Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/JghK_awl-kdNB3ZsWfQClaRt5FQ.roa
File: JghK_awl-kdNB3ZsWfQClaRt5FQ.roa (raw, json)
Hash identifier: n+yJxNa17w/1zbkbvYfpGssN7gjWHcY73Wn01S+UzwM=
Subject key identifier: 26:08:4A:FD:AC:25:FA:47:4D:07:76:6C:59:F4:02:95:A4:6D:E4:54
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 018CCA9A0D9C72BE4C1C74ED881B0B572B13
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/JghK_awl-kdNB3ZsWfQClaRt5FQ.roa
Signing time: Tue 02 Jan 2024 14:35:42 +0000
ROA not before: Tue 02 Jan 2024 14:35:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21282
IP address blocks: 80.241.4.0/24 maxlen: 24
80.241.0.0/20 maxlen: 20
80.241.1.0/24 maxlen: 24
80.241.2.0/24 maxlen: 24
2a01:7640::/64 maxlen: 64
2a01:7640::/38 maxlen: 38
2a01:7640:0:1::/64 maxlen: 64
2a01:7640::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:0d:9c:72:be:4c:1c:74:ed:88:1b:0b:57:2b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 2 14:35:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26084afdac25fa474d07766c59f40295a46de454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d3:66:1d:71:6e:e4:57:2a:e4:a7:87:7b:f3:
8a:f0:95:f7:80:92:0a:68:4c:49:03:da:8c:aa:0a:
da:d7:5e:27:03:ac:d8:c9:6e:6e:9d:93:66:11:6d:
9f:e6:ae:ed:a6:a7:4a:9f:c5:e7:df:e1:0b:7b:06:
51:72:af:55:3f:03:b1:fe:f6:42:62:1e:b0:55:94:
5b:51:30:cd:16:13:b0:ed:2b:45:5b:2d:f4:97:ca:
0c:bd:b3:d0:62:98:49:9c:c7:1c:47:08:85:82:fa:
26:39:7b:7e:ef:9c:19:c9:12:a6:a1:ca:fd:d9:36:
5d:f6:8f:43:d2:e1:8d:47:0e:93:e3:f8:f7:0c:4f:
5d:22:00:c8:14:2f:53:91:5f:ce:b9:ee:40:87:a3:
eb:40:25:2a:67:44:47:e9:1e:fe:12:7f:87:85:96:
7a:22:bf:c4:ab:1c:77:43:9a:21:ce:3b:8d:83:e4:
f8:e6:2d:58:f5:9a:21:5d:85:40:60:5d:84:91:13:
95:85:0b:46:85:cf:8c:80:3a:cd:2c:ff:9d:e7:00:
79:b0:69:dd:b5:5f:b1:43:6f:be:b2:1a:95:dc:18:
ea:a9:be:70:00:b5:87:cb:8a:7d:e7:03:a4:19:f3:
f5:c1:e6:1d:44:34:8e:bb:ee:70:63:24:a0:37:bb:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:08:4A:FD:AC:25:FA:47:4D:07:76:6C:59:F4:02:95:A4:6D:E4:54
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/JghK_awl-kdNB3ZsWfQClaRt5FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.0.0/20
IPv6:
2a01:7640::/38
Signature Algorithm: sha256WithRSAEncryption
d1:f2:f0:28:cc:42:3c:bf:e6:82:b2:98:38:07:f8:e7:e5:64:
dc:b6:48:50:38:4d:ae:8e:bb:4b:9a:02:48:e4:20:0b:fb:ee:
73:85:90:8b:7b:48:89:0a:95:6e:d6:90:0f:0f:8b:5d:c6:44:
7a:6d:96:f7:6e:f4:e9:5a:28:25:13:98:5e:6e:7f:55:69:38:
80:7f:31:94:63:60:63:aa:30:67:7c:76:8a:0f:aa:4e:be:20:
3e:7d:c1:95:dd:8a:a8:0d:7e:cc:4f:5b:88:81:26:8e:c0:27:
f5:f8:84:7f:f2:97:d0:73:60:87:73:bf:35:3b:53:67:e4:0d:
84:29:54:a1:83:25:20:88:39:8c:a0:c3:a0:2b:33:dc:5c:cc:
a6:78:5f:33:a6:92:6e:9f:e8:d0:3c:a5:ee:a8:4f:03:97:4c:
b0:7d:5e:11:ac:92:72:46:12:7d:5c:35:fe:d5:c6:f9:f4:38:
e5:37:7d:6a:f9:c5:ed:f9:e4:5a:de:39:3d:12:17:41:fa:cd:
39:b1:2a:45:7e:1a:0d:21:db:d7:19:bb:9e:d7:e7:a7:e3:6e:
39:da:2f:f3:67:01:25:94:4b:c1:06:43:93:d2:cb:53:77:03:
10:6a:77:b5:b5:b9:e4:ab:1c:e2:a2:c0:ef:bb:8a:12:f4:ca:
84:b2:d4:a2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzKmg2ccr5MHHTtiBsLVysTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVjNjQxMDUxYjAyNmI5NWM4NDU5MTUwY2E0N2RkYWVj
ODk2NjgwHhcNMjQwMTAyMTQzNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA4NGFmZGFjMjVmYTQ3NGQwNzc2NmM1OWY0MDI5NWE0NmRlNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9NmHXFu5Fcq5KeHe/OK8JX3gJIK
aExJA9qMqgra114nA6zYyW5unZNmEW2f5q7tpqdKn8Xn3+ELewZRcq9VPwOx/vZC
Yh6wVZRbUTDNFhOw7StFWy30l8oMvbPQYphJnMccRwiFgvomOXt+75wZyRKmocr9
2TZd9o9D0uGNRw6T4/j3DE9dIgDIFC9TkV/Oue5Ah6PrQCUqZ0RH6R7+En+HhZZ6
Ir/Eqxx3Q5ohzjuNg+T45i1Y9ZohXYVAYF2EkROVhQtGhc+MgDrNLP+d5wB5sGnd
tV+xQ2++shqV3Bjqqb5wALWHy4p95wOkGfP1weYdRDSOu+5wYySgN7trfwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCYISv2sJfpHTQd2bFn0ApWkbeRUMB8GA1UdIwQY
MBaAFJTexkEFGwJrlchFkVDKR92uyJZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYt
OWVhNjQ4NjJhOWFiLzEvSmdoS19hd2wta2ROQjNac1dmUUNsYVJ0NUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYtOWVhNjQ4NjJhOWFi
LzEvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEUPEAMA4E
AgACMAgDBgIqAXZAADANBgkqhkiG9w0BAQsFAAOCAQEA0fLwKMxCPL/mgrKYOAf4
5+Vk3LZIUDhNro67S5oCSOQgC/vuc4WQi3tIiQqVbtaQDw+LXcZEem2W92706Voo
JROYXm5/VWk4gH8xlGNgY6owZ3x2ig+qTr4gPn3Bld2KqA1+zE9biIEmjsAn9fiE
f/KX0HNgh3O/NTtTZ+QNhClUoYMlIIg5jKDDoCsz3FzMpnhfM6aSbp/o0Dyl7qhP
A5dMsH1eEaySckYSfVw1/tXG+fQ45Td9avnF7fnkWt45PRIXQfrNObEqRX4aDSHb
1xm7ntfnp+NuOdov82cBJZRLwQZDk9LLU3cDEGp3tbW55Ksc4qLA77uKEvTKhLLU
og==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:15:20 2024 by rpki-client on console-ams.rpki-client.org