Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/jpdb5YRUVy5qeY9IrcoCCFqjs3g.roa
File: jpdb5YRUVy5qeY9IrcoCCFqjs3g.roa (raw, json)
Hash identifier: sbfGEMEs3rmXWVN0TG14gSNHStQZjwC9UMgnoDHyevs=
Subject key identifier: 8E:97:5B:E5:84:54:57:2E:6A:79:8F:48:AD:CA:02:08:5A:A3:B3:78
Certificate issuer: /CN=8beb65a71af02959272acc00d5c4c1958385de94
Certificate serial: 018CC3B719E77F4FF4211C38B32BE7561096
Authority key identifier: 8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/jpdb5YRUVy5qeY9IrcoCCFqjs3g.roa
Signing time: Mon 01 Jan 2024 06:30:05 +0000
ROA not before: Mon 01 Jan 2024 06:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41676
IP address blocks: 176.241.240.0/21 maxlen: 21
185.93.92.0/22 maxlen: 22
185.102.188.0/22 maxlen: 22
80.238.96.0/19 maxlen: 19
109.233.88.0/21 maxlen: 21
77.46.0.0/22 maxlen: 22
185.25.216.0/22 maxlen: 22
93.174.24.0/21 maxlen: 21
185.78.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:19:e7:7f:4f:f4:21:1c:38:b3:2b:e7:56:10:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8beb65a71af02959272acc00d5c4c1958385de94
Validity
Not Before: Jan 1 06:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e975be58454572e6a798f48adca02085aa3b378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:51:8a:02:b6:ef:41:28:af:a9:0a:04:f2:91:
ff:95:9d:84:6d:84:95:20:94:ba:20:c7:e3:68:6b:
ec:06:d9:62:1f:3a:9e:4f:92:ab:6f:c2:b2:92:a2:
88:76:28:d0:11:57:4c:85:3b:de:c7:ea:73:ca:68:
63:a6:02:e2:af:11:02:99:9c:67:e9:99:c2:94:10:
20:4a:3f:15:a8:e3:c5:0e:b0:cf:bf:8c:aa:0d:5b:
53:ef:8f:75:ef:9e:d2:79:5d:8a:1a:97:a5:4b:2e:
b1:d8:90:58:a3:cd:7e:44:90:ea:47:ae:67:66:cf:
0b:66:76:ac:2b:56:f9:04:78:2b:15:bc:1c:0d:a5:
e3:a8:26:d9:37:41:40:2d:59:ff:41:6a:5e:73:a0:
f2:b9:57:43:99:1f:b3:51:96:ec:66:85:d7:37:f0:
0a:99:1e:31:b5:b5:3d:df:e5:af:64:40:2f:55:aa:
2b:04:5c:2e:d1:a5:30:23:4e:43:69:44:b1:91:de:
b4:a9:f4:c2:f1:cc:4b:5d:ef:2f:9e:6e:0c:83:c7:
0e:0b:89:b8:86:53:9c:81:e0:0b:f8:51:3e:f2:94:
14:b6:f1:18:7a:d1:4a:11:cd:8b:c0:46:40:65:5a:
a2:39:77:e3:1e:ff:cd:c7:9f:aa:d3:35:f3:0a:e8:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:97:5B:E5:84:54:57:2E:6A:79:8F:48:AD:CA:02:08:5A:A3:B3:78
X509v3 Authority Key Identifier:
keyid:8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/jpdb5YRUVy5qeY9IrcoCCFqjs3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.0.0/22
80.238.96.0/19
93.174.24.0/21
109.233.88.0/21
176.241.240.0/21
185.25.216.0/22
185.78.132.0/22
185.93.92.0/22
185.102.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:58:c2:b9:33:4e:92:5b:fa:74:73:52:eb:39:34:9a:75:5d:
7c:2b:f7:4e:10:5f:b3:cc:ca:b3:4a:88:c1:76:f7:cf:2c:2c:
cb:42:d6:a4:e9:9f:ea:15:a8:40:08:cc:84:57:8e:25:9f:56:
98:e5:93:8b:6f:0c:ed:99:ae:db:03:f7:96:cf:7a:29:0a:48:
43:19:64:65:3b:e2:ce:eb:83:1a:03:c3:dc:5d:b0:7a:ee:34:
f2:a0:bc:ba:56:ed:88:a1:7e:ba:bc:91:f4:e5:4b:01:d5:c8:
7d:cc:0e:54:9c:2f:c5:bf:6b:95:9c:7f:ec:42:b3:2c:dd:34:
7d:39:97:02:94:94:c1:0f:55:dc:9d:76:30:9e:6f:c1:0a:34:
55:ba:68:e5:91:56:94:de:81:bb:10:a5:80:86:88:0d:82:f4:
92:78:0b:af:21:6b:44:4b:c5:d6:ec:b3:d9:19:1f:ef:28:59:
2d:2a:a3:0e:37:de:81:b6:a0:72:53:83:b6:62:c2:ac:62:68:
bb:fe:87:8b:03:ff:97:29:5f:82:9d:f3:49:b5:2a:78:05:06:
fb:31:0c:2a:e3:1e:09:0a:1a:3f:24:06:56:48:d6:3c:3c:ae:
cd:6c:a8:cd:55:05:e6:ba:ed:67:8e:14:4b:dc:ef:3c:4e:14:
fb:9c:08:af
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzDtxnnf0/0IRw4syvnVhCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZWI2NWE3MWFmMDI5NTkyNzJhY2MwMGQ1YzRjMTk1ODM4
NWRlOTQwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTk3NWJlNTg0NTQ1NzJlNmE3OThmNDhhZGNhMDIwODVhYTNiMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFGKArbvQSivqQoE8pH/lZ2EbYSV
IJS6IMfjaGvsBtliHzqeT5Krb8KykqKIdijQEVdMhTvex+pzymhjpgLirxECmZxn
6ZnClBAgSj8VqOPFDrDPv4yqDVtT7491757SeV2KGpelSy6x2JBYo81+RJDqR65n
Zs8LZnasK1b5BHgrFbwcDaXjqCbZN0FALVn/QWpec6DyuVdDmR+zUZbsZoXXN/AK
mR4xtbU93+WvZEAvVaorBFwu0aUwI05DaUSxkd60qfTC8cxLXe8vnm4Mg8cOC4m4
hlOcgeAL+FE+8pQUtvEYetFKEc2LwEZAZVqiOXfjHv/Nx5+q0zXzCuhIgQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI6XW+WEVFcuanmPSK3KAghao7N4MB8GA1UdIwQY
MBaAFIvrZaca8ClZJyrMANXEwZWDhd6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmIt
MTY1YTg0NmQ0ODFkLzEvanBkYjVZUlVWeTVxZVk5SXJjb0NDRnFqczNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmItMTY1YTg0NmQ0ODFk
LzEvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTS4AAwQF
UO5gAwQDXa4YAwQDbelYAwQDsPHwAwQCuRnYAwQCuU6EAwQCuV1cAwQCuWa8MA0G
CSqGSIb3DQEBCwUAA4IBAQA+WMK5M06SW/p0c1LrOTSadV18K/dOEF+zzMqzSojB
dvfPLCzLQtak6Z/qFahACMyEV44ln1aY5ZOLbwztma7bA/eWz3opCkhDGWRlO+LO
64MaA8PcXbB67jTyoLy6Vu2IoX66vJH05UsB1ch9zA5UnC/Fv2uVnH/sQrMs3TR9
OZcClJTBD1XcnXYwnm/BCjRVumjlkVaU3oG7EKWAhogNgvSSeAuvIWtES8XW7LPZ
GR/vKFktKqMON96BtqByU4O2YsKsYmi7/oeLA/+XKV+CnfNJtSp4BQb7MQwq4x4J
Cho/JAZWSNY8PK7NbKjNVQXmuu1njhRL3O88ThT7nAiv
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:20:35 2024 by rpki-client on console-fra.rpki-client.org