Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/Jj1DpcFrDlbzGtwAFFUJJSz6ReE.roa
File: Jj1DpcFrDlbzGtwAFFUJJSz6ReE.roa (raw, json)
Hash identifier: 9/0IyIXWmnALxHrtFCPa7tgMfXmyupTu9RsmHhickXg=
Subject key identifier: 26:3D:43:A5:C1:6B:0E:56:F3:1A:DC:00:14:55:09:25:2C:FA:45:E1
Certificate issuer: /CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Certificate serial: 018CC94E632B6F64A46BC85081E3F3FE33DD
Authority key identifier: CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/Jj1DpcFrDlbzGtwAFFUJJSz6ReE.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201996
IP address blocks: 87.246.42.0/24 maxlen: 24
87.246.43.0/24 maxlen: 24
87.246.40.0/24 maxlen: 24
87.246.41.0/24 maxlen: 24
212.5.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:63:2b:6f:64:a4:6b:c8:50:81:e3:f3:fe:33:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=263d43a5c16b0e56f31adc00145509252cfa45e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:25:4b:13:b9:b7:d0:f8:82:d3:f4:95:fa:
1d:d1:95:52:16:d3:e0:46:f7:c1:86:92:bb:a3:61:
ca:8e:1b:1b:aa:7f:bb:62:7c:a8:42:5f:f6:51:c3:
d7:65:4e:b6:97:4a:5a:d7:69:21:b5:5a:01:22:8a:
9e:b1:ee:62:45:fc:26:7a:25:9c:5a:a7:bd:b7:a7:
51:91:a2:e7:cb:ad:45:27:c0:e7:58:cd:0e:5c:5d:
fc:b9:b9:85:17:72:7e:a3:9b:87:4c:58:f9:d9:04:
78:0a:d1:70:cd:93:a2:40:5e:9a:45:39:d5:e0:44:
57:28:22:a7:27:02:05:72:f1:32:c8:f4:14:72:1f:
42:76:b6:a0:63:51:ab:d5:54:f9:65:c1:c1:25:0f:
c4:41:6c:df:7d:5b:0c:f5:9a:fb:fc:db:bd:33:54:
ea:ac:68:2c:50:92:21:22:cc:dd:ae:37:42:eb:40:
91:25:84:28:db:53:44:dc:15:99:77:4d:1b:42:94:
95:e8:0d:59:86:6e:26:38:48:09:ed:33:14:7f:4a:
15:b1:2f:c5:00:df:13:09:8f:27:69:67:bf:cc:af:
43:2d:62:99:df:ec:82:d6:5a:38:be:4c:b7:45:02:
e9:60:47:6a:89:12:70:ce:18:ed:3d:3c:fd:82:ed:
d5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3D:43:A5:C1:6B:0E:56:F3:1A:DC:00:14:55:09:25:2C:FA:45:E1
X509v3 Authority Key Identifier:
keyid:CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/Jj1DpcFrDlbzGtwAFFUJJSz6ReE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.40.0/22
212.5.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:b6:8a:06:35:05:c8:ca:12:c4:4e:31:06:34:9e:7a:72:ec:
f8:f8:b6:76:a9:a2:8d:7a:75:66:4b:36:4b:ca:78:0a:ee:d7:
b6:86:c5:f8:83:cc:94:e1:b6:cd:81:af:5d:8f:d1:c2:85:db:
5e:cd:4e:b1:bf:06:9b:c0:51:10:b1:27:59:b1:de:e0:95:29:
37:68:90:59:d2:2d:c6:da:b8:73:01:01:73:9d:07:19:92:f7:
89:10:a0:71:35:53:9c:88:8d:b5:49:2e:a1:72:a1:aa:cc:14:
30:3d:59:b5:d4:15:d9:27:dd:71:fd:c8:25:00:6e:0b:af:65:
40:e7:7e:19:2c:bd:46:7d:a8:67:7f:26:02:16:ba:1b:cc:54:
b7:82:1b:c0:6b:19:04:ae:b1:0f:79:42:84:1b:a4:15:b3:54:
2a:50:e6:f4:d0:20:5b:06:23:88:14:6d:51:38:94:df:fa:90:
63:13:79:f2:57:c4:75:73:77:3f:d4:0a:5b:96:01:c5:6a:71:
2d:28:b3:7e:be:bb:42:40:70:46:b4:3e:00:fc:72:24:a3:bb:
7f:2c:14:ca:a7:91:44:78:57:92:36:27:6f:2a:f5:34:2b:97:
25:1f:51:38:d7:72:da:15:1a:30:f5:90:45:77:bd:85:e9:6b:
88:ee:d4:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTmMrb2Ska8hQgePz/jPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOTUyZjljMzM5Y2FiZDE0MjM0ZDAwYzg0YTI1MmQ3ZWM3
MWEyYTIwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNkNDNhNWMxNmIwZTU2ZjMxYWRjMDAxNDU1MDkyNTJjZmE0NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXUlSxO5t9D4gtP0lfod0ZVSFtPg
RvfBhpK7o2HKjhsbqn+7YnyoQl/2UcPXZU62l0pa12khtVoBIoqese5iRfwmeiWc
Wqe9t6dRkaLny61FJ8DnWM0OXF38ubmFF3J+o5uHTFj52QR4CtFwzZOiQF6aRTnV
4ERXKCKnJwIFcvEyyPQUch9CdragY1Gr1VT5ZcHBJQ/EQWzffVsM9Zr7/Nu9M1Tq
rGgsUJIhIszdrjdC60CRJYQo21NE3BWZd00bQpSV6A1Zhm4mOEgJ7TMUf0oVsS/F
AN8TCY8naWe/zK9DLWKZ3+yC1lo4vky3RQLpYEdqiRJwzhjtPTz9gu3V4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCY9Q6XBaw5W8xrcABRVCSUs+kXhMB8GA1UdIwQY
MBaAFMuVL5wznKvRQjTQDISiUtfscaKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMt
ZmQyMmRmM2I1N2Y2LzEvSmoxRHBjRnJEbGJ6R3R3QUZGVUpKU3o2UmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMtZmQyMmRmM2I1N2Y2
LzEveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV/YoAwQA
1AU8MA0GCSqGSIb3DQEBCwUAA4IBAQCntooGNQXIyhLETjEGNJ56cuz4+LZ2qaKN
enVmSzZLyngK7te2hsX4g8yU4bbNga9dj9HChdtezU6xvwabwFEQsSdZsd7glSk3
aJBZ0i3G2rhzAQFznQcZkveJEKBxNVOciI21SS6hcqGqzBQwPVm11BXZJ91x/cgl
AG4Lr2VA534ZLL1GfahnfyYCFrobzFS3ghvAaxkErrEPeUKEG6QVs1QqUOb00CBb
BiOIFG1ROJTf+pBjE3nyV8R1c3c/1ApblgHFanEtKLN+vrtCQHBGtD4A/HIko7t/
LBTKp5FEeFeSNidvKvU0K5clH1E413LaFRow9ZBFd72F6WuI7tQy
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:23:37 2024 by rpki-client on console-fra.rpki-client.org