Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/jByT-NUgsedIP6x8y59gVaVBnB8.roa
File: jByT-NUgsedIP6x8y59gVaVBnB8.roa (raw, json)
Hash identifier: jtZCrQ/5mWzYyYLX8ZDOh/gdInbCtp+aIxlFz3XMdTw=
Subject key identifier: 8C:1C:93:F8:D5:20:B1:E7:48:3F:AC:7C:CB:9F:60:55:A5:41:9C:1F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DABCC6F80D55A0EB572489DD12A361
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/jByT-NUgsedIP6x8y59gVaVBnB8.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3348
IP address blocks: 193.0.164.0/23 maxlen: 24
93.92.224.0/22 maxlen: 24
185.81.132.0/22 maxlen: 24
185.119.236.0/22 maxlen: 24
85.117.244.0/22 maxlen: 24
45.144.12.0/22 maxlen: 24
188.208.20.0/22 maxlen: 24
93.187.132.0/22 maxlen: 24
193.0.146.0/23 maxlen: 24
2a06:8840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:c6:f8:0d:55:a0:eb:57:24:89:dd:12:a3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c1c93f8d520b1e7483fac7ccb9f6055a5419c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:e0:3c:86:8f:c9:98:fb:67:55:17:7f:06:
0f:96:44:f3:f7:aa:06:88:ed:d7:03:d1:2a:c8:8e:
8a:a7:05:71:bd:a5:b6:d9:50:7b:55:e9:78:ed:02:
81:bc:17:a8:59:7c:c8:70:97:92:6d:e8:a1:f0:32:
eb:a4:d3:0c:b4:25:b6:e4:d9:59:05:c4:f9:5d:33:
7e:d1:2b:3e:40:6c:ae:b4:dc:23:b0:70:94:d8:4c:
2b:af:5a:a4:dd:b4:f8:0d:ce:fd:fa:6c:2e:f1:15:
87:d9:6e:9e:2d:59:30:f0:fd:c0:03:22:ad:3a:42:
6b:9a:1c:6a:bb:76:69:2e:1a:7f:97:64:8f:bd:ea:
41:25:00:cc:9e:97:04:64:a7:93:78:25:6d:a1:63:
d9:39:77:ea:79:25:ab:d3:8b:1a:96:a9:36:03:7f:
32:28:96:c1:a4:76:6e:52:a4:7f:10:30:9a:bf:ec:
5c:00:80:ff:b8:0a:e5:d4:09:78:0b:0c:cc:01:e1:
98:5e:94:fb:ea:69:b6:de:a3:09:c5:10:d7:29:a3:
e8:10:3e:81:7b:d8:4d:e8:c7:b7:a9:08:6d:cc:58:
57:82:c6:be:e3:e2:82:bf:b2:a8:c8:ea:5f:71:5c:
a7:c4:4e:40:75:0e:09:f3:1b:ef:54:f4:6d:ff:cf:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1C:93:F8:D5:20:B1:E7:48:3F:AC:7C:CB:9F:60:55:A5:41:9C:1F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/jByT-NUgsedIP6x8y59gVaVBnB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.12.0/22
85.117.244.0/22
93.92.224.0/22
93.187.132.0/22
185.81.132.0/22
185.119.236.0/22
188.208.20.0/22
193.0.146.0/23
193.0.164.0/23
IPv6:
2a06:8840::/29
Signature Algorithm: sha256WithRSAEncryption
74:8a:ad:2c:94:08:a8:aa:3d:8b:5a:63:05:f1:fe:6d:64:c6:
8c:a9:b1:dc:62:24:45:08:98:53:ba:e5:2e:cd:17:13:e7:df:
24:8b:c9:1e:cd:03:51:eb:ed:23:9d:8d:5e:06:c8:9a:aa:5e:
b6:5e:10:4f:7e:7d:28:77:ad:7a:35:cc:28:6d:b4:6b:5f:f9:
68:f2:c8:d2:b6:f3:98:57:af:e8:a2:c3:1c:d0:11:7e:64:aa:
50:18:d2:e1:46:b8:29:47:be:d8:76:3e:1d:09:c3:fc:81:da:
3a:63:31:68:07:bb:4c:67:a3:da:3e:cc:d0:58:a3:1e:a7:48:
07:2f:d7:06:2f:70:19:13:21:ac:82:a6:60:d9:e4:3d:d9:23:
90:07:e9:06:ec:55:e5:0d:23:2e:bc:bc:f6:47:16:be:c4:8b:
0c:ae:81:0b:fa:94:86:ac:18:a7:99:06:45:4d:51:f0:b7:f1:
d7:46:9b:4f:b9:23:29:1b:5b:03:cc:6b:0d:76:14:67:d0:78:
d6:df:38:3f:a3:76:08:d3:e2:48:30:0d:ef:72:69:9f:e2:2a:
6c:d8:d2:33:3d:2f:2d:35:30:da:88:8a:38:a8:26:69:cb:6e:
fb:f6:b8:24:d2:68:1b:70:55:de:3b:e8:a4:fa:de:f7:c5:a3:
1a:14:b0:ee
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzC2rzG+A1VoOtXJIndEqNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFjOTNmOGQ1MjBiMWU3NDgzZmFjN2NjYjlmNjA1NWE1NDE5YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoXgPIaPyZj7Z1UXfwYPlkTz96oG
iO3XA9EqyI6KpwVxvaW22VB7Vel47QKBvBeoWXzIcJeSbeih8DLrpNMMtCW25NlZ
BcT5XTN+0Ss+QGyutNwjsHCU2Ewrr1qk3bT4Dc79+mwu8RWH2W6eLVkw8P3AAyKt
OkJrmhxqu3ZpLhp/l2SPvepBJQDMnpcEZKeTeCVtoWPZOXfqeSWr04salqk2A38y
KJbBpHZuUqR/EDCav+xcAID/uArl1Al4CwzMAeGYXpT76mm23qMJxRDXKaPoED6B
e9hN6Me3qQhtzFhXgsa+4+KCv7KoyOpfcVynxE5AdQ4J8xvvVPRt/8+0XwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIwck/jVILHnSD+sfMufYFWlQZwfMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvakJ5VC1OVWdzZWRJUDZ4OHk1OWdWYVZCbkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLZAMAwQC
VXX0AwQCXVzgAwQCXbuEAwQCuVGEAwQCuXfsAwQCvNAUAwQBwQCSAwQBwQCkMA0E
AgACMAcDBQMqBohAMA0GCSqGSIb3DQEBCwUAA4IBAQB0iq0slAioqj2LWmMF8f5t
ZMaMqbHcYiRFCJhTuuUuzRcT598ki8kezQNR6+0jnY1eBsiaql62XhBPfn0od616
NcwobbRrX/lo8sjStvOYV6/oosMc0BF+ZKpQGNLhRrgpR77Ydj4dCcP8gdo6YzFo
B7tMZ6PaPszQWKMep0gHL9cGL3AZEyGsgqZg2eQ92SOQB+kG7FXlDSMuvLz2Rxa+
xIsMroEL+pSGrBinmQZFTVHwt/HXRptPuSMpG1sDzGsNdhRn0HjW3zg/o3YI0+JI
MA3vcmmf4ips2NIzPS8tNTDaiIo4qCZpy2779rgk0mgbcFXeO+ik+t73xaMaFLDu
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org