Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/js2bBD_I5yJI3Ud9Hr2ey1HFBOk.roa
File: js2bBD_I5yJI3Ud9Hr2ey1HFBOk.roa (raw, json)
Hash identifier: xsXDDwFas5f9a39GX28p7wV/dlDbG2nAM+0coXG2hrE=
Subject key identifier: 8E:CD:9B:04:3F:C8:E7:22:48:DD:47:7D:1E:BD:9E:CB:51:C5:04:E9
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 019425FD9E0B2C324DD315E805A49D544563
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/js2bBD_I5yJI3Ud9Hr2ey1HFBOk.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 93.157.38.0/23 maxlen: 24
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9e:0b:2c:32:4d:d3:15:e8:05:a4:9d:54:45:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ecd9b043fc8e72248dd477d1ebd9ecb51c504e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:04:7e:7b:7a:25:53:59:7c:85:bf:e7:7d:
8c:2a:fe:6a:0b:f4:96:c2:df:36:d1:91:53:95:1b:
1f:20:11:d5:ea:d5:61:88:ee:3f:79:e1:f1:31:92:
c6:d1:f3:3f:d5:88:cb:31:f4:f0:8f:86:ec:51:69:
bb:dc:05:95:1a:a3:c3:e4:ca:c0:aa:ba:a7:23:03:
9c:d9:2d:dd:d8:29:9d:86:76:d2:f9:f6:67:71:0a:
c5:e8:53:3a:1f:d1:5a:63:57:db:f9:60:65:02:fc:
0e:2d:d6:ff:1f:c8:89:df:1d:5a:5c:c4:52:cf:92:
17:15:3c:2d:c9:e1:1d:94:99:a7:a4:15:3f:bd:48:
05:48:e8:e7:6b:c5:15:82:0e:20:cf:22:8f:2f:99:
cd:2e:23:06:dd:5b:51:24:0e:e8:d4:83:93:a7:90:
83:5b:98:f5:eb:54:01:f6:87:50:c4:26:ef:72:ba:
48:20:d3:88:5e:2e:50:44:3c:4d:c2:dc:eb:4e:9f:
79:51:69:ef:48:7e:70:ec:4a:dd:4d:23:ac:83:a3:
6b:69:24:98:af:da:94:72:02:0e:f4:49:0f:86:06:
50:fe:c3:69:3f:fd:8d:02:16:c8:66:53:50:7d:55:
c9:c7:09:3c:98:3f:22:b8:92:de:b0:96:af:cd:80:
46:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:9B:04:3F:C8:E7:22:48:DD:47:7D:1E:BD:9E:CB:51:C5:04:E9
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/js2bBD_I5yJI3Ud9Hr2ey1HFBOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.38.0/23
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
2a00:4bc0:2600::/40
Signature Algorithm: sha256WithRSAEncryption
46:c2:71:f5:62:c7:95:d5:a9:31:79:58:f5:81:32:aa:a1:0e:
49:d5:65:c9:76:be:32:8c:38:76:0a:18:a8:7b:36:53:0d:89:
97:a7:90:8b:90:29:09:f7:3d:3c:99:14:5e:7a:0d:1c:db:6d:
d7:8e:34:50:ac:86:eb:d0:e7:3e:1b:46:03:39:f6:8f:ef:86:
3c:f7:19:7f:1d:3d:19:3b:3e:19:fc:c8:6f:ad:bd:7a:97:79:
2f:3b:58:8a:6c:46:bb:27:df:02:e1:c9:fe:16:a7:8f:1c:06:
4a:2a:19:57:c5:29:29:b9:fa:c5:37:74:59:e4:31:ca:5f:2f:
a1:10:a4:66:a1:fb:5c:4c:60:22:22:e9:4f:59:a2:53:59:5f:
2c:af:50:d2:bb:3d:f0:12:2e:c5:38:96:55:4a:c6:a2:69:d2:
ee:c6:f4:5d:33:61:38:57:0e:69:18:0b:f6:8d:33:8f:37:8e:
8a:1f:fe:03:2e:30:72:11:8e:68:d6:fa:51:64:a6:10:84:aa:
21:9b:de:17:79:73:c2:7b:a4:cb:f6:a5:af:3c:f0:3a:ab:87:
1d:c2:73:4f:d6:bb:99:93:87:73:63:65:24:72:be:4b:74:df:
34:fc:0f:db:eb:35:99:3a:22:51:b3:a1:1a:6b:70:b4:69:5a:
07:f2:2d:7c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQl/Z4LLDJN0xXoBaSdVEVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNkOWIwNDNmYzhlNzIyNDhkZDQ3N2QxZWJkOWVjYjUxYzUwNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq68Efnt6JVNZfIW/532MKv5qC/SW
wt820ZFTlRsfIBHV6tVhiO4/eeHxMZLG0fM/1YjLMfTwj4bsUWm73AWVGqPD5MrA
qrqnIwOc2S3d2CmdhnbS+fZncQrF6FM6H9FaY1fb+WBlAvwOLdb/H8iJ3x1aXMRS
z5IXFTwtyeEdlJmnpBU/vUgFSOjna8UVgg4gzyKPL5nNLiMG3VtRJA7o1IOTp5CD
W5j161QB9odQxCbvcrpIINOIXi5QRDxNwtzrTp95UWnvSH5w7ErdTSOsg6NraSSY
r9qUcgIO9EkPhgZQ/sNpP/2NAhbIZlNQfVXJxwk8mD8iuJLesJavzYBGgQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI7NmwQ/yOciSN1HfR69nstRxQTpMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvanMyYkJEX0k1eUpJM1VkOUhyMmV5MUhGQk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQBXZ0mMDEE
AgACMCsDBwQqAEvAIAADBgAqAEvAITAQAwYAKgBLwCMDBgAqAEvAJAMGACoAS8Am
MA0GCSqGSIb3DQEBCwUAA4IBAQBGwnH1YseV1akxeVj1gTKqoQ5J1WXJdr4yjDh2
ChioezZTDYmXp5CLkCkJ9z08mRReeg0c223XjjRQrIbr0Oc+G0YDOfaP74Y89xl/
HT0ZOz4Z/Mhvrb16l3kvO1iKbEa7J98C4cn+FqePHAZKKhlXxSkpufrFN3RZ5DHK
Xy+hEKRmoftcTGAiIulPWaJTWV8sr1DSuz3wEi7FOJZVSsaiadLuxvRdM2E4Vw5p
GAv2jTOPN46KH/4DLjByEY5o1vpRZKYQhKohm94XeXPCe6TL9qWvPPA6q4cdwnNP
1ruZk4dzY2Ukcr5LdN80/A/b6zWZOiJRs6Eaa3C0aVoH8i18
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:15:19 2025 by rpki-client