Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/jcLlqt733d07ao7jahOYR72HyZ4.roa
File: jcLlqt733d07ao7jahOYR72HyZ4.roa (raw, json)
Hash identifier: j3ZGcv59H1DIhiiCV/nHFxaK8GHfIwi53RnGJP+0or0=
Subject key identifier: 8D:C2:E5:AA:DE:F7:DD:DD:3B:6A:8E:E3:6A:13:98:47:BD:87:C9:9E
Certificate issuer: /CN=2aa181f8b0ac913ddc377e19d5664b11b1975373
Certificate serial: 018CC5DC67C84CAD3968083DD770329EE4E8
Authority key identifier: 2A:A1:81:F8:B0:AC:91:3D:DC:37:7E:19:D5:66:4B:11:B1:97:53:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqGB-LCskT3cN34Z1WZLEbGXU3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/jcLlqt733d07ao7jahOYR72HyZ4.roa
Signing time: Mon 01 Jan 2024 16:30:05 +0000
ROA not before: Mon 01 Jan 2024 16:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29522
IP address blocks: 194.48.216.0/24 maxlen: 24
195.182.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/KqGB-LCskT3cN34Z1WZLEbGXU3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/KqGB-LCskT3cN34Z1WZLEbGXU3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqGB-LCskT3cN34Z1WZLEbGXU3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:67:c8:4c:ad:39:68:08:3d:d7:70:32:9e:e4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa181f8b0ac913ddc377e19d5664b11b1975373
Validity
Not Before: Jan 1 16:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dc2e5aadef7dddd3b6a8ee36a139847bd87c99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:d7:d8:b8:47:24:af:9e:d4:49:bd:c4:b6:
61:9c:c5:f0:1e:07:65:59:61:e0:08:f9:65:6a:8f:
16:0d:05:f3:d9:7b:79:8d:61:7e:ed:0c:28:fb:d9:
b0:d4:f1:b4:8e:b9:dd:ff:e9:38:0b:9a:2f:e4:24:
a1:33:14:f0:41:a2:1a:c6:32:dc:e0:61:a7:00:e1:
f4:4c:0c:b0:7d:e6:96:c6:f3:bf:92:69:81:3c:7b:
51:de:ea:a8:14:5b:62:4d:0f:aa:ba:c0:7a:ac:1d:
a3:28:13:28:72:7c:55:26:63:95:82:66:a5:37:53:
bb:32:3c:9a:c6:5d:41:3f:83:c4:8d:21:67:b3:90:
78:80:95:f3:30:68:6f:69:25:aa:f6:7c:4f:56:7e:
ba:eb:46:27:df:a1:a9:e9:2f:4c:26:ff:e6:3a:4d:
97:6c:14:cb:20:e8:28:51:da:79:78:bf:40:37:78:
ba:56:68:6a:71:56:26:1e:af:2c:33:cf:10:05:23:
2b:f9:b1:47:80:c9:4d:df:51:c2:d4:91:cf:1e:07:
2a:63:b2:cf:a2:99:8c:73:fd:df:82:33:83:a9:4b:
1d:b2:0e:6a:9f:0c:b6:be:de:50:00:c4:da:1f:66:
e2:53:a0:33:b7:36:58:a8:d3:a4:fe:fd:c5:3c:46:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C2:E5:AA:DE:F7:DD:DD:3B:6A:8E:E3:6A:13:98:47:BD:87:C9:9E
X509v3 Authority Key Identifier:
keyid:2A:A1:81:F8:B0:AC:91:3D:DC:37:7E:19:D5:66:4B:11:B1:97:53:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqGB-LCskT3cN34Z1WZLEbGXU3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/jcLlqt733d07ao7jahOYR72HyZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/b98755-65c4-4d19-b069-a1a55e8bee3f/1/KqGB-LCskT3cN34Z1WZLEbGXU3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.216.0/24
195.182.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:0d:26:dd:5d:35:7a:d4:a1:63:0b:f0:9a:9a:22:a4:eb:af:
43:7d:79:89:10:a2:a4:4a:91:5f:8c:3a:89:ef:90:ea:c7:1a:
bd:74:36:10:26:6f:b2:0d:14:e2:7b:bc:d1:33:6d:f6:80:51:
56:41:aa:cc:2f:83:e4:92:05:c2:99:a0:60:13:71:20:9c:07:
5b:4e:a9:db:54:ad:99:63:7d:40:9b:59:cc:90:5c:95:37:c2:
2e:57:3b:24:6b:a1:ab:39:91:11:fa:5f:3a:f1:f2:62:5e:45:
ab:a0:83:01:e1:e1:93:01:8d:46:07:f7:ad:b8:e3:f1:e3:a5:
6b:9a:4c:c7:ea:a6:50:70:67:cf:2e:0e:a6:8c:44:60:63:aa:
ed:19:82:bb:72:d6:d1:c7:74:31:32:c0:6c:50:10:42:ab:63:
8a:8f:18:4b:de:a8:d7:a1:0f:e7:ae:a7:36:a1:54:ad:bb:9d:
a1:c8:60:5c:d9:51:b0:2c:af:de:09:a5:8d:59:64:67:40:68:
38:2f:4c:86:cd:b9:2e:e6:16:5c:0a:de:8f:f1:9c:18:25:08:
b5:e2:e2:09:3c:37:00:df:00:b9:78:e7:5d:7a:56:64:a2:d2:
e8:6f:81:fe:ca:b7:f5:54:99:15:8a:c5:88:29:15:fa:17:e2:
fb:e7:08:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3GfITK05aAg913AynuToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE4MWY4YjBhYzkxM2RkYzM3N2UxOWQ1NjY0YjExYjE5
NzUzNzMwHhcNMjQwMTAxMTYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGMyZTVhYWRlZjdkZGRkM2I2YThlZTM2YTEzOTg0N2JkODdjOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhTX2LhHJK+e1Em9xLZhnMXwHgdl
WWHgCPllao8WDQXz2Xt5jWF+7Qwo+9mw1PG0jrnd/+k4C5ov5CShMxTwQaIaxjLc
4GGnAOH0TAywfeaWxvO/kmmBPHtR3uqoFFtiTQ+qusB6rB2jKBMocnxVJmOVgmal
N1O7Mjyaxl1BP4PEjSFns5B4gJXzMGhvaSWq9nxPVn6660Yn36Gp6S9MJv/mOk2X
bBTLIOgoUdp5eL9AN3i6VmhqcVYmHq8sM88QBSMr+bFHgMlN31HC1JHPHgcqY7LP
opmMc/3fgjODqUsdsg5qnwy2vt5QAMTaH2biU6AztzZYqNOk/v3FPEZoRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI3C5are993dO2qO42oTmEe9h8meMB8GA1UdIwQY
MBaAFCqhgfiwrJE93Dd+GdVmSxGxl1NzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FHQi1MQ3NrVDNjTjM0WjFXWkxFYkdYVTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iOTg3NTUtNjVjNC00ZDE5LWIwNjkt
YTFhNTVlOGJlZTNmLzEvamNMbHF0NzMzZDA3YW83amFoT1lSNzJIeVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iOTg3NTUtNjVjNC00ZDE5LWIwNjktYTFhNTVlOGJlZTNm
LzEvS3FHQi1MQ3NrVDNjTjM0WjFXWkxFYkdYVTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjDYAwQA
w7YOMA0GCSqGSIb3DQEBCwUAA4IBAQAfDSbdXTV61KFjC/CamiKk669DfXmJEKKk
SpFfjDqJ75Dqxxq9dDYQJm+yDRTie7zRM232gFFWQarML4PkkgXCmaBgE3EgnAdb
TqnbVK2ZY31Am1nMkFyVN8IuVzska6GrOZER+l868fJiXkWroIMB4eGTAY1GB/et
uOPx46VrmkzH6qZQcGfPLg6mjERgY6rtGYK7ctbRx3QxMsBsUBBCq2OKjxhL3qjX
oQ/nrqc2oVStu52hyGBc2VGwLK/eCaWNWWRnQGg4L0yGzbku5hZcCt6P8ZwYJQi1
4uIJPDcA3wC5eOddelZkotLob4H+yrf1VJkVisWIKRX6F+L75whM
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:00:08 2024 by rpki-client on console-ams.rpki-client.org