Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/jWEb6HFxdq59z6JgnBMx_VT6_vY.roa
File: jWEb6HFxdq59z6JgnBMx_VT6_vY.roa (raw, json)
Hash identifier: HbmMTxL0QfP0AXYjUhHWzjtJ7ayA4C0E5X3Q/CSu1xQ=
Subject key identifier: 8D:61:1B:E8:71:71:76:AE:7D:CF:A2:60:9C:13:31:FD:54:FA:FE:F6
Certificate issuer: /CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Certificate serial: 018CC56DFA63F4F1037CCC19798ABDDA20EF
Authority key identifier: 08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/jWEb6HFxdq59z6JgnBMx_VT6_vY.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 193.17.22.0/24 maxlen: 24
192.76.145.0/24 maxlen: 24
192.109.116.0/24 maxlen: 24
192.109.115.0/24 maxlen: 24
134.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fa:63:f4:f1:03:7c:cc:19:79:8a:bd:da:20:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d611be8717176ae7dcfa2609c1331fd54fafef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dd:39:72:11:90:5b:c7:20:a4:be:6b:a2:6e:
2f:25:36:d2:2f:bb:89:ea:eb:10:dd:46:7d:fe:3f:
02:d7:b4:98:ed:ab:ef:e8:6f:5b:67:90:e1:98:2c:
44:75:69:b2:13:ab:c2:e2:06:4d:3e:c2:ad:84:b5:
ef:35:55:b5:cb:d6:ce:cf:ac:62:d7:34:12:d3:f9:
45:bf:f0:08:4b:24:6c:0b:c6:97:6e:9f:eb:ea:cc:
fb:e6:00:b5:4f:83:41:c3:9a:40:6e:7e:24:7b:d1:
7b:19:82:19:e8:70:d1:68:c7:28:fa:2e:c7:eb:20:
09:dc:a8:a0:17:8f:9a:64:20:94:79:b1:c0:2d:1d:
a2:fe:37:4c:4f:fd:59:33:83:d4:e1:46:26:df:83:
9f:33:01:8b:02:74:48:6c:0d:3b:0f:04:10:6c:24:
0e:a1:b0:4e:c0:e1:40:03:b5:30:77:ea:d6:d6:24:
45:20:3f:d2:45:a5:c4:28:55:5a:5d:ab:15:3f:b4:
65:fa:a0:03:fb:31:94:f7:de:9a:ff:d6:6f:32:b0:
dd:6f:09:57:95:e2:88:1e:64:64:c2:98:92:42:55:
7b:be:08:1d:17:f3:30:b9:6b:3b:26:e7:39:1c:4d:
54:01:08:7f:2a:8a:f3:87:46:a0:da:f1:c1:4b:3b:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:61:1B:E8:71:71:76:AE:7D:CF:A2:60:9C:13:31:FD:54:FA:FE:F6
X509v3 Authority Key Identifier:
keyid:08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/jWEb6HFxdq59z6JgnBMx_VT6_vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.96.0.0/16
192.76.145.0/24
192.109.115.0-192.109.116.255
193.17.22.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d0:be:3d:6c:2f:5e:78:73:02:4b:63:67:c6:9c:1c:68:35:
a6:d5:d5:bb:31:e8:43:d7:3f:ac:81:a3:02:14:a2:d5:a9:33:
66:60:8b:25:27:07:83:82:62:92:27:b8:b8:ca:9d:be:b0:4d:
d8:43:87:24:9a:34:3d:e6:3c:45:a4:36:8b:2a:9b:a4:b4:78:
73:9e:b7:f2:e4:d0:f6:9d:09:7c:d9:c3:12:f5:f6:94:c2:03:
65:ac:f1:b2:4a:da:a5:19:53:0f:06:db:12:62:4f:1f:fa:40:
76:98:eb:0e:b1:9a:1f:43:3f:bc:16:8c:0f:39:2a:8d:8c:c1:
ee:f5:8c:a2:7d:3f:de:09:1e:6d:dc:0d:4d:cf:a1:48:54:e3:
25:59:dd:24:98:93:6e:e9:be:70:28:56:4d:8e:fd:de:5d:5d:
e1:6f:d6:1e:5c:ce:fb:86:4e:95:61:37:c4:7b:54:0f:9f:d7:
94:ae:29:78:d4:88:67:37:bd:f1:45:d6:6e:e6:12:17:8a:9f:
76:1a:7b:9e:20:90:dc:02:43:d0:4f:4a:5f:7f:fe:00:08:d7:
2c:5d:ad:68:f9:0b:13:da:9a:e4:35:56:e5:3b:96:8e:20:96:
96:49:b7:32:e5:a1:b0:49:53:93:cf:fe:78:f2:05:c3:54:92:
5a:ee:5e:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzFbfpj9PEDfMwZeYq92iDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDBiYzhjNTg5MDJjOGNhN2JiODY5ZWMyZTI4MzAyZmE0
NTE1ZTkwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDYxMWJlODcxNzE3NmFlN2RjZmEyNjA5YzEzMzFmZDU0ZmFmZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn905chGQW8cgpL5rom4vJTbSL7uJ
6usQ3UZ9/j8C17SY7avv6G9bZ5DhmCxEdWmyE6vC4gZNPsKthLXvNVW1y9bOz6xi
1zQS0/lFv/AISyRsC8aXbp/r6sz75gC1T4NBw5pAbn4ke9F7GYIZ6HDRaMco+i7H
6yAJ3KigF4+aZCCUebHALR2i/jdMT/1ZM4PU4UYm34OfMwGLAnRIbA07DwQQbCQO
obBOwOFAA7Uwd+rW1iRFID/SRaXEKFVaXasVP7Rl+qAD+zGU996a/9ZvMrDdbwlX
leKIHmRkwpiSQlV7vggdF/MwuWs7Juc5HE1UAQh/Korzh0ag2vHBSzsRzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1hG+hxcXaufc+iYJwTMf1U+v72MB8GA1UdIwQY
MBaAFAjQvIxYkCyMp7uGnsLigwL6RRXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQt
YjM3NTRhZmU5NTI5LzEvaldFYjZIRnhkcTU5ejZKZ25CTXhfVlQ2X3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQtYjM3NTRhZmU5NTI5
LzEvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwMAhmADBADA
TJEwDAMEAMBtcwMEAMBtdAMEAMERFjANBgkqhkiG9w0BAQsFAAOCAQEAodC+PWwv
XnhzAktjZ8acHGg1ptXVuzHoQ9c/rIGjAhSi1akzZmCLJScHg4Jikie4uMqdvrBN
2EOHJJo0PeY8RaQ2iyqbpLR4c5638uTQ9p0JfNnDEvX2lMIDZazxskrapRlTDwbb
EmJPH/pAdpjrDrGaH0M/vBaMDzkqjYzB7vWMon0/3gkebdwNTc+hSFTjJVndJJiT
bum+cChWTY793l1d4W/WHlzO+4ZOlWE3xHtUD5/XlK4peNSIZze98UXWbuYSF4qf
dhp7niCQ3AJD0E9KX3/+AAjXLF2taPkLE9qa5DVW5TuWjiCWlkm3MuWhsElTk8/+
ePIFw1SSWu5epg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:50 2024 by rpki-client on console-fra.rpki-client.org