Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Jn4GJgWOJoV5GVZCLcRnHqgzR9E.roa
File: Jn4GJgWOJoV5GVZCLcRnHqgzR9E.roa (raw, json)
Hash identifier: Ciy8aQYDo5lbBEPdG7jyITcKVWO2IKiKDDBQa6gnxMQ=
Subject key identifier: 26:7E:06:26:05:8E:26:85:79:19:56:42:2D:C4:67:1E:A8:33:47:D1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802ECC820284858FB44478ABC63B3C8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Jn4GJgWOJoV5GVZCLcRnHqgzR9E.roa
Signing time: Tue 02 Jan 2024 02:31:24 +0000
ROA not before: Tue 02 Jan 2024 02:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 192.121.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:ec:c8:20:28:48:58:fb:44:47:8a:bc:63:b3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=267e0626058e2685791956422dc4671ea83347d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:2d:a5:14:5d:19:35:3a:1b:50:5c:d8:00:
ff:bc:f2:b3:73:d1:23:5e:31:1d:4d:07:ee:27:45:
f1:4a:d2:d1:8e:b3:66:44:af:4b:8e:94:f4:1b:d0:
c6:a0:ad:de:4f:f9:7f:ab:5a:c4:ab:1a:76:fb:0d:
db:f8:96:79:32:2f:1f:98:5e:9d:fe:fb:03:bd:da:
8b:cc:52:b6:2a:e0:e1:49:47:73:a4:f4:3a:53:e5:
1e:40:d2:f6:76:88:c9:08:35:1c:0a:86:d1:8f:36:
ba:3c:c4:21:17:05:73:d4:d3:35:18:8f:3e:3b:55:
96:6d:3b:a9:4f:18:1b:04:68:b4:ca:1c:80:03:6e:
67:b8:db:e4:6c:88:e8:1f:8a:55:0c:25:26:bc:e0:
f1:75:c0:f1:84:30:29:9b:b4:01:06:b3:42:8b:42:
ac:59:b0:ec:77:a4:e6:41:05:cb:fc:fe:c4:14:9c:
54:90:f9:15:75:3e:a8:30:4f:1b:39:36:83:18:06:
16:bf:dc:17:24:8c:78:58:e2:0c:dd:2e:73:69:48:
a9:b3:94:12:15:59:b0:b0:a1:fb:7e:09:91:d3:88:
8a:a0:09:51:73:6c:0d:a4:ed:7a:73:06:df:0c:c9:
a7:9d:72:f6:6d:e0:1b:f7:47:55:55:95:e3:67:33:
9b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7E:06:26:05:8E:26:85:79:19:56:42:2D:C4:67:1E:A8:33:47:D1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Jn4GJgWOJoV5GVZCLcRnHqgzR9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.87.0/24
Signature Algorithm: sha256WithRSAEncryption
52:be:d4:19:87:95:ba:0c:10:7a:f1:58:ec:b3:33:b7:ad:29:
15:16:d2:bf:a7:b7:e8:46:ed:55:46:9c:18:32:77:4b:aa:2d:
35:d6:ec:0b:21:52:7b:20:ab:8c:c3:af:f6:da:f6:6f:6a:7b:
40:51:09:68:d7:bf:bf:53:9b:02:30:9a:68:51:e5:93:30:58:
8f:a6:83:d6:27:c8:0d:dd:33:f4:81:fc:32:1b:27:70:d8:b5:
ea:da:3e:37:3b:f2:5b:16:36:9c:b5:22:e3:54:1d:37:28:e7:
3c:67:9c:70:14:2d:42:d2:bd:6b:30:3e:22:be:9d:68:78:0f:
97:6f:37:09:c8:4f:76:2e:3a:5f:1a:49:6e:e2:99:d5:0e:32:
75:90:e8:e4:63:32:96:b2:7b:34:81:33:34:bd:c0:1e:d5:c1:
a8:95:83:68:03:66:cc:d6:69:d9:45:97:1b:a0:1a:de:87:09:
49:46:03:2c:ed:50:a3:d7:aa:05:82:4d:04:4f:d5:71:fd:66:
f1:ca:c5:db:7b:f5:f0:bb:90:15:1c:ca:84:78:e1:45:64:55:
4c:f5:4f:c7:be:65:96:fa:e7:24:bd:8a:b9:af:a2:5a:23:94:
fd:8d:e9:e2:65:ff:c0:5a:e8:1a:5a:2b:3e:d8:3b:81:2c:78:
44:f0:67:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAuzIIChIWPtER4q8Y7PIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdlMDYyNjA1OGUyNjg1NzkxOTU2NDIyZGM0NjcxZWE4MzM0N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8UtpRRdGTU6G1Bc2AD/vPKzc9Ej
XjEdTQfuJ0XxStLRjrNmRK9LjpT0G9DGoK3eT/l/q1rEqxp2+w3b+JZ5Mi8fmF6d
/vsDvdqLzFK2KuDhSUdzpPQ6U+UeQNL2dojJCDUcCobRjza6PMQhFwVz1NM1GI8+
O1WWbTupTxgbBGi0yhyAA25nuNvkbIjoH4pVDCUmvODxdcDxhDApm7QBBrNCi0Ks
WbDsd6TmQQXL/P7EFJxUkPkVdT6oME8bOTaDGAYWv9wXJIx4WOIM3S5zaUips5QS
FVmwsKH7fgmR04iKoAlRc2wNpO16cwbfDMmnnXL2beAb90dVVZXjZzObDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZ+BiYFjiaFeRlWQi3EZx6oM0fRMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSm40R0pnV09Kb1Y1R1ZaQ0xjUm5IcWd6UjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHlXMA0G
CSqGSIb3DQEBCwUAA4IBAQBSvtQZh5W6DBB68VjsszO3rSkVFtK/p7foRu1VRpwY
MndLqi011uwLIVJ7IKuMw6/22vZvantAUQlo17+/U5sCMJpoUeWTMFiPpoPWJ8gN
3TP0gfwyGydw2LXq2j43O/JbFjactSLjVB03KOc8Z5xwFC1C0r1rMD4ivp1oeA+X
bzcJyE92LjpfGklu4pnVDjJ1kOjkYzKWsns0gTM0vcAe1cGolYNoA2bM1mnZRZcb
oBrehwlJRgMs7VCj16oFgk0ET9Vx/WbxysXbe/Xwu5AVHMqEeOFFZFVM9U/HvmWW
+uckvYq5r6JaI5T9jeniZf/AWugaWis+2DuBLHhE8Gdm
-----END CERTIFICATE-----
Generated at Sat May 18 17:25:40 2024 by rpki-client on console-ams.rpki-client.org