Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/JMgMg1xEnW7rFt3PVjkRAr7dTws.roa
File: JMgMg1xEnW7rFt3PVjkRAr7dTws.roa (raw, json)
Hash identifier: ZhtZvOXLYTKfN5RLxj25HbAImPIulfxYvdmZ0tGWzaw=
Subject key identifier: 24:C8:0C:83:5C:44:9D:6E:EB:16:DD:CF:56:39:11:02:BE:DD:4F:0B
Certificate issuer: /CN=04e1831c9eef1b795437fcbd43e295705a1a0547
Certificate serial: 018CC64B1F644E9F13190F49EC9E9A86EFB8
Authority key identifier: 04:E1:83:1C:9E:EF:1B:79:54:37:FC:BD:43:E2:95:70:5A:1A:05:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/JMgMg1xEnW7rFt3PVjkRAr7dTws.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57269
IP address blocks: 185.239.200.0/22 maxlen: 24
185.105.36.0/22 maxlen: 24
91.232.81.0/24 maxlen: 24
195.135.250.0/23 maxlen: 24
195.135.248.0/23 maxlen: 24
2a0c:5a80::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1f:64:4e:9f:13:19:0f:49:ec:9e:9a:86:ef:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04e1831c9eef1b795437fcbd43e295705a1a0547
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24c80c835c449d6eeb16ddcf56391102bedd4f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:62:8e:ee:13:c3:89:b1:e6:e4:4f:f3:20:c9:
38:38:22:84:03:2c:80:89:73:86:53:ee:be:7e:56:
9a:43:0f:60:fd:0b:1a:10:19:f7:48:a1:4b:6d:79:
10:cc:e7:2b:c7:41:2d:8f:35:8a:37:72:5b:ad:b3:
57:3c:b3:8f:26:d4:14:4b:7d:2a:76:1f:81:a3:48:
93:e1:d5:f7:a1:7f:47:6f:e9:12:6a:7f:f5:55:15:
32:41:cf:12:da:63:8f:18:df:78:19:63:e9:ea:21:
48:d8:04:03:43:f8:f0:bc:18:54:49:c9:01:5c:93:
20:27:bd:78:e0:92:38:a6:db:76:d0:24:6b:c5:f7:
ce:2a:1d:0a:98:3c:72:22:38:2b:d9:7e:1f:57:49:
3d:4c:04:fd:f7:ba:be:72:ca:dc:46:9e:83:5e:b6:
24:17:ae:9a:45:2e:1e:01:07:27:dc:a9:c8:86:4e:
d6:b1:ee:9c:f2:32:59:09:df:60:b6:cb:69:91:35:
ad:64:00:31:05:53:69:48:d3:9b:a2:82:1a:5a:ef:
0f:64:39:e1:3c:a2:d2:6c:69:30:b1:61:10:6c:46:
f0:4f:3c:c8:b1:62:df:33:1a:c2:ef:cf:b3:b8:0b:
31:44:a0:ec:7f:3e:f1:3b:a9:94:09:b0:ad:30:f2:
ef:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C8:0C:83:5C:44:9D:6E:EB:16:DD:CF:56:39:11:02:BE:DD:4F:0B
X509v3 Authority Key Identifier:
keyid:04:E1:83:1C:9E:EF:1B:79:54:37:FC:BD:43:E2:95:70:5A:1A:05:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/JMgMg1xEnW7rFt3PVjkRAr7dTws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.81.0/24
185.105.36.0/22
185.239.200.0/22
195.135.248.0/22
IPv6:
2a0c:5a80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:4f:7e:aa:32:f5:a4:9c:19:3e:65:bf:d5:b8:cf:00:31:e5:
27:cd:0f:d7:aa:d0:52:a9:fd:d8:50:50:bb:22:c6:7e:c2:06:
81:2a:54:a3:53:41:a1:4e:4b:43:1e:05:b2:7d:6a:1e:e1:92:
8b:f0:38:bd:bd:06:1f:9b:75:87:51:f1:26:d1:b4:ba:8a:2f:
19:aa:c0:7f:38:4f:01:1e:2d:31:a1:ca:d7:40:71:95:99:14:
4a:fc:e1:59:40:7a:fb:76:c1:69:ef:f4:a5:50:20:1f:5d:9d:
58:04:ab:ae:06:ae:43:51:c8:90:51:98:6c:1c:9a:04:8b:1f:
c0:75:58:e8:b2:18:5c:06:ed:e5:52:08:2d:de:e8:43:39:61:
a2:0d:e9:81:ef:2e:a0:7f:20:a4:66:62:6b:a5:93:72:5a:d9:
71:2a:d2:6a:a3:45:71:b2:89:5e:d7:e7:99:19:a8:24:cc:b4:
d3:e0:0e:bd:5d:77:5a:67:53:90:e0:8f:9b:5c:ba:38:45:bf:
0a:48:a7:52:c0:6d:ed:c5:42:ef:cd:3c:2e:f3:5b:06:e7:53:
32:8e:57:26:e4:b5:28:20:2e:c9:a8:a5:a0:c2:ff:06:2e:d0:
4d:21:21:4f:2c:7e:29:79:cc:0f:f3:65:4e:29:fa:fd:af:d6:
0d:cd:3d:80
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGSx9kTp8TGQ9J7J6ahu+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTE4MzFjOWVlZjFiNzk1NDM3ZmNiZDQzZTI5NTcwNWEx
YTA1NDcwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGM4MGM4MzVjNDQ5ZDZlZWIxNmRkY2Y1NjM5MTEwMmJlZGQ0ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGKO7hPDibHm5E/zIMk4OCKEAyyA
iXOGU+6+flaaQw9g/QsaEBn3SKFLbXkQzOcrx0EtjzWKN3JbrbNXPLOPJtQUS30q
dh+Bo0iT4dX3oX9Hb+kSan/1VRUyQc8S2mOPGN94GWPp6iFI2AQDQ/jwvBhUSckB
XJMgJ7144JI4ptt20CRrxffOKh0KmDxyIjgr2X4fV0k9TAT997q+csrcRp6DXrYk
F66aRS4eAQcn3KnIhk7Wse6c8jJZCd9gtstpkTWtZAAxBVNpSNObooIaWu8PZDnh
PKLSbGkwsWEQbEbwTzzIsWLfMxrC78+zuAsxRKDsfz7xO6mUCbCtMPLvTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCTIDINcRJ1u6xbdz1Y5EQK+3U8LMB8GA1UdIwQY
MBaAFAThgxye7xt5VDf8vUPilXBaGgVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9HREhKN3ZHM2xVTl95OVEtS1ZjRm9hQlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82YTQ4NTgtNDZhZS00ZmIwLWJlZTUt
NzZmYjIwZjQ5NDNkLzEvSk1nTWcxeEVuVzdyRnQzUFZqa1JBcjdkVHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82YTQ4NTgtNDZhZS00ZmIwLWJlZTUtNzZmYjIwZjQ5NDNk
LzEvQk9HREhKN3ZHM2xVTl95OVEtS1ZjRm9hQlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+hRAwQC
uWkkAwQCue/IAwQCw4f4MA0EAgACMAcDBQMqDFqAMA0GCSqGSIb3DQEBCwUAA4IB
AQBeT36qMvWknBk+Zb/VuM8AMeUnzQ/XqtBSqf3YUFC7IsZ+wgaBKlSjU0GhTktD
HgWyfWoe4ZKL8Di9vQYfm3WHUfEm0bS6ii8ZqsB/OE8BHi0xocrXQHGVmRRK/OFZ
QHr7dsFp7/SlUCAfXZ1YBKuuBq5DUciQUZhsHJoEix/AdVjoshhcBu3lUggt3uhD
OWGiDemB7y6gfyCkZmJrpZNyWtlxKtJqo0Vxsole1+eZGagkzLTT4A69XXdaZ1OQ
4I+bXLo4Rb8KSKdSwG3txULvzTwu81sG51Myjlcm5LUoIC7JqKWgwv8GLtBNISFP
LH4pecwP82VOKfr9r9YNzT2A
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:15 2024 by rpki-client on console-ams.rpki-client.org