Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/jG5so46Bkwj2XWUyvb-D--uyCZs.roa
File: jG5so46Bkwj2XWUyvb-D--uyCZs.roa (raw, json)
Hash identifier: hm6nG3QvfUHML4wmUV/tbbnbftkkUFNuWfW5R+JeH2k=
Subject key identifier: 8C:6E:6C:A3:8E:81:93:08:F6:5D:65:32:BD:BF:83:FB:EB:B2:09:9B
Certificate issuer: /CN=a12086adc71cbec5aea2a1f8954dfa642b530c3b
Certificate serial: 018EBD8807DE98372A8A727F7F3AAB693721
Authority key identifier: A1:20:86:AD:C7:1C:BE:C5:AE:A2:A1:F8:95:4D:FA:64:2B:53:0C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSCGrcccvsWuoqH4lU36ZCtTDDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/jG5so46Bkwj2XWUyvb-D--uyCZs.roa
Signing time: Mon 08 Apr 2024 11:46:32 +0000
ROA not before: Mon 08 Apr 2024 11:46:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208001
IP address blocks: 2.59.208.0/22 maxlen: 22
91.212.209.0/24 maxlen: 24
185.186.56.0/22 maxlen: 22
2a13:a4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/oSCGrcccvsWuoqH4lU36ZCtTDDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/oSCGrcccvsWuoqH4lU36ZCtTDDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oSCGrcccvsWuoqH4lU36ZCtTDDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:88:07:de:98:37:2a:8a:72:7f:7f:3a:ab:69:37:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a12086adc71cbec5aea2a1f8954dfa642b530c3b
Validity
Not Before: Apr 8 11:46:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c6e6ca38e819308f65d6532bdbf83fbebb2099b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f7:d8:08:af:cb:c2:63:27:c3:25:b1:38:0e:
d1:cf:44:6f:ee:75:d1:4c:85:c4:4c:52:b5:99:81:
86:a2:83:2a:28:6d:da:a9:1e:6c:03:75:11:a1:3c:
ee:c5:e1:8c:c4:db:c6:e5:a5:47:dc:98:39:31:a1:
4d:dc:3b:14:03:54:ff:b0:f2:8d:c1:dc:23:60:a9:
a0:5c:a0:90:cf:3d:54:80:e2:44:d3:8b:ce:fc:09:
c6:49:63:3f:fc:04:74:b3:9c:49:4b:23:80:fd:4f:
09:f4:88:11:cb:d0:0a:1b:73:35:9c:1a:c4:1b:d1:
1a:e3:de:1a:9b:89:fb:82:ba:fa:81:38:78:c6:d7:
52:83:02:8d:63:c6:bb:4b:66:bb:bf:3f:fa:4f:52:
e0:21:0c:e7:1a:6e:cd:18:9a:c8:d7:8f:bf:6d:94:
0e:95:fe:62:4c:31:91:53:3c:39:96:52:ea:30:6b:
4a:65:74:38:fe:5a:fc:79:e4:de:02:60:4a:5a:06:
c8:84:6b:94:be:3b:b1:5a:c5:8b:5d:72:72:44:0f:
64:2e:d7:7f:a1:e8:5f:7f:e8:04:84:ee:62:e7:51:
b6:b0:d3:80:38:48:6c:b3:0f:e8:ce:81:6e:25:52:
ba:57:3d:f6:2c:ad:08:1a:b0:8a:66:91:67:ce:11:
37:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6E:6C:A3:8E:81:93:08:F6:5D:65:32:BD:BF:83:FB:EB:B2:09:9B
X509v3 Authority Key Identifier:
keyid:A1:20:86:AD:C7:1C:BE:C5:AE:A2:A1:F8:95:4D:FA:64:2B:53:0C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSCGrcccvsWuoqH4lU36ZCtTDDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/jG5so46Bkwj2XWUyvb-D--uyCZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/6d9a02-e42d-42e3-af13-485a92bb9ba3/1/oSCGrcccvsWuoqH4lU36ZCtTDDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.208.0/22
91.212.209.0/24
185.186.56.0/22
IPv6:
2a13:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:42:53:f6:33:4d:fa:b6:8d:23:c6:4e:ea:af:9d:96:ca:03:
29:12:37:ac:96:b5:29:0c:7a:e9:26:dd:1c:28:80:82:30:db:
6d:15:93:c2:12:99:01:21:ba:ac:2c:a1:9f:80:fe:0f:1d:93:
1e:2c:3d:e1:cd:94:ce:14:de:a1:15:fc:be:84:23:9f:c6:2d:
22:c6:42:0d:63:46:90:ca:3c:48:c4:8e:f6:87:26:c5:7a:f9:
14:d6:71:8d:35:34:81:d7:63:b9:07:93:6f:f5:d7:67:52:e3:
4f:45:bd:cc:bf:f3:15:e3:33:9a:3c:0c:74:7c:b6:47:6f:02:
6e:96:06:f7:c1:61:de:6c:88:a0:b6:ff:b8:fc:12:00:4c:23:
ea:4b:45:77:e6:5f:e1:ed:7e:c5:23:72:7a:20:cb:30:45:71:
6d:2b:0f:ce:a1:6d:56:f7:b8:db:7d:2b:c3:2e:27:8b:4a:57:
93:f2:7b:88:ae:5c:ad:ad:6e:3a:a8:5d:dd:82:aa:1e:6d:0e:
85:c6:8e:40:fe:d0:69:a2:76:a9:3f:d1:07:e1:da:49:eb:d6:
07:c0:60:29:f5:e3:68:b9:a4:d5:14:39:f5:9a:f1:87:b3:b7:
a7:19:01:2c:d4:32:4b:9c:59:13:7a:e5:49:b7:3c:42:a3:ab:
56:30:31:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY69iAfemDcqinJ/fzqraTchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjA4NmFkYzcxY2JlYzVhZWEyYTFmODk1NGRmYTY0MmI1
MzBjM2IwHhcNMjQwNDA4MTE0NjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzZlNmNhMzhlODE5MzA4ZjY1ZDY1MzJiZGJmODNmYmViYjIwOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPfYCK/LwmMnwyWxOA7Rz0Rv7nXR
TIXETFK1mYGGooMqKG3aqR5sA3URoTzuxeGMxNvG5aVH3Jg5MaFN3DsUA1T/sPKN
wdwjYKmgXKCQzz1UgOJE04vO/AnGSWM//AR0s5xJSyOA/U8J9IgRy9AKG3M1nBrE
G9Ea494am4n7grr6gTh4xtdSgwKNY8a7S2a7vz/6T1LgIQznGm7NGJrI14+/bZQO
lf5iTDGRUzw5llLqMGtKZXQ4/lr8eeTeAmBKWgbIhGuUvjuxWsWLXXJyRA9kLtd/
oehff+gEhO5i51G2sNOAOEhssw/ozoFuJVK6Vz32LK0IGrCKZpFnzhE3KQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIxubKOOgZMI9l1lMr2/g/vrsgmbMB8GA1UdIwQY
MBaAFKEghq3HHL7FrqKh+JVN+mQrUww7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NDR3JjY2N2c1d1b3FINGxVMzZaQ3RURERzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82ZDlhMDItZTQyZC00MmUzLWFmMTMt
NDg1YTkyYmI5YmEzLzEvakc1c280NkJrd2oyWFdVeXZiLUQtLXV5Q1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82ZDlhMDItZTQyZC00MmUzLWFmMTMtNDg1YTkyYmI5YmEz
LzEvb1NDR3JjY2N2c1d1b3FINGxVMzZaQ3RURERzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCAjvQAwQA
W9TRAwQCubo4MA0EAgACMAcDBQMqE6TAMA0GCSqGSIb3DQEBCwUAA4IBAQCGQlP2
M036to0jxk7qr52WygMpEjeslrUpDHrpJt0cKICCMNttFZPCEpkBIbqsLKGfgP4P
HZMeLD3hzZTOFN6hFfy+hCOfxi0ixkINY0aQyjxIxI72hybFevkU1nGNNTSB12O5
B5Nv9ddnUuNPRb3Mv/MV4zOaPAx0fLZHbwJulgb3wWHebIigtv+4/BIATCPqS0V3
5l/h7X7FI3J6IMswRXFtKw/OoW1W97jbfSvDLieLSleT8nuIrlytrW46qF3dgqoe
bQ6Fxo5A/tBponapP9EH4dpJ69YHwGAp9eNouaTVFDn1mvGHs7enGQEs1DJLnFkT
euVJtzxCo6tWMDEj
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:16:02 2024 by rpki-client on console-fra.rpki-client.org