Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/JPzVG7T2ffKAKsD2ZakIqzf-_Ao.roa
File: JPzVG7T2ffKAKsD2ZakIqzf-_Ao.roa (raw, json)
Hash identifier: 7bJKtKmaPQOyaP3/GqgtPpDvSJSbYez/Lc66gFicJ2g=
Subject key identifier: 24:FC:D5:1B:B4:F6:7D:F2:80:2A:C0:F6:65:A9:08:AB:37:FE:FC:0A
Certificate issuer: /CN=35c0a5ba5bc82e20e046fbb54c065806f4c7b6a1
Certificate serial: 018CC2DAD3F8AEB8FC89CA622106CE9E362B
Authority key identifier: 35:C0:A5:BA:5B:C8:2E:20:E0:46:FB:B5:4C:06:58:06:F4:C7:B6:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NcClulvILiDgRvu1TAZYBvTHtqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/JPzVG7T2ffKAKsD2ZakIqzf-_Ao.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206999
IP address blocks: 185.73.64.0/24 maxlen: 24
185.73.67.0/24 maxlen: 24
185.73.66.0/24 maxlen: 24
185.73.65.0/24 maxlen: 24
185.28.88.0/24 maxlen: 24
185.28.91.0/24 maxlen: 24
185.28.90.0/24 maxlen: 24
185.28.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/NcClulvILiDgRvu1TAZYBvTHtqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/NcClulvILiDgRvu1TAZYBvTHtqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NcClulvILiDgRvu1TAZYBvTHtqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d3:f8:ae:b8:fc:89:ca:62:21:06:ce:9e:36:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c0a5ba5bc82e20e046fbb54c065806f4c7b6a1
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24fcd51bb4f67df2802ac0f665a908ab37fefc0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:35:65:5f:82:7f:7a:cd:41:97:08:4a:73:9b:
bb:3b:73:64:d9:cc:4c:79:55:4d:7a:ef:2f:af:7c:
e1:29:42:2a:14:93:32:b8:2b:c1:3d:12:f3:15:a6:
00:70:0c:73:08:ec:89:43:6c:73:eb:ab:6e:a4:98:
51:b6:90:62:9a:23:6d:8c:c3:b9:34:ae:9e:b4:3c:
53:df:0a:a8:02:7e:b1:31:cf:2b:79:5c:90:f8:2d:
18:17:db:24:69:96:b6:19:c1:97:c6:1f:2f:67:94:
c3:10:d3:b9:e0:82:74:54:68:ea:40:b4:e2:10:a3:
7c:48:a6:64:a4:d1:8b:a6:39:a2:94:b9:ff:cf:fc:
5b:4f:7f:77:f1:00:58:bf:d9:9e:a1:0c:3d:e8:03:
ea:d1:84:d7:80:de:e1:87:2a:cc:a2:b4:ae:4a:cb:
8c:e6:94:2b:12:d9:57:4f:f0:18:e5:90:ea:7a:87:
9d:6b:dd:00:a6:b3:02:a8:39:c3:f1:27:f8:77:81:
48:f4:55:5c:fa:b5:aa:c6:c9:69:c6:ce:60:40:39:
0c:10:13:bd:aa:a9:eb:ce:14:9e:6b:c1:5c:97:61:
8f:8a:c5:ff:52:2d:ed:99:31:ea:fb:af:d5:64:ee:
2b:48:ed:c5:5a:b2:2a:28:99:7f:8c:3c:ae:0e:2e:
0f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FC:D5:1B:B4:F6:7D:F2:80:2A:C0:F6:65:A9:08:AB:37:FE:FC:0A
X509v3 Authority Key Identifier:
keyid:35:C0:A5:BA:5B:C8:2E:20:E0:46:FB:B5:4C:06:58:06:F4:C7:B6:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NcClulvILiDgRvu1TAZYBvTHtqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/JPzVG7T2ffKAKsD2ZakIqzf-_Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7073f1-3a08-4e4a-bedf-58ccf95d282b/1/NcClulvILiDgRvu1TAZYBvTHtqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.88.0/22
185.73.64.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:8b:52:b1:ca:bb:73:7e:17:66:4b:1e:af:ef:4b:df:0a:5b:
c6:72:2b:77:4f:03:cf:06:34:bc:3d:16:6c:97:e7:b5:4e:50:
8c:ce:31:86:85:ce:5d:80:13:23:99:2d:1a:10:2b:5c:87:d5:
92:73:69:3b:1c:01:71:04:38:b2:4c:2c:01:af:ad:25:a2:45:
12:84:61:ae:41:81:78:fb:bd:48:16:9a:1c:73:7e:8d:17:a3:
47:c4:2a:ce:21:14:f5:72:ae:75:ca:50:0b:12:94:77:61:a5:
a2:92:25:f3:56:bc:1d:7d:c7:4a:1d:6e:95:59:29:1c:1f:1c:
27:e4:1e:43:f7:0e:9c:ce:b6:0b:a1:94:b4:cd:5a:62:4d:5b:
a2:ae:e1:fd:28:b5:f5:b7:0c:32:a0:68:f8:52:ff:65:cf:73:
48:dc:a4:f8:28:31:f1:0f:bd:14:01:9a:f1:60:7b:8f:15:e8:
2e:d0:0c:5a:45:5d:f0:9f:7f:52:f9:e4:99:90:c0:38:69:55:
51:f5:32:5a:e8:fa:b7:b3:96:42:82:b1:3e:53:bf:28:23:e2:
f4:43:dd:98:bd:91:9a:f7:74:84:08:57:1b:d0:87:72:7b:85:
af:56:ce:35:1b:ce:9d:0f:8b:ad:51:a1:5c:3b:11:e3:86:db:
2a:9b:62:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2tP4rrj8icpiIQbOnjYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YzBhNWJhNWJjODJlMjBlMDQ2ZmJiNTRjMDY1ODA2ZjRj
N2I2YTEwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZjZDUxYmI0ZjY3ZGYyODAyYWMwZjY2NWE5MDhhYjM3ZmVmYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTVlX4J/es1BlwhKc5u7O3Nk2cxM
eVVNeu8vr3zhKUIqFJMyuCvBPRLzFaYAcAxzCOyJQ2xz66tupJhRtpBimiNtjMO5
NK6etDxT3wqoAn6xMc8reVyQ+C0YF9skaZa2GcGXxh8vZ5TDENO54IJ0VGjqQLTi
EKN8SKZkpNGLpjmilLn/z/xbT3938QBYv9meoQw96APq0YTXgN7hhyrMorSuSsuM
5pQrEtlXT/AY5ZDqeoeda90AprMCqDnD8Sf4d4FI9FVc+rWqxslpxs5gQDkMEBO9
qqnrzhSea8Fcl2GPisX/Ui3tmTHq+6/VZO4rSO3FWrIqKJl/jDyuDi4P8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCT81Ru09n3ygCrA9mWpCKs3/vwKMB8GA1UdIwQY
MBaAFDXApbpbyC4g4Eb7tUwGWAb0x7ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNDbHVsdklMaURnUnZ1MVRBWllCdlRIdHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS83MDczZjEtM2EwOC00ZTRhLWJlZGYt
NThjY2Y5NWQyODJiLzEvSlB6Vkc3VDJmZktBS3NEMlpha0lxemYtX0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS83MDczZjEtM2EwOC00ZTRhLWJlZGYtNThjY2Y5NWQyODJi
LzEvTmNDbHVsdklMaURnUnZ1MVRBWllCdlRIdHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRxYAwQC
uUlAMA0GCSqGSIb3DQEBCwUAA4IBAQA6i1KxyrtzfhdmSx6v70vfClvGcit3TwPP
BjS8PRZsl+e1TlCMzjGGhc5dgBMjmS0aECtch9WSc2k7HAFxBDiyTCwBr60lokUS
hGGuQYF4+71IFpocc36NF6NHxCrOIRT1cq51ylALEpR3YaWikiXzVrwdfcdKHW6V
WSkcHxwn5B5D9w6czrYLoZS0zVpiTVuiruH9KLX1twwyoGj4Uv9lz3NI3KT4KDHx
D70UAZrxYHuPFegu0AxaRV3wn39S+eSZkMA4aVVR9TJa6Pq3s5ZCgrE+U78oI+L0
Q92YvZGa93SECFcb0Idye4WvVs41G86dD4utUaFcOxHjhtsqm2LE
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:20:54 2024 by rpki-client on console-fra.rpki-client.org