Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/jdVTqO7VY82-HjE--ThdnCQOATg.roa
File: jdVTqO7VY82-HjE--ThdnCQOATg.roa (raw, json)
Hash identifier: RF0wVfyN3QUFV+NemYXC49Chf7ngq5kfllbSRA3UMFI=
Subject key identifier: 8D:D5:53:A8:EE:D5:63:CD:BE:1E:31:3E:F9:38:5D:9C:24:0E:01:38
Certificate issuer: /CN=36319bcd4747ed5b202bb578acb390d16fc411a5
Certificate serial: 018CC801CDD9D177FC33DCEF3E5B469A31E7
Authority key identifier: 36:31:9B:CD:47:47:ED:5B:20:2B:B5:78:AC:B3:90:D1:6F:C4:11:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/jdVTqO7VY82-HjE--ThdnCQOATg.roa
Signing time: Tue 02 Jan 2024 02:30:10 +0000
ROA not before: Tue 02 Jan 2024 02:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20740
IP address blocks: 194.29.188.0/22 maxlen: 22
193.109.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:cd:d9:d1:77:fc:33:dc:ef:3e:5b:46:9a:31:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36319bcd4747ed5b202bb578acb390d16fc411a5
Validity
Not Before: Jan 2 02:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dd553a8eed563cdbe1e313ef9385d9c240e0138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b1:98:81:f5:0d:5e:88:eb:54:1c:73:7d:de:
6d:7d:48:12:6c:49:0d:94:f5:8f:d4:b6:fe:e7:44:
36:29:a9:a6:2e:96:81:4d:b2:76:f9:7b:7c:10:fe:
43:89:c3:08:88:1a:ca:29:ab:46:eb:74:6a:70:d8:
f4:57:a5:31:44:22:64:5d:db:51:19:6c:b6:33:03:
cd:50:a5:02:6e:ee:20:c6:c8:f3:7a:36:22:dd:64:
50:67:8d:0b:60:95:af:2c:39:41:33:bb:08:ed:aa:
92:ee:f8:23:67:13:ae:b1:d8:40:4d:8e:5a:79:88:
17:72:fd:df:ed:80:e8:1e:70:0a:29:5b:ef:3a:91:
1b:09:6d:3b:10:71:cc:55:53:ab:ed:00:5d:6d:cc:
bf:a6:42:ac:23:9c:30:4a:19:e3:74:d1:ed:28:0e:
21:0e:c8:10:ea:32:13:ba:5e:96:6e:f7:36:37:97:
63:77:1a:4c:a3:2d:f3:58:b4:64:bd:32:e4:fb:92:
aa:cd:14:50:ce:6d:4a:4b:85:1f:01:1c:98:b8:f9:
fa:73:c2:f3:83:15:68:e7:41:83:b0:68:5a:4a:9c:
d9:e9:67:87:5b:95:8b:26:03:15:f3:2a:41:07:6a:
f3:a5:aa:e7:25:cc:79:ac:02:34:f9:0a:84:19:41:
6e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D5:53:A8:EE:D5:63:CD:BE:1E:31:3E:F9:38:5D:9C:24:0E:01:38
X509v3 Authority Key Identifier:
keyid:36:31:9B:CD:47:47:ED:5B:20:2B:B5:78:AC:B3:90:D1:6F:C4:11:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/jdVTqO7VY82-HjE--ThdnCQOATg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ba24d8-d484-4e9b-87ba-2455f9f5216f/1/NjGbzUdH7VsgK7V4rLOQ0W_EEaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.4.0/22
194.29.188.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:50:1e:33:28:70:c8:ed:51:0d:a5:be:11:8d:4c:2a:e0:0d:
ff:c6:fc:c6:90:84:eb:2e:38:54:a6:cb:fb:91:b8:f1:ef:ef:
fc:55:c4:ef:b5:2b:bd:0c:b5:90:47:74:cc:cb:87:26:77:66:
ba:c5:13:7d:12:d2:f1:6c:78:36:77:df:f2:52:95:fd:1e:d1:
5c:90:bd:02:2a:06:63:a2:51:b7:e1:5a:7d:24:16:2e:e1:b6:
45:ec:ce:b4:12:a2:15:71:48:58:88:3f:28:ee:d7:77:4b:03:
55:96:bd:fa:d4:d5:49:14:29:7e:c9:5a:14:95:78:10:41:e4:
3a:ba:a9:aa:7f:39:41:53:b1:8e:f4:72:ce:00:2a:9e:87:67:
5e:18:77:d5:e1:ff:22:f3:2c:7d:72:47:61:7e:78:0f:d4:26:
ec:78:09:34:74:19:d0:b4:d2:37:b8:43:97:df:90:ff:61:99:
40:dd:de:f5:6b:93:28:c5:01:fa:2b:86:0f:42:24:01:c6:44:
7c:d2:4c:8a:b1:21:5f:a6:bc:b9:72:c6:d1:09:72:4d:5a:c2:
27:03:81:e8:a0:91:31:f0:d8:08:a6:6c:ee:a9:2d:95:30:e3:
89:09:f7:ed:cc:5d:a8:94:13:f0:22:89:31:0d:8a:2e:5c:27:
bd:36:6d:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAc3Z0Xf8M9zvPltGmjHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MzE5YmNkNDc0N2VkNWIyMDJiYjU3OGFjYjM5MGQxNmZj
NDExYTUwHhcNMjQwMTAyMDIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ1NTNhOGVlZDU2M2NkYmUxZTMxM2VmOTM4NWQ5YzI0MGUwMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbGYgfUNXojrVBxzfd5tfUgSbEkN
lPWP1Lb+50Q2KammLpaBTbJ2+Xt8EP5DicMIiBrKKatG63RqcNj0V6UxRCJkXdtR
GWy2MwPNUKUCbu4gxsjzejYi3WRQZ40LYJWvLDlBM7sI7aqS7vgjZxOusdhATY5a
eYgXcv3f7YDoHnAKKVvvOpEbCW07EHHMVVOr7QBdbcy/pkKsI5wwShnjdNHtKA4h
DsgQ6jITul6Wbvc2N5djdxpMoy3zWLRkvTLk+5KqzRRQzm1KS4UfARyYuPn6c8Lz
gxVo50GDsGhaSpzZ6WeHW5WLJgMV8ypBB2rzparnJcx5rAI0+QqEGUFuJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI3VU6ju1WPNvh4xPvk4XZwkDgE4MB8GA1UdIwQY
MBaAFDYxm81HR+1bICu1eKyzkNFvxBGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpHYnpVZEg3VnNnSzdWNHJMT1EwV19FRWFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iYTI0ZDgtZDQ4NC00ZTliLTg3YmEt
MjQ1NWY5ZjUyMTZmLzEvamRWVHFPN1ZZODItSGpFLS1UaGRuQ1FPQVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iYTI0ZDgtZDQ4NC00ZTliLTg3YmEtMjQ1NWY5ZjUyMTZm
LzEvTmpHYnpVZEg3VnNnSzdWNHJMT1EwV19FRWFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwW0EAwQC
wh28MA0GCSqGSIb3DQEBCwUAA4IBAQCPUB4zKHDI7VENpb4RjUwq4A3/xvzGkITr
LjhUpsv7kbjx7+/8VcTvtSu9DLWQR3TMy4cmd2a6xRN9EtLxbHg2d9/yUpX9HtFc
kL0CKgZjolG34Vp9JBYu4bZF7M60EqIVcUhYiD8o7td3SwNVlr361NVJFCl+yVoU
lXgQQeQ6uqmqfzlBU7GO9HLOACqeh2deGHfV4f8i8yx9ckdhfngP1CbseAk0dBnQ
tNI3uEOX35D/YZlA3d71a5MoxQH6K4YPQiQBxkR80kyKsSFfpry5csbRCXJNWsIn
A4HooJEx8NgIpmzuqS2VMOOJCfftzF2olBPwIokxDYouXCe9Nm1A
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:06:07 2024 by rpki-client on console-fra.rpki-client.org