Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jhFuOT28dARSotr0IapEqZS_mTM.roa
File: jhFuOT28dARSotr0IapEqZS_mTM.roa (raw, json)
Hash identifier: qOQguL0ZEsrSz0HoIVOHr5LrhmE8fGTlhmONnv1SQlI=
Subject key identifier: 8E:11:6E:39:3D:BC:74:04:52:A2:DA:F4:21:AA:44:A9:94:BF:99:33
Certificate issuer: /CN=8d66032e08894118d7998c5c060ca46eb3871338
Certificate serial: 019353FBC7DAF7F032AC553CF5A97DD26AFB
Authority key identifier: 8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jhFuOT28dARSotr0IapEqZS_mTM.roa
Signing time: Fri 22 Nov 2024 13:07:09 +0000
ROA not before: Fri 22 Nov 2024 13:07:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48152
IP address blocks: 185.169.146.0/23 maxlen: 23
217.70.224.0/22 maxlen: 24
217.70.228.0/22 maxlen: 22
217.70.232.0/22 maxlen: 22
217.70.236.0/22 maxlen: 22
217.148.240.0/22 maxlen: 22
217.148.244.0/22 maxlen: 22
217.148.248.0/22 maxlen: 22
217.148.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:fb:c7:da:f7:f0:32:ac:55:3c:f5:a9:7d:d2:6a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d66032e08894118d7998c5c060ca46eb3871338
Validity
Not Before: Nov 22 13:07:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e116e393dbc740452a2daf421aa44a994bf9933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9b:b5:9e:d1:95:a3:fc:13:97:dc:53:04:47:
d2:12:0b:85:73:52:b6:ce:e5:61:1e:0b:18:c8:85:
54:b3:f1:ee:83:6a:9f:7e:1c:51:ad:9d:09:74:08:
66:a1:08:7a:bb:8e:43:d6:35:10:70:ba:6b:62:54:
a0:ae:07:56:c5:f8:8e:a3:82:ac:c3:b4:e1:c4:82:
4d:36:49:61:50:c9:81:e1:2a:fe:d7:50:57:1f:ec:
b4:62:13:cc:2e:1b:22:1b:e2:52:1e:69:35:19:fd:
47:30:f3:58:6b:99:45:84:2f:af:30:b7:2d:8d:b7:
a6:13:4f:18:c1:86:84:58:79:a4:cf:c3:78:c8:c1:
e7:63:79:e8:00:50:b6:19:3b:8b:e3:fe:b8:ad:1e:
b0:95:91:82:15:56:66:6e:fc:1d:05:b5:89:a8:b6:
12:c8:89:59:eb:d9:8c:2f:c1:fd:57:37:14:d3:7b:
2e:e7:7b:7d:8d:4a:77:cd:ba:f3:6f:bd:9d:ef:a1:
8a:1f:6e:d4:8f:17:f5:b1:97:ec:8b:a4:de:9e:7f:
e1:b1:cc:61:00:91:57:ae:91:30:23:05:83:10:7d:
66:54:1b:72:e8:bc:f7:24:06:c0:e2:ee:a6:b7:96:
bd:42:d4:06:3a:fd:5d:d0:16:fc:2d:6c:60:bc:88:
70:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:11:6E:39:3D:BC:74:04:52:A2:DA:F4:21:AA:44:A9:94:BF:99:33
X509v3 Authority Key Identifier:
keyid:8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jhFuOT28dARSotr0IapEqZS_mTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.146.0/23
217.70.224.0/20
217.148.240.0/20
Signature Algorithm: sha256WithRSAEncryption
08:92:ba:69:db:1f:eb:76:03:d3:9d:72:96:3b:a6:c5:d2:e3:
5a:c0:eb:92:b2:cf:63:7a:9a:b1:03:5a:a9:21:c0:ef:35:0f:
06:c0:c0:ae:0d:c7:f4:9c:37:02:61:aa:57:e0:1b:de:e4:af:
79:9c:1e:3f:e3:56:f1:45:fe:b4:cd:83:27:4a:9c:90:75:9c:
55:d7:41:99:e8:9f:d6:f7:08:0b:bd:08:e8:77:f7:5c:47:d1:
aa:51:69:8a:03:9e:5e:da:c0:20:dc:81:4c:75:a2:d3:36:ee:
22:16:83:b8:b6:45:53:71:94:90:86:d2:4c:79:7c:ee:63:b1:
e4:1b:fc:dc:e9:9c:54:47:59:25:14:4f:69:6f:f7:a8:a0:d1:
6f:c0:12:24:46:20:dc:ae:89:9c:48:f9:fc:ef:5d:27:9f:f1:
9c:f1:76:3b:39:e6:21:80:44:2b:df:31:8d:6b:6e:ba:c6:58:
d9:ee:fb:55:71:84:c0:98:a9:42:a6:c7:81:5d:bb:cc:d9:70:
41:6f:44:4c:d3:b6:c3:8a:b1:bd:98:4e:90:1a:c9:ac:c7:d1:
02:57:68:61:9a:2c:3c:e2:91:88:c1:b8:32:4f:c8:90:d9:7b:
df:7a:d2:26:04:c2:0a:e3:8e:cb:e4:76:c7:25:59:28:1a:df:
29:2e:d4:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNT+8fa9/AyrFU89al90mr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjYwMzJlMDg4OTQxMThkNzk5OGM1YzA2MGNhNDZlYjM4
NzEzMzgwHhcNMjQxMTIyMTMwNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTExNmUzOTNkYmM3NDA0NTJhMmRhZjQyMWFhNDRhOTk0YmY5OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5u1ntGVo/wTl9xTBEfSEguFc1K2
zuVhHgsYyIVUs/Hug2qffhxRrZ0JdAhmoQh6u45D1jUQcLprYlSgrgdWxfiOo4Ks
w7ThxIJNNklhUMmB4Sr+11BXH+y0YhPMLhsiG+JSHmk1Gf1HMPNYa5lFhC+vMLct
jbemE08YwYaEWHmkz8N4yMHnY3noAFC2GTuL4/64rR6wlZGCFVZmbvwdBbWJqLYS
yIlZ69mML8H9VzcU03su53t9jUp3zbrzb72d76GKH27Ujxf1sZfsi6Tenn/hscxh
AJFXrpEwIwWDEH1mVBty6Lz3JAbA4u6mt5a9QtQGOv1d0Bb8LWxgvIhwIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI4Rbjk9vHQEUqLa9CGqRKmUv5kzMB8GA1UdIwQY
MBaAFI1mAy4IiUEY15mMXAYMpG6zhxM4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUt
NTk5ZDFjYTZhNWZkLzEvamhGdU9UMjhkQVJTb3RyMElhcEVxWlNfbVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUtNTk5ZDFjYTZhNWZk
LzEvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuamSAwQE
2UbgAwQE2ZTwMA0GCSqGSIb3DQEBCwUAA4IBAQAIkrpp2x/rdgPTnXKWO6bF0uNa
wOuSss9jepqxA1qpIcDvNQ8GwMCuDcf0nDcCYapX4Bve5K95nB4/41bxRf60zYMn
SpyQdZxV10GZ6J/W9wgLvQjod/dcR9GqUWmKA55e2sAg3IFMdaLTNu4iFoO4tkVT
cZSQhtJMeXzuY7HkG/zc6ZxUR1klFE9pb/eooNFvwBIkRiDcromcSPn8710nn/Gc
8XY7OeYhgEQr3zGNa266xljZ7vtVcYTAmKlCpseBXbvM2XBBb0RM07bDirG9mE6Q
Gsmsx9ECV2hhmiw84pGIwbgyT8iQ2XvfetImBMIK447L5HbHJVkoGt8pLtSg
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:52:51 2024 by rpki-client on console-fra.rpki-client.org