Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/jfbShGnDEGroHUGj2wJAgq7Pddk.roa
File: jfbShGnDEGroHUGj2wJAgq7Pddk.roa (raw, json)
Hash identifier: ijPjQ9N0yggr7WvvEX2pN2uyJUtI2m5ScP7HYoBQcBQ=
Subject key identifier: 8D:F6:D2:84:69:C3:10:6A:E8:1D:41:A3:DB:02:40:82:AE:CF:75:D9
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 018CCA29B64DF531394DF6045CB7A42827F3
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/jfbShGnDEGroHUGj2wJAgq7Pddk.roa
Signing time: Tue 02 Jan 2024 12:33:00 +0000
ROA not before: Tue 02 Jan 2024 12:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202425
IP address blocks: 89.248.161.0/24 maxlen: 24
89.248.162.0/24 maxlen: 24
89.248.160.0/24 maxlen: 24
89.248.165.0/24 maxlen: 24
89.248.166.0/24 maxlen: 24
89.248.163.0/24 maxlen: 24
89.248.164.0/24 maxlen: 24
89.248.168.0/24 maxlen: 24
89.248.169.0/24 maxlen: 24
89.248.167.0/24 maxlen: 24
89.248.172.0/24 maxlen: 24
89.248.170.0/24 maxlen: 24
89.248.171.0/24 maxlen: 24
89.248.173.0/24 maxlen: 24
89.248.174.0/24 maxlen: 24
94.102.48.0/24 maxlen: 24
94.102.49.0/24 maxlen: 24
94.102.50.0/24 maxlen: 24
93.174.89.0/24 maxlen: 24
93.174.90.0/24 maxlen: 24
93.174.88.0/24 maxlen: 24
93.174.91.0/24 maxlen: 24
93.174.94.0/24 maxlen: 24
93.174.95.0/24 maxlen: 24
93.174.93.0/24 maxlen: 24
93.174.92.0/24 maxlen: 24
80.82.79.0/24 maxlen: 24
80.82.64.0/24 maxlen: 24
80.82.67.0/24 maxlen: 24
80.82.65.0/24 maxlen: 24
80.82.66.0/24 maxlen: 24
80.82.70.0/24 maxlen: 24
80.82.68.0/24 maxlen: 24
80.82.69.0/24 maxlen: 24
80.82.77.0/24 maxlen: 24
80.82.78.0/24 maxlen: 24
80.82.76.0/24 maxlen: 24
2a02:6c8:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:b6:4d:f5:31:39:4d:f6:04:5c:b7:a4:28:27:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 2 12:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8df6d28469c3106ae81d41a3db024082aecf75d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:7d:41:a1:46:38:e1:61:01:7e:88:01:81:
b9:85:1b:f5:12:54:3b:68:7b:51:68:66:34:54:fb:
47:3b:67:ea:37:1b:a5:51:94:05:fd:5c:7f:a5:30:
03:4c:82:a9:21:52:e0:52:39:c6:82:74:3d:f5:80:
8f:17:05:c2:a8:e0:91:66:1c:40:79:ce:98:35:b1:
16:02:2e:b1:78:be:a4:f5:89:56:31:ed:84:c0:b7:
6e:67:32:31:90:8a:00:bd:c8:f1:3d:98:5b:93:29:
30:ff:90:fe:46:09:49:80:4a:eb:6d:9f:8c:94:96:
8e:02:a2:b7:81:f1:c8:73:d6:b8:40:b7:f8:09:cf:
ad:55:6a:97:aa:b1:27:60:fc:43:77:95:86:00:f6:
d5:3d:b9:45:66:31:2b:b1:71:5b:38:42:68:b2:96:
c3:51:a6:23:d8:5e:65:7e:2e:1a:22:5d:ac:57:db:
f3:54:20:c7:af:8e:f4:33:28:a6:f9:93:84:ef:b2:
00:0b:8d:92:fb:3c:50:29:dc:0e:f0:28:27:6d:6f:
3d:ac:dc:f0:9a:28:8a:5d:d6:b0:9f:e8:3d:2d:80:
f4:8c:37:dd:76:12:dd:93:d4:23:1b:42:b5:ab:37:
04:b5:74:78:85:80:08:da:54:66:53:2d:e4:1e:83:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F6:D2:84:69:C3:10:6A:E8:1D:41:A3:DB:02:40:82:AE:CF:75:D9
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/jfbShGnDEGroHUGj2wJAgq7Pddk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.64.0-80.82.70.255
80.82.76.0/22
89.248.160.0-89.248.174.255
93.174.88.0/21
94.102.48.0-94.102.50.255
IPv6:
2a02:6c8:8000::/33
Signature Algorithm: sha256WithRSAEncryption
2b:31:4b:8a:e6:1e:69:e7:5a:9a:f5:2a:48:b8:65:63:5c:a4:
39:ae:1d:31:12:0c:e3:8b:a9:eb:d0:e3:41:41:61:82:62:64:
c8:1c:e6:3b:9f:cf:62:f6:73:2a:f8:19:e4:ff:0a:24:27:ff:
ab:28:d8:00:6b:a1:ff:68:4e:98:44:f0:a2:fb:e2:7d:55:16:
f3:9e:c1:01:3b:f5:a0:eb:6d:ee:49:fb:16:a5:a4:a7:77:b2:
bd:7c:b7:ba:a6:31:a3:24:a6:70:d7:6b:a5:ae:00:98:0e:07:
31:52:c2:a8:11:05:94:71:27:8c:07:8a:53:a2:a1:1d:7b:6c:
94:c4:08:bc:21:6d:9f:ec:0b:d3:46:60:ab:2d:b2:1d:65:d4:
e9:09:5c:ac:c5:2b:15:ef:6f:d3:a0:6b:9e:e1:e1:75:84:52:
14:76:01:d3:2e:34:7f:ef:98:08:41:08:11:6f:c3:5b:32:00:
3e:74:ec:56:d4:ba:a0:e0:3b:d6:c4:fe:c8:d4:b2:2e:1f:50:
77:0a:8d:91:50:1d:bc:e2:45:87:9a:63:19:dc:e9:97:cb:93:
b9:5b:2d:4e:86:7a:17:08:d0:34:67:00:ed:3a:a8:eb:1f:3d:
2c:18:a4:7d:53:dc:02:12:ff:8d:6e:a7:e3:6c:86:44:2a:b3:
ba:97:53:90
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzKKbZN9TE5TfYEXLekKCfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjQwMTAyMTIzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY2ZDI4NDY5YzMxMDZhZTgxZDQxYTNkYjAyNDA4MmFlY2Y3NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEJ9QaFGOOFhAX6IAYG5hRv1ElQ7
aHtRaGY0VPtHO2fqNxulUZQF/Vx/pTADTIKpIVLgUjnGgnQ99YCPFwXCqOCRZhxA
ec6YNbEWAi6xeL6k9YlWMe2EwLduZzIxkIoAvcjxPZhbkykw/5D+RglJgErrbZ+M
lJaOAqK3gfHIc9a4QLf4Cc+tVWqXqrEnYPxDd5WGAPbVPblFZjErsXFbOEJospbD
UaYj2F5lfi4aIl2sV9vzVCDHr470Myim+ZOE77IAC42S+zxQKdwO8CgnbW89rNzw
miiKXdawn+g9LYD0jDfddhLdk9QjG0K1qzcEtXR4hYAI2lRmUy3kHoOOjwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFI320oRpwxBq6B1Bo9sCQIKuz3XZMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvamZiU2hHbkRFR3JvSFVHajJ3SkFncTdQZGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA8BAIAATA2MAwDBAZQUkAD
BABQUkYDBAJQUkwwDAMEBVn4oAMEAFn4rgMEA12uWDAMAwQEXmYwAwQAXmYyMA4E
AgACMAgDBgcqAgbIgDANBgkqhkiG9w0BAQsFAAOCAQEAKzFLiuYeaedamvUqSLhl
Y1ykOa4dMRIM44up69DjQUFhgmJkyBzmO5/PYvZzKvgZ5P8KJCf/qyjYAGuh/2hO
mETwovvifVUW857BATv1oOtt7kn7FqWkp3eyvXy3uqYxoySmcNdrpa4AmA4HMVLC
qBEFlHEnjAeKU6KhHXtslMQIvCFtn+wL00Zgqy2yHWXU6QlcrMUrFe9v06BrnuHh
dYRSFHYB0y40f++YCEEIEW/DWzIAPnTsVtS6oOA71sT+yNSyLh9QdwqNkVAdvOJF
h5pjGdzpl8uTuVstToZ6FwjQNGcA7Tqo6x89LBikfVPcAhL/jW6n42yGRCqzupdT
kA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:48:22 2024 by rpki-client on console-ams.rpki-client.org