Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/JY2Qbmj2mgX3KDG39J6yIxJr0tc.roa
File: JY2Qbmj2mgX3KDG39J6yIxJr0tc.roa (raw, json)
Hash identifier: 1KGhpD1HwCPZtP8VkVF45re3cg2JKrviwS59Vb+WzQ4=
Subject key identifier: 25:8D:90:6E:68:F6:9A:05:F7:28:31:B7:F4:9E:B2:23:12:6B:D2:D7
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 0194236A0B45B50AFDD56474D124B04D9E57
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/JY2Qbmj2mgX3KDG39J6yIxJr0tc.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 62.68.66.0/24 maxlen: 24
84.54.35.0/24 maxlen: 24
178.212.142.0/24 maxlen: 24
185.65.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0b:45:b5:0a:fd:d5:64:74:d1:24:b0:4d:9e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=258d906e68f69a05f72831b7f49eb223126bd2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ab:64:d6:c1:03:1c:ea:c8:3b:b6:40:17:a4:
2d:40:19:6e:c6:37:af:e6:e7:c6:a8:02:75:d2:88:
29:4e:de:17:93:49:d2:71:a9:b2:67:27:ee:cc:ad:
66:f9:ed:6d:45:9a:f1:5a:d1:b8:ad:55:7a:84:78:
50:fa:cc:4f:a2:51:25:fc:40:54:23:8e:5a:d5:66:
89:dd:3f:bc:25:49:f8:46:ad:fd:13:69:2a:5e:00:
04:0d:af:21:ab:f2:f0:84:7e:84:93:00:dd:93:b1:
d0:36:e1:9e:dc:6c:14:28:96:38:06:32:11:a2:b8:
67:74:fe:26:23:c0:f3:cb:d2:9d:4f:8a:f4:97:f7:
81:a5:11:f2:73:0c:20:3f:4a:cf:e1:de:7b:4f:72:
bc:14:7f:79:41:a7:4f:b1:c1:3c:85:f2:5d:f1:ca:
a6:ad:69:dc:1f:2a:d0:f8:a1:82:dd:91:47:68:1c:
6f:1f:e8:ca:1f:4c:24:14:d6:b4:88:a4:40:c9:fa:
44:ac:ff:7c:c9:95:1e:5b:4f:49:2b:ec:7b:d6:c3:
f6:2a:7c:ee:15:eb:92:cf:3e:0d:17:41:cf:52:7a:
86:42:3d:d4:7c:31:e9:a9:61:fb:d1:9b:47:e6:d0:
d2:f4:1e:dd:90:c9:34:c2:6c:1e:10:2d:44:10:ab:
63:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:8D:90:6E:68:F6:9A:05:F7:28:31:B7:F4:9E:B2:23:12:6B:D2:D7
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/JY2Qbmj2mgX3KDG39J6yIxJr0tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.66.0/24
84.54.35.0/24
178.212.142.0/24
185.65.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:5a:21:80:ae:e5:ab:5a:f1:87:cc:54:a5:56:6a:48:ed:75:
09:09:c1:bc:9a:a1:3f:08:07:3a:15:71:e5:76:41:f2:ff:45:
cb:38:68:ad:7a:da:72:44:3a:8c:d8:05:e5:71:f9:ed:c9:96:
c5:ad:98:b4:4a:c7:2f:cb:2f:f2:fd:98:d8:5f:b6:f8:83:0f:
aa:8f:fa:ab:ae:af:bd:79:79:f3:c2:b1:f9:4a:43:68:9e:ce:
b7:1a:94:0b:4c:db:e4:65:09:44:2d:f3:c6:3d:e2:f6:d7:d4:
03:0d:c0:d1:fb:60:1c:6f:3e:1b:cd:10:57:fd:d7:6c:1f:a9:
57:b1:86:4a:25:2d:65:77:ef:ff:31:77:bd:b3:10:4c:c7:1d:
48:00:f7:a5:1a:27:69:a8:7a:77:84:18:31:f1:8b:fa:b3:a0:
34:a8:63:76:ea:88:9e:d1:e7:b9:60:29:15:44:d9:c9:1c:32:
8f:4b:83:6c:8b:f7:03:b1:3d:f2:9d:70:15:13:07:31:e3:ff:
59:4a:d1:f7:19:e3:9f:e4:cd:4a:61:ec:2f:cb:dc:b1:c0:67:
04:59:2c:eb:70:b6:ce:54:97:ac:b0:ab:e4:ad:92:ea:fb:f0:
9a:c4:ef:7b:7d:bb:ed:6e:6c:31:8e:0b:fd:a5:11:91:11:e1:
f2:9f:a0:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjagtFtQr91WR00SSwTZ5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNThkOTA2ZTY4ZjY5YTA1ZjcyODMxYjdmNDllYjIyMzEyNmJkMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAratk1sEDHOrIO7ZAF6QtQBluxjev
5ufGqAJ10ogpTt4Xk0nScamyZyfuzK1m+e1tRZrxWtG4rVV6hHhQ+sxPolEl/EBU
I45a1WaJ3T+8JUn4Rq39E2kqXgAEDa8hq/LwhH6EkwDdk7HQNuGe3GwUKJY4BjIR
orhndP4mI8Dzy9KdT4r0l/eBpRHycwwgP0rP4d57T3K8FH95QadPscE8hfJd8cqm
rWncHyrQ+KGC3ZFHaBxvH+jKH0wkFNa0iKRAyfpErP98yZUeW09JK+x71sP2Knzu
FeuSzz4NF0HPUnqGQj3UfDHpqWH70ZtH5tDS9B7dkMk0wmweEC1EEKtjDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCWNkG5o9poF9ygxt/SesiMSa9LXMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvSlkyUWJtajJtZ1gzS0RHMzlKNnlJeEpyMHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkRCAwQA
VDYjAwQAstSOAwQAuUFGMA0GCSqGSIb3DQEBCwUAA4IBAQC5WiGAruWrWvGHzFSl
VmpI7XUJCcG8mqE/CAc6FXHldkHy/0XLOGitetpyRDqM2AXlcfntyZbFrZi0Sscv
yy/y/ZjYX7b4gw+qj/qrrq+9eXnzwrH5SkNons63GpQLTNvkZQlELfPGPeL219QD
DcDR+2Acbz4bzRBX/ddsH6lXsYZKJS1ld+//MXe9sxBMxx1IAPelGidpqHp3hBgx
8Yv6s6A0qGN26oie0ee5YCkVRNnJHDKPS4Nsi/cDsT3ynXAVEwcx4/9ZStH3GeOf
5M1KYewvy9yxwGcEWSzrcLbOVJessKvkrZLq+/CaxO97fbvtbmwxjgv9pRGREeHy
n6DC
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:50:28 2025 by rpki-client