Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/JAFOFfTdCadUKBvfP20wEW_Ba8I.roa
File: JAFOFfTdCadUKBvfP20wEW_Ba8I.roa (raw, json)
Hash identifier: k+aHntixeZfxe3mZZEI94ekKG4/YO2xROymPOKI9bO8=
Subject key identifier: 24:01:4E:15:F4:DD:09:A7:54:28:1B:DF:3F:6D:30:11:6F:C1:6B:C2
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 018CC9BB942317DD1DCC563777D15BA71734
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/JAFOFfTdCadUKBvfP20wEW_Ba8I.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.205.0/24 maxlen: 24
2001:7f8:111::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 04:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:94:23:17:dd:1d:cc:56:37:77:d1:5b:a7:17:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24014e15f4dd09a754281bdf3f6d30116fc16bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e0:32:e6:ac:dc:bb:ed:44:ba:06:a5:29:3d:
31:68:76:0c:25:b1:3c:d4:8d:a3:91:b9:3e:72:11:
57:27:e5:ec:5a:ba:88:71:a1:d4:fc:13:f8:04:63:
0f:a1:02:b9:64:1f:aa:01:d2:ab:ad:b1:c3:b8:8c:
b6:34:ac:59:ab:97:97:6f:4d:b0:86:53:7f:7b:c5:
c0:bb:3b:ba:41:e1:7f:1b:37:83:2a:4c:2f:84:5b:
36:ee:87:81:5a:75:29:22:6d:91:26:1f:f0:8b:7a:
37:16:4b:07:da:2c:eb:a4:ed:09:d0:62:61:84:c1:
42:61:a4:2b:82:bb:8d:dc:d7:43:e1:72:47:6d:c8:
10:31:c0:15:4c:92:34:5e:3c:77:c0:c2:b9:32:10:
5d:77:75:21:1d:68:ce:d0:f8:04:40:36:43:2a:e9:
fc:e0:46:18:39:b9:54:77:8c:77:dd:9f:67:3c:2e:
d9:50:7f:c8:48:b5:f3:a8:4a:82:e7:76:5b:c4:f9:
84:3e:56:dd:05:2d:d6:79:28:41:ad:44:46:c2:36:
07:1e:6e:4a:33:9d:b5:0e:1e:a5:3e:ae:ce:55:2d:
11:e4:09:8a:c0:51:d9:e8:72:b2:9a:03:4a:a1:df:
2e:40:df:12:fc:74:52:27:bf:d5:a4:0c:34:77:4b:
60:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:01:4E:15:F4:DD:09:A7:54:28:1B:DF:3F:6D:30:11:6F:C1:6B:C2
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/JAFOFfTdCadUKBvfP20wEW_Ba8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.205.0/24
IPv6:
2001:7f8:111::/48
Signature Algorithm: sha256WithRSAEncryption
1d:a4:b3:22:51:26:05:32:d5:a1:66:c8:9b:0e:82:77:cc:00:
96:ee:00:63:2d:6f:c7:d9:83:ed:81:40:27:f9:47:fc:0d:01:
50:b0:3f:d7:3e:f6:a0:4a:da:e9:38:27:8a:3c:2a:4b:bd:c3:
c1:46:49:ec:cf:af:fe:15:aa:de:52:e6:92:fa:00:23:d8:c5:
be:74:8e:76:01:aa:29:1f:bf:fb:00:55:69:b1:5d:59:fe:76:
52:e1:64:a9:42:9e:7d:89:75:ef:33:41:ec:26:e9:40:fe:91:
46:f8:33:c7:5f:6e:21:24:2f:dd:e3:fb:3e:6f:26:d2:75:f2:
ff:f0:f1:5e:0a:f1:19:59:3c:48:5a:ee:a9:25:c5:fc:d7:07:
f6:d2:13:d8:77:2a:62:52:2d:88:93:04:f5:4d:4c:9b:75:d4:
bb:01:95:4f:7d:c1:13:ab:10:a7:33:c4:75:b8:14:c1:95:62:
b1:99:57:c3:cd:8c:d9:44:df:03:84:d7:4d:cc:36:98:af:0a:
7a:1f:85:a6:73:a3:a8:1b:07:97:82:47:00:9e:56:ac:8c:94:
3c:ea:86:02:04:ad:54:ff:f9:61:39:51:ed:79:30:bf:c2:4f:
fa:8d:55:bc:2a:2e:a3:4e:6f:bb:f0:c6:a1:76:e5:7b:01:d2:
cf:da:e4:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJu5QjF90dzFY3d9Fbpxc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDAxNGUxNWY0ZGQwOWE3NTQyODFiZGYzZjZkMzAxMTZmYzE2YmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+Ay5qzcu+1EugalKT0xaHYMJbE8
1I2jkbk+chFXJ+XsWrqIcaHU/BP4BGMPoQK5ZB+qAdKrrbHDuIy2NKxZq5eXb02w
hlN/e8XAuzu6QeF/GzeDKkwvhFs27oeBWnUpIm2RJh/wi3o3FksH2izrpO0J0GJh
hMFCYaQrgruN3NdD4XJHbcgQMcAVTJI0Xjx3wMK5MhBdd3UhHWjO0PgEQDZDKun8
4EYYOblUd4x33Z9nPC7ZUH/ISLXzqEqC53ZbxPmEPlbdBS3WeShBrURGwjYHHm5K
M521Dh6lPq7OVS0R5AmKwFHZ6HKymgNKod8uQN8S/HRSJ7/VpAw0d0tgzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQBThX03QmnVCgb3z9tMBFvwWvCMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvSkFGT0ZmVGRDYWRVS0J2ZlAyMHdFV19CYThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHNMA8E
AgACMAkDBwAgAQf4AREwDQYJKoZIhvcNAQELBQADggEBAB2ksyJRJgUy1aFmyJsO
gnfMAJbuAGMtb8fZg+2BQCf5R/wNAVCwP9c+9qBK2uk4J4o8Kku9w8FGSezPr/4V
qt5S5pL6ACPYxb50jnYBqikfv/sAVWmxXVn+dlLhZKlCnn2Jde8zQewm6UD+kUb4
M8dfbiEkL93j+z5vJtJ18v/w8V4K8RlZPEha7qklxfzXB/bSE9h3KmJSLYiTBPVN
TJt11LsBlU99wROrEKczxHW4FMGVYrGZV8PNjNlE3wOE103MNpivCnofhaZzo6gb
B5eCRwCeVqyMlDzqhgIErVT/+WE5Ue15ML/CT/qNVbwqLqNOb7vwxqF25XsB0s/a
5C8=
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:23:29 2024 by rpki-client on console-ams.rpki-client.org