Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/mJE0eDQUQVRrN6ki8uCmKeYsPrw.roa
File: mJE0eDQUQVRrN6ki8uCmKeYsPrw.roa (raw, json)
Hash identifier: L798Zv3u91MZM+L9VGUews17pQ8mbPNo4UlLcF+WfOE=
Subject key identifier: 98:91:34:78:34:14:41:54:6B:37:A9:22:F2:E0:A6:29:E6:2C:3E:BC
Certificate issuer: /CN=ffff0fa51e6939d01dcaa2bb3d5dcaa6d0043da2
Certificate serial: 018CCA2AA5B119CE99BE0637B75B4BBB0523
Authority key identifier: FF:FF:0F:A5:1E:69:39:D0:1D:CA:A2:BB:3D:5D:CA:A6:D0:04:3D:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__8PpR5pOdAdyqK7PV3KptAEPaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/mJE0eDQUQVRrN6ki8uCmKeYsPrw.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199659
IP address blocks: 185.8.92.0/22 maxlen: 22
185.26.240.0/22 maxlen: 22
2a02:d540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/__8PpR5pOdAdyqK7PV3KptAEPaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/__8PpR5pOdAdyqK7PV3KptAEPaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/__8PpR5pOdAdyqK7PV3KptAEPaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a5:b1:19:ce:99:be:06:37:b7:5b:4b:bb:05:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffff0fa51e6939d01dcaa2bb3d5dcaa6d0043da2
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98913478341441546b37a922f2e0a629e62c3ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:2e:c7:da:95:fa:bf:15:7b:91:2e:49:bb:
04:d5:b3:16:02:03:83:b3:84:02:3c:0a:88:a5:8d:
68:41:25:5c:58:89:6c:5a:60:37:14:e6:25:ca:84:
0f:12:ce:1f:9f:d4:a5:2c:f8:50:b7:12:30:21:b1:
a3:a9:f7:7a:4c:76:89:8c:7e:a2:09:43:2f:64:38:
9a:b5:f0:ae:40:69:46:fc:6f:8d:b4:4b:79:29:c9:
44:c3:20:3a:dd:d1:cc:95:14:c3:16:26:e0:4d:05:
05:ee:8e:25:1f:1f:6a:48:1d:2e:db:f6:21:e9:20:
2d:06:9c:10:4e:c3:cd:a4:12:42:2d:8f:4a:cf:34:
56:cd:74:71:f5:34:1d:c3:a5:fb:29:84:ff:4f:90:
28:f8:3f:59:b4:dc:54:94:2e:45:57:d5:40:f1:c5:
c1:6d:b1:db:a4:88:da:b6:7c:02:e4:13:73:ad:42:
a5:04:a5:57:b7:14:4e:fa:5e:d2:e2:96:2b:3b:ee:
08:d3:91:d4:9d:03:d6:45:18:13:2d:71:b5:ad:15:
ad:6c:63:20:f6:52:51:75:31:f0:14:51:c2:36:e1:
1b:d4:5d:83:a6:c5:3b:a8:1c:55:29:11:bc:fe:6f:
58:d8:c9:34:b6:64:4e:c2:d3:be:0c:48:9e:53:cd:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:91:34:78:34:14:41:54:6B:37:A9:22:F2:E0:A6:29:E6:2C:3E:BC
X509v3 Authority Key Identifier:
keyid:FF:FF:0F:A5:1E:69:39:D0:1D:CA:A2:BB:3D:5D:CA:A6:D0:04:3D:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__8PpR5pOdAdyqK7PV3KptAEPaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/mJE0eDQUQVRrN6ki8uCmKeYsPrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9cb6b5-7a53-406f-af7a-17c38d9c3768/1/__8PpR5pOdAdyqK7PV3KptAEPaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.92.0/22
185.26.240.0/22
IPv6:
2a02:d540::/29
Signature Algorithm: sha256WithRSAEncryption
57:af:74:79:28:9b:cc:9a:c4:51:eb:66:fc:b5:5e:1b:bb:80:
79:3b:9d:d1:a2:ad:a5:39:38:5b:02:9c:7e:f8:d0:f5:8b:b9:
df:94:20:7b:ec:e1:0b:f4:01:fe:8d:78:4d:45:0a:02:5d:b5:
14:8d:84:d2:78:90:ff:e9:06:82:95:6d:90:cc:80:8b:32:b3:
a9:00:96:91:90:4a:9f:0b:43:9a:9d:a1:8e:9c:22:aa:60:73:
6c:3b:30:d6:10:d2:53:71:50:54:f5:fe:38:77:88:8f:c4:eb:
33:60:00:09:f6:66:ec:c4:fb:71:6e:55:14:6b:f7:55:41:f0:
da:d5:29:87:99:d2:76:a2:1c:51:89:2c:6a:eb:40:54:00:47:
95:87:99:b8:3d:b6:13:ff:5f:20:66:13:a4:8c:f6:b0:95:95:
62:28:24:c0:a2:ba:64:e9:7f:1b:e2:10:84:5b:cc:8b:c0:f8:
41:0f:b7:81:ce:52:da:27:e3:09:8f:2c:d0:34:d4:a4:81:69:
83:75:cb:cc:b1:65:32:ce:e7:0e:08:0a:74:fc:fb:0b:6f:ae:
db:86:89:ef:32:0f:42:48:43:fe:69:eb:87:ca:ff:f2:86:b2:
b7:dc:24:49:2c:cd:e1:b4:67:71:a3:a5:89:39:59:39:f9:7e:
48:b1:6a:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKqWxGc6ZvgY3t1tLuwUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZmYwZmE1MWU2OTM5ZDAxZGNhYTJiYjNkNWRjYWE2ZDAw
NDNkYTIwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODkxMzQ3ODM0MTQ0MTU0NmIzN2E5MjJmMmUwYTYyOWU2MmMzZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBUux9qV+r8Ve5EuSbsE1bMWAgOD
s4QCPAqIpY1oQSVcWIlsWmA3FOYlyoQPEs4fn9SlLPhQtxIwIbGjqfd6THaJjH6i
CUMvZDiatfCuQGlG/G+NtEt5KclEwyA63dHMlRTDFibgTQUF7o4lHx9qSB0u2/Yh
6SAtBpwQTsPNpBJCLY9KzzRWzXRx9TQdw6X7KYT/T5Ao+D9ZtNxUlC5FV9VA8cXB
bbHbpIjatnwC5BNzrUKlBKVXtxRO+l7S4pYrO+4I05HUnQPWRRgTLXG1rRWtbGMg
9lJRdTHwFFHCNuEb1F2DpsU7qBxVKRG8/m9Y2Mk0tmROwtO+DEieU82oowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJiRNHg0FEFUazepIvLgpinmLD68MB8GA1UdIwQY
MBaAFP//D6UeaTnQHcqiuz1dyqbQBD2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX184UHBSNXBPZEFkeXFLN1BWM0twdEFFUGFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85Y2I2YjUtN2E1My00MDZmLWFmN2Et
MTdjMzhkOWMzNzY4LzEvbUpFMGVEUVVRVlJyTjZraTh1Q21LZVlzUHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85Y2I2YjUtN2E1My00MDZmLWFmN2EtMTdjMzhkOWMzNzY4
LzEvX184UHBSNXBPZEFkeXFLN1BWM0twdEFFUGFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQhcAwQC
uRrwMA0EAgACMAcDBQMqAtVAMA0GCSqGSIb3DQEBCwUAA4IBAQBXr3R5KJvMmsRR
62b8tV4bu4B5O53Roq2lOThbApx++ND1i7nflCB77OEL9AH+jXhNRQoCXbUUjYTS
eJD/6QaClW2QzICLMrOpAJaRkEqfC0OanaGOnCKqYHNsOzDWENJTcVBU9f44d4iP
xOszYAAJ9mbsxPtxblUUa/dVQfDa1SmHmdJ2ohxRiSxq60BUAEeVh5m4PbYT/18g
ZhOkjPawlZViKCTAorpk6X8b4hCEW8yLwPhBD7eBzlLaJ+MJjyzQNNSkgWmDdcvM
sWUyzucOCAp0/PsLb67bhonvMg9CSEP+aeuHyv/yhrK33CRJLM3htGdxo6WJOVk5
+X5IsWpn
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:18:07 2024 by rpki-client on console-ams.rpki-client.org