwMDU1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhmODI3NWZkMjQ5OGY4ZjIxNzJhMWMzOGM2ZjM0M2NjODQ2NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO1QDDuVpWcg01ZGvb1oXvQq/cKL
CRXyd62QNi8dhlvXb3zIelInP1QTMTK4ABJqK6JTCndDNaxAeBmDSOXqKm5Rd+EL
AVBAMba/9TXcOZA5tZFl7SzbSL5kyRpXuhYWCAbr1dC3sxtfXhFhJMW2aO4APNpX
a6ayl+mXmrQTBNUc/KTxXCnyJRWBjcAiRQ7N/1Mh6yQ9+Myc/nDDa7Bi4//WYGBl
gYXMkCRtBEc+fCa/Se7NJ6BbPfzHwo0/AW6Iv5qcx5Kw/UXxPEa3/Uy7llrC+5GZ
FhP4t3F6DJG+BEDXhFnwdve5NRInxpLp58a0dPhZIVSJpnFpKgZ6BzBvWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCSPgnX9JJj48hcqHDjG80PMhGeQMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvSkktQ2RmMGttUGp5RnlvY09NYnpROHlFWjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ8QAwQA
PswoAwQAwhrZMA0EAgACMAcDBQMqEngAMA0GCSqGSIb3DQEBCwUAA4IBAQCQJWPU
gxusln+pzfO5+semRxECmfybhIAaSWisDWB8kQIplsZ+T9EZIaDiJJpZ/TWLYeyU
l71OXreRbEvbXy5DLHyAVuzABO1aqufdk5Mv+9gmwrtnFNIbgWquhBEcjc819LyH
mEBb9qu8Yurk2UWO/Sdo+WbH3L9NbahHqQSumSSPXNXdL4GlTuQ5Agcx6yUzdjup
OKhy4orRy64jmr05x3tRlm2PwIEEfkxTsUVi2iHL5Ji/6WL4e4uBFoB/PSksbvlW
Qx/SQBW3XCdcFSp45ur76602XdhjpnKgBjUdQekxm1f37yuQcMkFFo2/2JtYaqvV
HKPr+hpqjUH4BINM
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:24 2024 by rpki-client on console-ams.rpki-client.org