Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/JuIS3xC4hFu31oFqvuXH5KH5ia8.roa
File: JuIS3xC4hFu31oFqvuXH5KH5ia8.roa (raw, json)
Hash identifier: foUO+FmtyMKfl/nOH05OaHcHxp8NFi8OdQBWoy5hVsQ=
Subject key identifier: 26:E2:12:DF:10:B8:84:5B:B7:D6:81:6A:BE:E5:C7:E4:A1:F9:89:AF
Certificate issuer: /CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Certificate serial: 018CC9BC95A51C37B1DE331D6010B46AFB7E
Authority key identifier: 18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/JuIS3xC4hFu31oFqvuXH5KH5ia8.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197208
IP address blocks: 46.28.112.0/21 maxlen: 21
194.99.56.0/24 maxlen: 24
194.31.3.0/24 maxlen: 24
194.76.29.0/24 maxlen: 24
2a01:6ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:95:a5:1c:37:b1:de:33:1d:60:10:b4:6a:fb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26e212df10b8845bb7d6816abee5c7e4a1f989af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:f9:ac:ed:13:04:a5:fd:25:db:ae:3c:bc:
26:e9:bb:dc:b7:45:b1:aa:4a:ca:9d:26:58:5b:49:
a8:38:6c:80:f2:e2:99:ad:a0:a8:e9:53:87:29:61:
02:1e:f9:10:b6:e1:07:df:c8:11:93:80:f4:bd:1a:
61:73:c5:a6:2a:74:ab:63:4d:5b:9b:6b:2a:a8:92:
34:0e:f3:f4:d7:2e:31:15:20:55:72:b0:19:7f:96:
32:c8:0c:4a:af:96:e8:f0:82:17:a1:f4:ac:7f:fa:
5b:77:39:33:69:f0:23:c1:87:70:bb:86:3f:96:0a:
ed:ce:6b:ab:27:6b:46:82:fd:4c:f5:5b:ea:8d:2f:
35:e7:ab:3d:fd:11:23:38:9c:a1:a9:09:f4:ce:3d:
e9:e7:20:ef:d8:31:41:83:5e:73:46:01:5c:f4:2d:
a5:ec:97:f3:87:90:c8:7a:92:0f:09:87:84:bc:8e:
b8:8e:1a:11:e7:e9:d0:e6:a7:23:de:69:68:49:88:
34:a2:6f:b0:c4:93:ab:2d:03:9f:9b:47:58:b4:df:
55:23:83:d7:fc:9f:d5:7a:77:64:d8:e6:8e:5b:d9:
9d:ff:38:80:3f:12:13:90:d1:03:95:1a:d3:16:38:
82:b6:7e:95:30:90:95:31:50:30:bf:b1:ff:76:8b:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E2:12:DF:10:B8:84:5B:B7:D6:81:6A:BE:E5:C7:E4:A1:F9:89:AF
X509v3 Authority Key Identifier:
keyid:18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/JuIS3xC4hFu31oFqvuXH5KH5ia8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.112.0/21
194.31.3.0/24
194.76.29.0/24
194.99.56.0/24
IPv6:
2a01:6ac0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:d6:dd:9d:f8:83:a4:2a:ae:ca:d3:c6:b4:c0:7f:52:ce:cd:
85:85:c6:e0:07:ae:54:05:7f:d0:59:40:ed:a7:b3:ff:c3:30:
32:47:ea:84:3d:04:ff:3f:01:67:d3:3c:93:b5:9b:83:77:47:
68:43:e3:cd:b7:6a:7a:ef:4b:af:3c:71:eb:6f:73:7d:e3:d1:
d0:d6:1c:f9:ca:81:29:64:95:55:7d:09:4b:e2:6b:5b:a2:6b:
7a:f9:77:e0:c1:8a:6d:ec:58:87:41:c8:7f:83:14:71:34:7b:
fe:35:7d:ad:2d:76:71:78:d2:f8:f2:38:04:7d:84:42:03:d0:
ee:b5:c2:ea:f2:87:a9:d8:69:24:08:fc:ed:af:0a:8d:33:9d:
4e:cd:a6:b6:58:6c:3c:49:d8:03:e3:cb:5e:7f:0e:7b:c5:68:
4d:b4:53:63:54:f2:41:a7:8e:dd:e7:76:70:e7:70:7e:fa:ae:
e4:bb:4e:d2:b9:64:8f:ed:aa:dd:dd:4a:2b:0d:95:84:3a:ce:
47:9c:c0:5c:8e:1e:cb:dc:27:b4:d6:c6:01:da:22:c6:bc:60:
f4:47:7c:fa:52:2f:ec:b7:fd:d1:7b:78:09:ef:0e:88:31:7a:
f3:8b:0c:9d:97:e1:2f:18:77:c3:d0:63:f4:ee:32:9f:f5:75:
31:77:76:da
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvJWlHDex3jMdYBC0avt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4Y2FlYjE0YTAxZWUxNmQ4MzY1NjVlMTRmYTUzYjRhYjNj
M2NkMjYwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUyMTJkZjEwYjg4NDViYjdkNjgxNmFiZWU1YzdlNGExZjk4OWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI75rO0TBKX9JduuPLwm6bvct0Wx
qkrKnSZYW0moOGyA8uKZraCo6VOHKWECHvkQtuEH38gRk4D0vRphc8WmKnSrY01b
m2sqqJI0DvP01y4xFSBVcrAZf5YyyAxKr5bo8IIXofSsf/pbdzkzafAjwYdwu4Y/
lgrtzmurJ2tGgv1M9VvqjS8156s9/REjOJyhqQn0zj3p5yDv2DFBg15zRgFc9C2l
7Jfzh5DIepIPCYeEvI64jhoR5+nQ5qcj3mloSYg0om+wxJOrLQOfm0dYtN9VI4PX
/J/Vendk2OaOW9md/ziAPxITkNEDlRrTFjiCtn6VMJCVMVAwv7H/dosa4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCbiEt8QuIRbt9aBar7lx+Sh+YmvMB8GA1UdIwQY
MBaAFBjK6xSgHuFtg2Vl4U+lO0qzw80mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR01yckZLQWU0VzJEWldYaFQ2VTdTclBEelNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lN2IxZDctM2Q3YS00NmFiLTgxMGYt
ZWRkZjIzYzFiYTZkLzEvSnVJUzN4QzRoRnUzMW9GcXZ1WEg1S0g1aWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lN2IxZDctM2Q3YS00NmFiLTgxMGYtZWRkZjIzYzFiYTZk
LzEvR01yckZLQWU0VzJEWldYaFQ2VTdTclBEelNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhxwAwQA
wh8DAwQAwkwdAwQAwmM4MA0EAgACMAcDBQAqAWrAMA0GCSqGSIb3DQEBCwUAA4IB
AQCj1t2d+IOkKq7K08a0wH9Szs2FhcbgB65UBX/QWUDtp7P/wzAyR+qEPQT/PwFn
0zyTtZuDd0doQ+PNt2p670uvPHHrb3N949HQ1hz5yoEpZJVVfQlL4mtbomt6+Xfg
wYpt7FiHQch/gxRxNHv+NX2tLXZxeNL48jgEfYRCA9DutcLq8oep2GkkCPztrwqN
M51Ozaa2WGw8SdgD48tefw57xWhNtFNjVPJBp47d53Zw53B++q7ku07SuWSP7ard
3UorDZWEOs5HnMBcjh7L3Ce01sYB2iLGvGD0R3z6Ui/st/3Re3gJ7w6IMXrziwyd
l+EvGHfD0GP07jKf9XUxd3ba
-----END CERTIFICATE-----
Generated at Tue May 21 15:50:33 2024 by rpki-client on console-fra.rpki-client.org