Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/JtqoxzlQHFdy-Xn-N6CSrg2v2i4.roa
File: JtqoxzlQHFdy-Xn-N6CSrg2v2i4.roa (raw, json)
Hash identifier: eJ8muh57pc+sUoWENtLfYgL9rTyZaHXtwR5GD5TZYrg=
Subject key identifier: 26:DA:A8:C7:39:50:1C:57:72:F9:79:FE:37:A0:92:AE:0D:AF:DA:2E
Certificate issuer: /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial: 018CC348F8330976C2A3D44CBDF82E254DC1
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/JtqoxzlQHFdy-Xn-N6CSrg2v2i4.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212413
IP address blocks: 185.235.98.0/24 maxlen: 24
185.235.98.0/23 maxlen: 23
185.235.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f8:33:09:76:c2:a3:d4:4c:bd:f8:2e:25:4d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26daa8c739501c5772f979fe37a092ae0dafda2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:65:e0:07:31:0c:3f:e7:c2:51:da:e9:20:53:
5c:60:4f:04:eb:54:75:d3:c1:b8:b5:d8:df:d9:a2:
b7:1b:4a:9e:3f:0c:11:3d:a4:15:15:f7:e8:1b:31:
6a:63:f2:7a:7a:40:77:10:a4:e5:b8:dc:ae:3f:29:
f9:97:51:2e:69:6c:95:fa:06:e2:ac:5e:c8:02:5d:
38:cf:f6:e4:1f:e0:38:ee:21:ab:cc:dc:84:d7:57:
7f:f8:65:7e:a5:62:53:04:e9:d5:9d:a9:52:de:c8:
cd:c8:b3:2d:a0:1f:3d:6b:1c:05:71:00:48:21:e3:
47:3a:a7:a7:19:f0:1c:15:ea:50:17:1d:a2:3e:ac:
29:b3:b2:41:7d:56:ec:aa:22:9c:92:13:61:e9:a1:
06:70:25:f0:bf:58:e7:aa:f7:a9:12:7b:41:47:2f:
81:9b:a2:c3:af:45:f9:8b:05:d0:88:27:ad:1f:fc:
9f:30:7e:d2:0d:00:e9:97:d4:24:b3:e2:dd:10:8c:
69:fd:9d:a1:5e:6d:89:1c:07:c7:e2:63:87:e7:aa:
d5:4a:aa:1a:a3:ff:ac:11:0e:57:ae:80:5d:2e:f8:
84:a7:5e:8e:5b:c6:63:c2:ad:d4:7c:e5:97:70:fe:
f1:15:52:b7:45:65:36:80:20:35:8a:12:73:9a:f1:
fe:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DA:A8:C7:39:50:1C:57:72:F9:79:FE:37:A0:92:AE:0D:AF:DA:2E
X509v3 Authority Key Identifier:
keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/JtqoxzlQHFdy-Xn-N6CSrg2v2i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.98.0/23
Signature Algorithm: sha256WithRSAEncryption
30:43:c4:44:42:ad:7b:3b:c7:3b:67:e1:1b:99:1c:43:29:93:
00:12:85:5f:f1:92:0b:ec:75:1b:af:a1:1a:c1:9c:a2:7e:ae:
cd:71:b7:7c:3c:09:0a:ed:5e:30:49:44:c3:4e:69:1b:3e:c6:
1f:d8:a6:cd:db:c5:88:9c:dc:a8:12:4a:a0:c2:53:d6:2d:e7:
c2:6e:97:a9:62:99:d9:66:7f:58:ef:2a:28:e5:de:9a:56:4c:
41:dd:d6:d3:fd:da:43:ae:81:a0:98:e2:b4:dd:d7:5c:52:74:
05:58:f8:18:23:47:e7:2f:52:4f:f5:15:20:b3:ea:23:87:49:
c8:9c:3c:03:32:83:0b:9e:55:a1:70:8b:61:30:40:c2:a6:7a:
99:11:b1:bf:92:b0:c3:1b:21:18:99:7b:8b:6d:cb:80:45:8d:
2a:fc:92:68:2e:f2:42:4b:67:44:43:98:8a:9e:04:2c:2c:38:
b4:b5:19:4c:06:8c:f5:f6:70:cc:f2:d9:b1:3a:fe:69:98:29:
52:18:63:ba:80:49:da:66:36:7c:10:0b:8f:c2:22:0f:fd:80:
60:e3:3d:54:52:19:25:04:11:6c:47:12:c4:b7:3d:cc:c7:a5:
7b:2c:67:bc:89:2c:25:af:dc:4f:d4:62:f2:50:0c:36:1d:da:
e9:52:65:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPgzCXbCo9RMvfguJU3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRhYThjNzM5NTAxYzU3NzJmOTc5ZmUzN2EwOTJhZTBkYWZkYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmXgBzEMP+fCUdrpIFNcYE8E61R1
08G4tdjf2aK3G0qePwwRPaQVFffoGzFqY/J6ekB3EKTluNyuPyn5l1EuaWyV+gbi
rF7IAl04z/bkH+A47iGrzNyE11d/+GV+pWJTBOnVnalS3sjNyLMtoB89axwFcQBI
IeNHOqenGfAcFepQFx2iPqwps7JBfVbsqiKckhNh6aEGcCXwv1jnqvepEntBRy+B
m6LDr0X5iwXQiCetH/yfMH7SDQDpl9Qks+LdEIxp/Z2hXm2JHAfH4mOH56rVSqoa
o/+sEQ5XroBdLviEp16OW8Zjwq3UfOWXcP7xFVK3RWU2gCA1ihJzmvH+ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbaqMc5UBxXcvl5/jegkq4Nr9ouMB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvSnRxb3h6bFFIRmR5LVhuLU42Q1NyZzJ2Mmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYtZWQ0ZjA2NDNiZjI1
LzEvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuetiMA0G
CSqGSIb3DQEBCwUAA4IBAQAwQ8REQq17O8c7Z+EbmRxDKZMAEoVf8ZIL7HUbr6Ea
wZyifq7Ncbd8PAkK7V4wSUTDTmkbPsYf2KbN28WInNyoEkqgwlPWLefCbpepYpnZ
Zn9Y7yoo5d6aVkxB3dbT/dpDroGgmOK03ddcUnQFWPgYI0fnL1JP9RUgs+ojh0nI
nDwDMoMLnlWhcIthMEDCpnqZEbG/krDDGyEYmXuLbcuARY0q/JJoLvJCS2dEQ5iK
ngQsLDi0tRlMBoz19nDM8tmxOv5pmClSGGO6gEnaZjZ8EAuPwiIP/YBg4z1UUhkl
BBFsRxLEtz3Mx6V7LGe8iSwlr9xP1GLyUAw2HdrpUmUP
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:03:10 2024 by rpki-client on console-ams.rpki-client.org