Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/jOjUJYKoLHn0iKDz6xmlsGUntNA.roa
File: jOjUJYKoLHn0iKDz6xmlsGUntNA.roa (raw, json)
Hash identifier: dqARMuMMhdUxtBH/82mhr6b+TrmEh6Uv8dt27P0LcGo=
Subject key identifier: 8C:E8:D4:25:82:A8:2C:79:F4:88:A0:F3:EB:19:A5:B0:65:27:B4:D0
Certificate issuer: /CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Certificate serial: 01942067F6B2DC2DDAF8134EA2F0F181DFB1
Authority key identifier: DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/jOjUJYKoLHn0iKDz6xmlsGUntNA.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205915
IP address blocks: 194.13.160.0/20 maxlen: 24
194.13.224.0/21 maxlen: 24
194.53.12.0/22 maxlen: 24
2001:67c:1134::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/2_tvVg7FQqxmwwgCA8ZjNYc66O4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/2_tvVg7FQqxmwwgCA8ZjNYc66O4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 22:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f6:b2:dc:2d:da:f8:13:4e:a2:f0:f1:81:df:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ce8d42582a82c79f488a0f3eb19a5b06527b4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:af:73:37:54:66:96:34:13:46:93:aa:41:ee:
f8:35:c7:41:e9:7f:69:95:f9:06:61:52:d4:7a:a8:
9d:63:b0:0f:93:74:dc:b1:c9:00:28:a2:be:25:f5:
75:9f:5b:fe:06:22:ab:f0:7b:1a:f8:27:b0:8d:18:
c2:0e:55:de:6a:be:bc:fb:5c:fe:43:90:a3:59:42:
88:ed:31:b7:76:92:72:a7:3c:56:fc:60:83:8e:9e:
4f:0d:61:c0:7e:d0:fd:2b:d7:95:c6:71:c3:64:b5:
5b:b5:36:e8:3f:7d:af:2b:85:4d:61:2b:c8:2e:89:
e3:b3:21:7d:23:65:2e:39:5b:9b:15:5b:91:13:8f:
98:ce:46:d0:91:27:af:ed:0b:e6:f8:c7:d4:8c:64:
67:50:8a:c9:cf:ca:b1:66:11:db:72:f6:4b:4d:77:
ec:96:b3:d9:3c:bc:9d:7d:4e:d1:80:df:ad:32:4f:
c4:8d:ca:1c:a9:c3:58:9f:54:16:f7:99:4c:05:36:
2a:6d:e4:51:25:af:11:97:d7:c5:38:e2:59:e1:23:
34:81:af:1a:11:46:4e:a1:83:17:e5:f0:c3:00:bc:
db:5b:e9:e9:51:fa:e8:62:f9:7f:15:1c:30:c6:da:
45:b3:ea:cd:51:4e:52:8e:16:5c:b6:cf:de:a4:b3:
94:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E8:D4:25:82:A8:2C:79:F4:88:A0:F3:EB:19:A5:B0:65:27:B4:D0
X509v3 Authority Key Identifier:
keyid:DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/jOjUJYKoLHn0iKDz6xmlsGUntNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/2_tvVg7FQqxmwwgCA8ZjNYc66O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.160.0/20
194.13.224.0/21
194.53.12.0/22
IPv6:
2001:67c:1134::/48
Signature Algorithm: sha256WithRSAEncryption
34:e0:27:35:6a:1f:1d:c7:67:1d:3c:8c:99:c5:8f:59:27:76:
68:4b:1f:4c:c8:6f:74:43:2e:70:1a:81:df:a1:cc:0a:57:48:
45:44:cc:07:a8:cb:91:48:e1:ab:1a:3f:de:c2:a9:fd:9c:cd:
7d:a6:3d:fc:ba:ac:24:4d:d2:4d:28:62:4b:8c:21:2f:a7:13:
5a:7a:e1:46:84:41:5f:3b:c8:5e:79:3a:39:5c:ee:6d:6b:37:
99:91:b7:e0:48:35:4b:21:6a:21:6f:5f:72:10:8e:b3:fe:82:
f3:dd:a9:f9:e7:9b:52:a9:63:8c:70:a5:d8:d6:bc:2a:0b:ba:
ff:89:a6:a4:ec:44:ea:93:75:e6:20:42:e1:79:4f:84:e6:41:
cb:de:3d:ff:eb:bf:2e:90:92:7c:de:04:74:f7:b9:ea:8d:53:
5c:6c:9b:8e:be:3e:96:41:c6:c0:bd:7a:15:cd:5d:93:35:c6:
c1:6d:7c:53:b2:5f:3f:aa:ce:d5:63:20:87:ba:f5:18:18:c5:
bd:b3:fe:ba:ae:ee:49:91:07:e0:8d:69:3f:6c:c1:75:9c:cf:
f2:09:7e:7a:98:f1:81:7d:37:52:58:c9:16:78:1f:10:07:4b:
f7:7a:47:79:21:fe:22:96:9f:51:db:63:7c:1e:14:8b:ed:16:
ac:be:9c:61
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQgZ/ay3C3a+BNOovDxgd+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmI2ZjU2MGVjNTQyYWM2NmMzMDgwMjAzYzY2MzM1ODcz
YWU4ZWUwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2U4ZDQyNTgyYTgyYzc5ZjQ4OGEwZjNlYjE5YTViMDY1MjdiNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6K9zN1RmljQTRpOqQe74NcdB6X9p
lfkGYVLUeqidY7APk3TcsckAKKK+JfV1n1v+BiKr8Hsa+CewjRjCDlXear68+1z+
Q5CjWUKI7TG3dpJypzxW/GCDjp5PDWHAftD9K9eVxnHDZLVbtTboP32vK4VNYSvI
LonjsyF9I2UuOVubFVuRE4+YzkbQkSev7Qvm+MfUjGRnUIrJz8qxZhHbcvZLTXfs
lrPZPLydfU7RgN+tMk/EjcocqcNYn1QW95lMBTYqbeRRJa8Rl9fFOOJZ4SM0ga8a
EUZOoYMX5fDDALzbW+npUfroYvl/FRwwxtpFs+rNUU5SjhZcts/epLOUTQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIzo1CWCqCx59Iig8+sZpbBlJ7TQMB8GA1UdIwQY
MBaAFNv7b1YOxUKsZsMIAgPGYzWHOujuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAt
YjI1MDg1MDUxYWI4LzEvak9qVUpZS29MSG4waUtEejZ4bWxzR1VudE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAtYjI1MDg1MDUxYWI4
LzEvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEwg2gAwQD
wg3gAwQCwjUMMA8EAgACMAkDBwAgAQZ8ETQwDQYJKoZIhvcNAQELBQADggEBADTg
JzVqHx3HZx08jJnFj1kndmhLH0zIb3RDLnAagd+hzApXSEVEzAeoy5FI4asaP97C
qf2czX2mPfy6rCRN0k0oYkuMIS+nE1p64UaEQV87yF55Ojlc7m1rN5mRt+BINUsh
aiFvX3IQjrP+gvPdqfnnm1KpY4xwpdjWvCoLuv+JpqTsROqTdeYgQuF5T4TmQcve
Pf/rvy6QknzeBHT3ueqNU1xsm46+PpZBxsC9ehXNXZM1xsFtfFOyXz+qztVjIIe6
9RgYxb2z/rqu7kmRB+CNaT9swXWcz/IJfnqY8YF9N1JYyRZ4HxAHS/d6R3kh/iKW
n1HbY3weFIvtFqy+nGE=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:29:39 2025 by rpki-client