Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/sjW4_q-nutsaRZuGO4SXjrBlYwo.roa
File: sjW4_q-nutsaRZuGO4SXjrBlYwo.roa (raw, json)
Hash identifier: cwZMmooYwATPeOwDAaIObJcEDW1YpMCdvi9vyvMNmqc=
Subject key identifier: B2:35:B8:FE:AF:A7:BA:DB:1A:45:9B:86:3B:84:97:8E:B0:65:63:0A
Certificate issuer: /CN=e992a035bffc5a41412c497c1285d1838234ffb0
Certificate serial: 018CC26CFDEB1A76B116535E3521320CD59A
Authority key identifier: E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/sjW4_q-nutsaRZuGO4SXjrBlYwo.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16243
IP address blocks: 217.114.96.0/20 maxlen: 24
185.76.16.0/22 maxlen: 24
77.222.64.0/19 maxlen: 24
87.249.96.0/19 maxlen: 24
2001:1540::/32 maxlen: 48
2001:1541:4100::/40 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fd:eb:1a:76:b1:16:53:5e:35:21:32:0c:d5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e992a035bffc5a41412c497c1285d1838234ffb0
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b235b8feafa7badb1a459b863b84978eb065630a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5f:19:0e:98:96:eb:62:90:02:91:e8:7d:00:
1a:0a:57:56:8c:00:16:43:24:ad:7b:f3:a7:c9:d0:
6e:b5:b6:71:50:35:ba:20:65:be:d4:b5:2c:85:c3:
6f:99:ea:fb:b1:b7:79:be:6f:88:91:35:d4:58:95:
f7:58:9b:6f:6c:e1:5f:a2:60:cc:28:36:b5:de:2d:
f1:16:18:bc:b9:f4:84:86:d0:cb:4f:5b:a1:fd:2a:
9f:87:3e:68:c0:e6:9e:12:90:af:9b:15:49:ac:cf:
2b:8b:6b:80:c4:c1:8d:35:7a:79:65:5f:eb:d4:83:
bd:80:89:a2:7e:04:a1:06:ac:9e:6f:1e:fa:23:5a:
90:ed:7d:7f:31:74:e3:ed:d4:0d:06:01:6b:ab:8c:
d7:c2:7c:fa:18:f5:50:68:76:82:81:0c:b9:39:38:
cc:d2:6c:5c:e4:5a:d0:22:8d:5a:00:a2:b5:6c:5f:
fd:f0:eb:68:e9:c0:00:8b:08:d8:17:c8:4a:62:39:
ee:a9:5a:02:18:20:7f:d1:86:7a:33:fd:ab:6d:64:
14:44:f5:88:dd:fe:f8:5d:2b:66:1f:92:2c:b2:f6:
c3:b1:f3:cc:41:fe:78:36:33:19:05:10:4c:0c:e5:
df:8b:e4:94:db:7d:61:79:92:d4:ea:73:6d:22:75:
35:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:35:B8:FE:AF:A7:BA:DB:1A:45:9B:86:3B:84:97:8E:B0:65:63:0A
X509v3 Authority Key Identifier:
keyid:E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/sjW4_q-nutsaRZuGO4SXjrBlYwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.64.0/19
87.249.96.0/19
185.76.16.0/22
217.114.96.0/20
IPv6:
2001:1540::/32
2001:1541:4100::/40
Signature Algorithm: sha256WithRSAEncryption
66:5c:72:f3:db:c3:73:48:f7:82:69:57:3f:11:89:fa:65:51:
70:22:f6:65:b5:54:db:e8:b6:62:fa:48:47:be:61:9c:20:4e:
2c:58:79:2b:42:4d:2e:c5:d6:7c:5c:46:62:b1:1f:1e:82:49:
8e:0f:ae:3b:17:84:37:75:f6:54:80:68:0b:50:fb:3b:9c:26:
e3:cd:e0:2d:63:47:bc:64:e1:62:d9:0b:25:22:f1:36:b1:ce:
e2:3f:1d:8f:2c:e0:24:2e:d3:d0:b2:7b:1f:a3:64:07:68:79:
40:82:d8:60:3a:45:e3:64:a6:ca:1a:ab:3e:a9:f9:6e:42:4c:
20:e0:b3:01:7c:c0:cc:1c:1c:ca:a8:17:27:e6:47:3b:57:e5:
38:de:8b:c5:90:20:ea:af:ed:55:83:da:a7:e3:d1:1e:5c:88:
4b:a5:e7:9e:ba:36:6e:c7:e0:ce:a4:07:1b:a6:43:c9:2e:d5:
dc:c3:47:11:16:20:79:bc:d0:66:10:c1:ad:8a:ac:13:1e:44:
2d:ec:74:7d:a8:7a:bd:88:a2:94:df:e8:39:d9:ef:20:3b:b9:
c8:51:8c:31:e3:93:bf:7f:24:a8:dd:d6:87:a2:c1:ea:64:a0:
28:6b:85:8b:38:db:b5:20:ff:24:29:2a:f8:6e:f4:6d:10:ed:
d3:cf:63:c8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzCbP3rGnaxFlNeNSEyDNWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OTJhMDM1YmZmYzVhNDE0MTJjNDk3YzEyODVkMTgzODIz
NGZmYjAwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM1YjhmZWFmYTdiYWRiMWE0NTliODYzYjg0OTc4ZWIwNjU2MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF8ZDpiW62KQApHofQAaCldWjAAW
QySte/OnydButbZxUDW6IGW+1LUshcNvmer7sbd5vm+IkTXUWJX3WJtvbOFfomDM
KDa13i3xFhi8ufSEhtDLT1uh/Sqfhz5owOaeEpCvmxVJrM8ri2uAxMGNNXp5ZV/r
1IO9gImifgShBqyebx76I1qQ7X1/MXTj7dQNBgFrq4zXwnz6GPVQaHaCgQy5OTjM
0mxc5FrQIo1aAKK1bF/98Oto6cAAiwjYF8hKYjnuqVoCGCB/0YZ6M/2rbWQURPWI
3f74XStmH5IssvbDsfPMQf54NjMZBRBMDOXfi+SU231heZLU6nNtInU1dwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLI1uP6vp7rbGkWbhjuEl46wZWMKMB8GA1UdIwQY
MBaAFOmSoDW//FpBQSxJfBKF0YOCNP+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTkt
Yjk3ZDMzNmVhMmY1LzEvc2pXNF9xLW51dHNhUlp1R080U1hqckJsWXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTktYjk3ZDMzNmVhMmY1
LzEvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAeBAIAATAYAwQFTd5AAwQF
V/lgAwQCuUwQAwQE2XJgMBUEAgACMA8DBQAgARVAAwYAIAEVQUEwDQYJKoZIhvcN
AQELBQADggEBAGZccvPbw3NI94JpVz8RifplUXAi9mW1VNvotmL6SEe+YZwgTixY
eStCTS7F1nxcRmKxHx6CSY4PrjsXhDd19lSAaAtQ+zucJuPN4C1jR7xk4WLZCyUi
8TaxzuI/HY8s4CQu09Cyex+jZAdoeUCC2GA6ReNkpsoaqz6p+W5CTCDgswF8wMwc
HMqoFyfmRztX5Tjei8WQIOqv7VWD2qfj0R5ciEul5566Nm7H4M6kBxumQ8ku1dzD
RxEWIHm80GYQwa2KrBMeRC3sdH2oer2IopTf6DnZ7yA7uchRjDHjk79/JKjd1oei
wepkoChrhYs427Ug/yQpKvhu9G0Q7dPPY8g=
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:36:21 2024 by rpki-client on console-fra.rpki-client.org