Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/jjaZOECwj99rwrwMPUiRjIM36a4.roa
File: jjaZOECwj99rwrwMPUiRjIM36a4.roa (raw, json)
Hash identifier: +kEgN/8HrQie3FsGut5hVWakyEkuH+V7HbRghyUjN4I=
Subject key identifier: 8E:36:99:38:40:B0:8F:DF:6B:C2:BC:0C:3D:48:91:8C:83:37:E9:AE
Certificate issuer: /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial: 018CC8DF9EA2845E4F4BDE5F4EF42D7D1141
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/jjaZOECwj99rwrwMPUiRjIM36a4.roa
Signing time: Tue 02 Jan 2024 06:32:27 +0000
ROA not before: Tue 02 Jan 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35508
IP address blocks: 85.112.96.0/23 maxlen: 24
79.142.96.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9e:a2:84:5e:4f:4b:de:5f:4e:f4:2d:7d:11:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Validity
Not Before: Jan 2 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e36993840b08fdf6bc2bc0c3d48918c8337e9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:62:25:84:eb:96:f4:5c:6f:c3:6c:22:2b:02:
ad:b1:b9:7a:5e:bd:e4:ed:bf:7e:3b:dd:4e:3c:4c:
59:e6:3d:18:cf:52:d7:4f:cc:ff:64:56:eb:78:6f:
bb:81:17:46:e8:7b:7e:10:d6:43:70:ba:3d:29:cc:
ab:3c:a8:46:83:ad:ad:30:e9:71:89:20:94:30:9c:
33:0f:6e:82:ae:95:cd:21:b6:30:00:f8:db:a7:49:
8b:e8:2c:3a:f9:ce:34:67:e5:df:3d:3b:78:c1:f7:
e0:3e:ff:0e:29:50:db:4a:30:7c:f5:87:8e:09:cf:
ae:b8:60:7b:f3:5b:76:8c:26:ab:3c:00:b2:cb:70:
e6:c5:c2:e2:54:68:ae:c8:5d:05:ba:e3:cc:b1:eb:
bf:af:db:44:73:34:70:4c:4d:c2:a6:d4:d7:98:80:
bd:23:31:07:09:b0:f3:15:41:4b:11:79:e9:46:4f:
dd:a8:3f:cc:c0:22:2b:8f:16:0f:c9:d1:e7:1f:48:
86:df:76:bf:17:cb:df:4c:40:89:a2:e9:d1:36:7b:
f6:52:b3:3e:c7:23:df:9f:c6:12:df:79:be:64:f4:
00:15:67:53:ee:d5:e4:88:d7:61:fe:27:57:92:02:
fe:5b:35:4b:c3:b0:6f:74:4c:03:da:19:a7:10:5c:
d6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:99:38:40:B0:8F:DF:6B:C2:BC:0C:3D:48:91:8C:83:37:E9:AE
X509v3 Authority Key Identifier:
keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/jjaZOECwj99rwrwMPUiRjIM36a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.96.0/23
85.112.96.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:71:e2:44:45:0d:71:ff:2a:85:ef:91:cb:27:eb:ba:1f:cd:
58:ba:ff:bc:e2:6c:bf:0f:37:c0:56:46:bf:3d:d1:6e:56:3c:
50:d0:c6:2c:d6:25:9d:5c:af:db:28:55:4e:92:37:05:a6:3b:
84:36:38:0b:ae:92:bc:61:f5:a7:93:59:e9:29:7d:b5:a5:93:
cd:8d:95:92:1a:a9:5e:98:92:6c:83:09:c1:1a:43:f7:01:50:
ef:a8:7a:9d:b7:f3:26:ab:d6:ac:38:08:e8:6b:40:e2:7b:a6:
84:1c:4b:94:ff:a2:5f:bf:fc:e8:c4:f5:fa:65:93:7f:28:80:
11:72:31:58:c3:ea:a2:a1:ab:39:ae:8e:dd:12:79:6a:1d:7e:
8f:7d:99:85:f4:98:b8:9b:e7:c7:23:8d:1a:bb:5a:df:ef:b3:
29:3e:65:a5:17:ef:75:a4:97:ba:7b:44:36:89:95:fe:ba:e9:
96:6b:cf:4f:25:47:98:f4:28:ff:bd:0e:07:38:81:70:0b:43:
54:1b:0a:cc:2b:36:07:49:94:8f:95:15:46:11:a6:cd:59:c9:
7a:9c:8f:76:23:ef:c4:72:d9:3e:50:65:0d:0c:c0:57:39:fe:
cd:f9:04:51:dd:2b:cc:25:b9:13:02:c6:59:86:91:de:07:e6:
31:d7:25:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI356ihF5PS95fTvQtfRFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDNmYTcwM2ZiZWUwNGJiZDkxY2U2M2EzMjE0OGIzNmI4
ZTU1YWEwHhcNMjQwMTAyMDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2OTkzODQwYjA4ZmRmNmJjMmJjMGMzZDQ4OTE4YzgzMzdlOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGIlhOuW9Fxvw2wiKwKtsbl6Xr3k
7b9+O91OPExZ5j0Yz1LXT8z/ZFbreG+7gRdG6Ht+ENZDcLo9KcyrPKhGg62tMOlx
iSCUMJwzD26CrpXNIbYwAPjbp0mL6Cw6+c40Z+XfPTt4wffgPv8OKVDbSjB89YeO
Cc+uuGB781t2jCarPACyy3DmxcLiVGiuyF0FuuPMseu/r9tEczRwTE3CptTXmIC9
IzEHCbDzFUFLEXnpRk/dqD/MwCIrjxYPydHnH0iG33a/F8vfTECJounRNnv2UrM+
xyPfn8YS33m+ZPQAFWdT7tXkiNdh/idXkgL+WzVLw7BvdEwD2hmnEFzWiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI42mThAsI/fa8K8DD1IkYyDN+muMB8GA1UdIwQY
MBaAFLFD+nA/vuBLvZHOY6MhSLNrjlWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEt
MDBkMWU3YTE3MGEyLzEvamphWk9FQ3dqOTlyd3J3TVBVaVJqSU0zNmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEtMDBkMWU3YTE3MGEy
LzEvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBT45gAwQB
VXBgMA0GCSqGSIb3DQEBCwUAA4IBAQCmceJERQ1x/yqF75HLJ+u6H81Yuv+84my/
DzfAVka/PdFuVjxQ0MYs1iWdXK/bKFVOkjcFpjuENjgLrpK8YfWnk1npKX21pZPN
jZWSGqlemJJsgwnBGkP3AVDvqHqdt/Mmq9asOAjoa0Die6aEHEuU/6Jfv/zoxPX6
ZZN/KIARcjFYw+qioas5ro7dEnlqHX6PfZmF9Ji4m+fHI40au1rf77MpPmWlF+91
pJe6e0Q2iZX+uumWa89PJUeY9Cj/vQ4HOIFwC0NUGwrMKzYHSZSPlRVGEabNWcl6
nI92I+/Ectk+UGUNDMBXOf7N+QRR3SvMJbkTAsZZhpHeB+Yx1yUy
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:55:33 2024 by rpki-client on console-ams.rpki-client.org