Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JqXEWOuceLwbOaRgYS30kQdUWfY.roa
File: JqXEWOuceLwbOaRgYS30kQdUWfY.roa (raw, json)
Hash identifier: 3w3YC1QD9Koxbwp7/xpDOy22/YacAF6SLY8mkHVA1F8=
Subject key identifier: 26:A5:C4:58:EB:9C:78:BC:1B:39:A4:60:61:2D:F4:91:07:54:59:F6
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 018CC5008E63C41ED31114223343592E0CF5
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JqXEWOuceLwbOaRgYS30kQdUWfY.roa
Signing time: Mon 01 Jan 2024 12:29:57 +0000
ROA not before: Mon 01 Jan 2024 12:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41965
IP address blocks: 91.103.56.0/21 maxlen: 21
91.103.57.0/24 maxlen: 24
91.103.56.0/24 maxlen: 24
91.103.63.0/24 maxlen: 24
91.103.62.0/24 maxlen: 24
77.95.186.0/24 maxlen: 24
77.95.184.0/24 maxlen: 24
77.95.188.0/22 maxlen: 22
77.95.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:8e:63:c4:1e:d3:11:14:22:33:43:59:2e:0c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Jan 1 12:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26a5c458eb9c78bc1b39a460612df491075459f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:71:cd:1e:80:5e:a1:26:ad:4c:35:83:9c:2e:
91:26:19:d2:fc:4b:31:a9:fd:0a:66:81:c4:f0:68:
59:f8:93:96:83:e9:6d:25:1f:a0:70:a4:e9:09:e8:
ab:6d:89:60:f7:a1:ec:7c:50:ca:8e:d2:7d:0b:92:
d1:e5:4a:c8:71:8d:04:f9:fe:ec:3a:c0:be:ed:1d:
a4:ba:51:b5:53:72:13:e0:d3:55:eb:2c:d3:53:14:
b4:73:50:22:23:2e:44:e4:c0:fb:75:31:eb:32:b0:
ec:33:26:56:24:06:d2:4b:53:75:29:16:a6:d4:aa:
fe:ca:1d:38:0a:b5:ec:10:11:24:4a:7c:63:75:e3:
fa:23:20:b1:14:8c:23:c5:a4:71:b3:e8:a0:7e:fd:
ed:57:39:a8:cc:d4:9e:14:a9:23:57:fb:49:7a:48:
eb:72:f0:c4:2d:91:3c:15:de:ac:7c:69:35:95:2e:
e3:b0:95:92:94:13:a0:ad:69:6d:95:8a:30:3b:e1:
0f:12:5b:8c:75:a9:29:ca:72:43:66:44:8b:2a:df:
e4:9e:64:53:4d:7d:6e:4e:57:33:3a:47:15:21:61:
d8:e6:65:f1:e0:c6:77:67:d3:11:3c:36:40:6f:ab:
90:2f:de:cc:80:92:78:05:b7:59:a0:f1:a7:11:02:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A5:C4:58:EB:9C:78:BC:1B:39:A4:60:61:2D:F4:91:07:54:59:F6
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JqXEWOuceLwbOaRgYS30kQdUWfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.184.0/24
77.95.186.0-77.95.191.255
91.103.56.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:e7:f8:2e:04:af:12:bb:8f:10:ec:81:00:ba:0d:c4:78:5e:
ee:f4:69:d7:17:82:90:ef:85:c4:93:2f:c5:91:be:3a:2c:49:
16:58:e3:ca:ab:a0:f8:4b:25:8c:ad:4f:23:9a:40:e6:72:6a:
f1:8f:78:d0:d5:11:37:92:55:ad:a8:b9:bc:81:9f:56:b0:9d:
8c:2e:b9:39:4f:cd:45:55:fc:55:5a:87:57:8a:96:50:bd:a7:
dd:c6:95:5d:b6:4a:2f:25:51:0b:8c:6a:3c:e8:59:f0:4b:28:
f1:eb:fa:ce:7a:9e:a9:85:e8:34:1a:dc:6a:cc:74:69:76:46:
a2:84:8f:0f:cc:d5:33:fe:69:e2:8a:c0:e4:3c:86:5d:a2:94:
f8:85:d5:5f:bd:b5:3b:28:35:7d:69:dd:1e:b2:f0:cc:77:87:
b9:a0:61:16:f0:04:85:32:e0:62:97:da:4f:22:e6:cf:aa:a2:
b1:8e:c9:0d:82:df:70:13:c5:9c:f3:96:72:54:9a:85:90:c0:
ff:2c:04:cc:af:5e:5d:18:f9:99:5a:ae:f8:d0:43:9a:2b:de:
4c:b6:ba:25:e1:cc:f9:83:12:4f:02:5c:6f:6f:e2:9d:70:49:
74:80:3a:d7:97:ad:0f:2e:90:e3:7e:c1:1c:3a:b6:c4:a2:9b:
b8:1b:2e:e0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFAI5jxB7TERQiM0NZLgz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjQwMTAxMTIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmE1YzQ1OGViOWM3OGJjMWIzOWE0NjA2MTJkZjQ5MTA3NTQ1OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3HNHoBeoSatTDWDnC6RJhnS/Esx
qf0KZoHE8GhZ+JOWg+ltJR+gcKTpCeirbYlg96HsfFDKjtJ9C5LR5UrIcY0E+f7s
OsC+7R2kulG1U3IT4NNV6yzTUxS0c1AiIy5E5MD7dTHrMrDsMyZWJAbSS1N1KRam
1Kr+yh04CrXsEBEkSnxjdeP6IyCxFIwjxaRxs+igfv3tVzmozNSeFKkjV/tJekjr
cvDELZE8Fd6sfGk1lS7jsJWSlBOgrWltlYowO+EPEluMdakpynJDZkSLKt/knmRT
TX1uTlczOkcVIWHY5mXx4MZ3Z9MRPDZAb6uQL97MgJJ4BbdZoPGnEQIMuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCalxFjrnHi8GzmkYGEt9JEHVFn2MB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvSnFYRVdPdWNlTHdiT2FSZ1lTMzBrUWRVV2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATV+4MAwD
BAFNX7oDBAZNX4ADBANbZzgwDQYJKoZIhvcNAQELBQADggEBAIzn+C4ErxK7jxDs
gQC6DcR4Xu70adcXgpDvhcSTL8WRvjosSRZY48qroPhLJYytTyOaQOZyavGPeNDV
ETeSVa2oubyBn1awnYwuuTlPzUVV/FVah1eKllC9p93GlV22Si8lUQuMajzoWfBL
KPHr+s56nqmF6DQa3GrMdGl2RqKEjw/M1TP+aeKKwOQ8hl2ilPiF1V+9tTsoNX1p
3R6y8Mx3h7mgYRbwBIUy4GKX2k8i5s+qorGOyQ2C33ATxZzzlnJUmoWQwP8sBMyv
Xl0Y+ZlarvjQQ5or3ky2uiXhzPmDEk8CXG9v4p1wSXSAOteXrQ8ukON+wRw6tsSi
m7gbLuA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:32 2024 by rpki-client on console-ams.rpki-client.org