Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/JDTeB5ypilgeJHkI8PjR-xHlw0s.roa
File: JDTeB5ypilgeJHkI8PjR-xHlw0s.roa (raw, json)
Hash identifier: pnZ6eyfA1+Rq55dO0siEmrlk8zVFvVQdaV2xF71oA9A=
Subject key identifier: 24:34:DE:07:9C:A9:8A:58:1E:24:79:08:F0:F8:D1:FB:11:E5:C3:4B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B8AF35EC24A560B1492E9EB8D9A41
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/JDTeB5ypilgeJHkI8PjR-xHlw0s.roa
Signing time: Thu 02 Jan 2025 09:49:29 +0000
ROA not before: Thu 02 Jan 2025 09:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31577
IP address blocks: 5.35.200.0/21 maxlen: 21
5.35.201.0/24 maxlen: 24
5.35.202.0/24 maxlen: 24
5.35.203.0/24 maxlen: 24
5.35.204.0/24 maxlen: 24
5.35.206.0/24 maxlen: 24
31.3.120.0/21 maxlen: 21
31.3.120.0/24 maxlen: 24
31.3.124.0/24 maxlen: 24
31.3.125.0/24 maxlen: 24
31.3.126.0/24 maxlen: 24
31.3.127.0/24 maxlen: 24
83.136.184.0/21 maxlen: 21
83.136.189.0/24 maxlen: 24
83.136.190.0/24 maxlen: 24
83.136.191.0/24 maxlen: 24
95.129.112.0/21 maxlen: 21
95.129.114.0/24 maxlen: 24
95.129.115.0/24 maxlen: 24
95.129.118.0/24 maxlen: 24
185.23.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8a:f3:5e:c2:4a:56:0b:14:92:e9:eb:8d:9a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2434de079ca98a581e247908f0f8d1fb11e5c34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:83:e4:05:d9:82:96:de:21:cb:43:2d:02:28:
25:fe:5d:0a:26:e7:f8:d8:75:f3:ef:50:de:7a:bd:
38:58:eb:0c:9b:86:e0:c9:64:ff:7b:b5:66:bc:b0:
09:13:90:d3:df:17:2e:f5:60:91:32:eb:cd:7f:b2:
23:d4:99:12:1a:7f:14:0e:4d:75:7f:b1:1a:f9:c8:
66:7e:c4:8e:ef:51:1c:90:29:68:88:a9:5e:49:dd:
04:68:22:8a:5b:1b:68:9e:c9:f2:36:46:2a:e9:34:
8b:8f:b9:4c:33:e7:84:6e:7a:b1:e6:a4:e7:15:4e:
15:ad:8e:40:29:6d:d9:4b:9e:f4:a3:9b:42:28:56:
5e:54:2d:c7:d2:60:cf:e1:67:e0:11:c6:51:87:a3:
4b:3c:71:e3:bb:93:31:a1:c1:37:8d:04:eb:52:69:
5e:12:32:ea:53:3b:3f:f7:25:aa:58:88:45:48:e8:
13:41:29:1d:cc:b0:70:7b:bf:ec:9a:00:94:1a:2f:
7d:f4:16:00:72:b8:eb:32:23:87:34:32:f6:db:bf:
c0:21:64:58:95:e7:bd:28:ac:b2:3b:ad:82:0e:a4:
d5:ff:4e:1f:c9:ec:67:82:51:97:09:75:34:75:f8:
34:ca:4e:98:b1:ec:3b:18:a9:00:9b:0b:fc:06:a1:
ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:34:DE:07:9C:A9:8A:58:1E:24:79:08:F0:F8:D1:FB:11:E5:C3:4B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/JDTeB5ypilgeJHkI8PjR-xHlw0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.200.0/21
31.3.120.0/21
83.136.184.0/21
95.129.112.0/21
185.23.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:67:9f:de:ec:12:db:7d:72:a1:6a:78:67:64:46:55:eb:7f:
f4:6c:9d:db:35:34:b0:4d:f9:41:73:78:4d:91:14:73:de:8d:
4c:24:71:5b:9a:cd:21:73:66:eb:1c:b2:d5:97:ac:ac:d1:bd:
8e:a7:f9:8f:a0:b6:48:7e:6c:38:cc:28:d9:e3:ef:0f:c3:b0:
4c:ea:04:9f:62:62:83:65:77:72:71:bc:0a:70:3c:3a:8a:d5:
23:30:f0:a7:ba:ee:4e:49:fa:52:52:ec:66:fe:f7:2b:6b:b9:
95:07:23:09:bb:79:5b:f8:6a:96:2b:8f:61:ae:3c:2e:a8:e9:
27:d8:3c:8c:c0:32:31:86:04:8b:5e:cb:f6:a8:62:98:14:dc:
24:fe:d8:d4:5c:e3:9f:55:63:bc:5b:26:99:e9:51:e9:27:52:
6a:bf:48:52:44:35:cc:54:1d:b2:2b:d2:2f:72:16:21:fd:69:
46:fb:0a:13:13:23:05:b3:7c:59:4c:f5:03:9a:96:14:83:50:
eb:5e:28:8a:e5:9b:5c:30:c6:06:d2:9c:85:82:01:35:8a:a1:
9d:c3:78:99:e6:ce:d5:c2:3c:64:03:ce:0e:0d:7b:d5:fb:2f:
37:9d:f4:49:1e:af:5b:af:76:36:53:12:af:a1:6b:49:0d:ae:
a7:81:90:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQma4rzXsJKVgsUkunrjZpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDM0ZGUwNzljYTk4YTU4MWUyNDc5MDhmMGY4ZDFmYjExZTVjMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloPkBdmClt4hy0MtAigl/l0KJuf4
2HXz71Deer04WOsMm4bgyWT/e7VmvLAJE5DT3xcu9WCRMuvNf7Ij1JkSGn8UDk11
f7Ea+chmfsSO71EckCloiKleSd0EaCKKWxtonsnyNkYq6TSLj7lMM+eEbnqx5qTn
FU4VrY5AKW3ZS570o5tCKFZeVC3H0mDP4WfgEcZRh6NLPHHju5MxocE3jQTrUmle
EjLqUzs/9yWqWIhFSOgTQSkdzLBwe7/smgCUGi999BYAcrjrMiOHNDL227/AIWRY
lee9KKyyO62CDqTV/04fyexnglGXCXU0dfg0yk6Ysew7GKkAmwv8BqGtLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCQ03gecqYpYHiR5CPD40fsR5cNLMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvSkRUZUI1eXBpbGdlSkhrSThQalIteEhsdzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPIAwQD
HwN4AwQDU4i4AwQDX4FwAwQCuRd4MA0GCSqGSIb3DQEBCwUAA4IBAQC2Z5/e7BLb
fXKhanhnZEZV63/0bJ3bNTSwTflBc3hNkRRz3o1MJHFbms0hc2brHLLVl6ys0b2O
p/mPoLZIfmw4zCjZ4+8Pw7BM6gSfYmKDZXdycbwKcDw6itUjMPCnuu5OSfpSUuxm
/vcra7mVByMJu3lb+GqWK49hrjwuqOkn2DyMwDIxhgSLXsv2qGKYFNwk/tjUXOOf
VWO8WyaZ6VHpJ1Jqv0hSRDXMVB2yK9IvchYh/WlG+woTEyMFs3xZTPUDmpYUg1Dr
XiiK5ZtcMMYG0pyFggE1iqGdw3iZ5s7VwjxkA84ODXvV+y83nfRJHq9br3Y2UxKv
oWtJDa6ngZBG
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:41:02 2025 by rpki-client