Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JdVrNmC0xWWTLLaIFLMsIPAXKJY.roa
File: JdVrNmC0xWWTLLaIFLMsIPAXKJY.roa (raw, json)
Hash identifier: yFiNI5oM4Zsb5/OkTM9JFqMwQl+GYXBHANb5A94K0A0=
Subject key identifier: 25:D5:6B:36:60:B4:C5:65:93:2C:B6:88:14:B3:2C:20:F0:17:28:96
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5748E62F1D71F5BA3FFDB6ACDDF1
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JdVrNmC0xWWTLLaIFLMsIPAXKJY.roa
Signing time: Tue 02 Jan 2024 12:34:47 +0000
ROA not before: Tue 02 Jan 2024 12:34:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51561
IP address blocks: 185.184.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:57:48:e6:2f:1d:71:f5:ba:3f:fd:b6:ac:dd:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25d56b3660b4c565932cb68814b32c20f0172896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:22:f7:77:e0:b4:2b:d8:fa:9c:3e:6c:91:9a:
0d:1d:7f:ce:7f:57:2f:be:12:33:2a:4e:71:6e:2b:
0f:5f:ca:bb:95:91:59:c4:41:6d:ec:e4:9c:c1:e0:
9a:4b:36:72:40:d4:5d:6d:77:b9:e9:26:c5:57:bc:
df:34:05:bc:dd:9e:6a:2c:da:ef:95:f0:68:fd:b5:
ec:b1:8e:4a:a5:34:a7:ef:8d:37:b2:0d:03:33:ef:
58:cf:67:e1:0e:e7:bc:7d:f8:65:ec:40:f6:aa:5e:
55:b4:50:48:2b:bd:34:a2:bf:0c:22:e3:58:58:fc:
95:63:09:8f:6e:52:3b:82:1e:63:d5:2d:66:03:03:
c6:71:63:6f:df:f3:60:83:0a:62:96:d9:fe:a8:ed:
07:e6:76:1d:ad:ef:9c:3f:92:16:84:c9:9f:45:28:
88:a7:70:84:55:e5:8d:a5:9d:44:11:b7:3a:9b:d4:
74:e2:8a:73:45:de:0d:ed:05:5f:d3:be:4c:1f:95:
25:01:4d:10:bd:75:a4:46:2e:2c:9c:cf:4d:51:30:
eb:76:ea:48:12:ba:9a:20:61:2e:e9:f8:50:38:75:
ba:1a:e7:eb:e7:71:61:e8:99:44:3c:49:c1:e0:cb:
de:83:bc:03:83:e6:4f:4e:d9:1a:ad:b5:5d:0c:f7:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D5:6B:36:60:B4:C5:65:93:2C:B6:88:14:B3:2C:20:F0:17:28:96
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JdVrNmC0xWWTLLaIFLMsIPAXKJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.140.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f6:63:fe:cc:75:52:da:3f:ea:af:3a:48:04:10:be:89:fe:
8d:b3:70:28:a3:1a:94:a4:c6:cc:8b:df:90:8d:7a:b2:a0:66:
08:3b:2f:93:c2:9f:15:66:e7:65:b3:85:0a:cc:01:ea:b3:26:
0a:00:5c:63:07:7c:c7:a7:bf:da:5e:3d:b8:87:e2:74:b6:62:
8b:a2:4d:2b:22:a3:bd:af:a5:3e:d4:53:f2:6e:3d:54:b4:d8:
97:fd:66:ee:dd:e5:5b:1e:71:fd:87:c7:fa:6f:9f:a6:c7:26:
ac:34:3b:b4:ce:c8:45:27:ac:28:e5:2e:8b:b8:7b:0f:d0:6e:
d3:f6:17:a0:85:ba:2c:5e:c8:b8:3a:53:8f:36:8f:b6:ff:5d:
d1:f1:ca:af:a7:18:d8:08:04:1b:cf:ee:6f:2e:8c:82:96:98:
11:26:25:22:e1:7d:77:8c:76:3f:cd:e0:24:00:cf:25:c4:2b:
ad:e7:7e:83:dc:14:d9:6a:02:43:24:d9:e2:d0:ed:e2:46:f2:
ba:cd:4d:3f:5b:3f:98:6e:8a:b3:bc:11:bb:b0:16:f5:50:55:
84:d2:15:98:43:01:e3:f1:cb:0b:b1:58:35:3f:ac:53:02:c1:
e5:26:f2:d4:49:87:48:34:ad:25:79:3e:c5:28:fb:a5:68:ee:
45:e1:c1:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK1dI5i8dcfW6P/22rN3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ1NmIzNjYwYjRjNTY1OTMyY2I2ODgxNGIzMmMyMGYwMTcyODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SL3d+C0K9j6nD5skZoNHX/Of1cv
vhIzKk5xbisPX8q7lZFZxEFt7OScweCaSzZyQNRdbXe56SbFV7zfNAW83Z5qLNrv
lfBo/bXssY5KpTSn7403sg0DM+9Yz2fhDue8ffhl7ED2ql5VtFBIK700or8MIuNY
WPyVYwmPblI7gh5j1S1mAwPGcWNv3/Nggwpiltn+qO0H5nYdre+cP5IWhMmfRSiI
p3CEVeWNpZ1EEbc6m9R04opzRd4N7QVf075MH5UlAU0QvXWkRi4snM9NUTDrdupI
ErqaIGEu6fhQOHW6Gufr53Fh6JlEPEnB4Mveg7wDg+ZPTtkarbVdDPcV/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXVazZgtMVlkyy2iBSzLCDwFyiWMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSmRWck5tQzB4V1dUTExhSUZMTXNJUEFYS0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubiMMA0G
CSqGSIb3DQEBCwUAA4IBAQCj9mP+zHVS2j/qrzpIBBC+if6Ns3AooxqUpMbMi9+Q
jXqyoGYIOy+Twp8VZudls4UKzAHqsyYKAFxjB3zHp7/aXj24h+J0tmKLok0rIqO9
r6U+1FPybj1UtNiX/Wbu3eVbHnH9h8f6b5+mxyasNDu0zshFJ6wo5S6LuHsP0G7T
9heghbosXsi4OlOPNo+2/13R8cqvpxjYCAQbz+5vLoyClpgRJiUi4X13jHY/zeAk
AM8lxCut536D3BTZagJDJNni0O3iRvK6zU0/Wz+YboqzvBG7sBb1UFWE0hWYQwHj
8csLsVg1P6xTAsHlJvLUSYdINK0leT7FKPulaO5F4cEv
-----END CERTIFICATE-----
Generated at Sun May 5 00:35:57 2024 by rpki-client on console-fra.rpki-client.org