Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/1JuBh8lEOH4Gv_TiAGmh3QPTdd8.roa
File: 1JuBh8lEOH4Gv_TiAGmh3QPTdd8.roa (raw, json)
Hash identifier: 9L83yVwb1Uhqks9DMbgSsnxXYkHLF9CsQEa0PBHMdEI=
Subject key identifier: D4:9B:81:87:C9:44:38:7E:06:BF:F4:E2:00:69:A1:DD:03:D3:75:DF
Certificate issuer: /CN=24051080400940ff47c807dd6742becbb4edf22d
Certificate serial: 01942368E21AF639571DE9CE3986038BB0F5
Authority key identifier: 24:05:10:80:40:09:40:FF:47:C8:07:DD:67:42:BE:CB:B4:ED:F2:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/1JuBh8lEOH4Gv_TiAGmh3QPTdd8.roa
Signing time: Wed 01 Jan 2025 19:47:43 +0000
ROA not before: Wed 01 Jan 2025 19:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15447
IP address blocks: 31.169.56.0/23 maxlen: 24
31.169.56.0/24 maxlen: 24
31.169.57.0/24 maxlen: 24
31.169.58.0/23 maxlen: 24
31.169.58.0/24 maxlen: 24
31.169.59.0/24 maxlen: 24
31.169.60.0/23 maxlen: 24
31.169.60.0/24 maxlen: 24
31.169.61.0/24 maxlen: 24
31.169.62.0/23 maxlen: 24
31.169.62.0/24 maxlen: 24
31.169.63.0/24 maxlen: 24
85.119.48.0/23 maxlen: 24
85.119.48.0/24 maxlen: 24
85.119.49.0/24 maxlen: 24
85.119.50.0/23 maxlen: 24
85.119.50.0/24 maxlen: 24
85.119.51.0/24 maxlen: 24
85.119.52.0/24 maxlen: 24
85.119.53.0/24 maxlen: 24
85.119.54.0/23 maxlen: 23
85.119.54.0/24 maxlen: 24
85.119.55.0/24 maxlen: 24
185.162.145.0/24 maxlen: 24
185.162.146.0/24 maxlen: 24
188.94.184.0/23 maxlen: 24
188.94.184.0/24 maxlen: 24
188.94.185.0/24 maxlen: 24
188.94.186.0/23 maxlen: 24
188.94.186.0/24 maxlen: 24
188.94.187.0/24 maxlen: 24
2a10:9d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e2:1a:f6:39:57:1d:e9:ce:39:86:03:8b:b0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24051080400940ff47c807dd6742becbb4edf22d
Validity
Not Before: Jan 1 19:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d49b8187c944387e06bff4e20069a1dd03d375df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:97:d7:11:f3:8e:65:b6:a0:ec:f8:0d:85:51:
f7:15:85:e7:53:7a:5b:09:8f:41:2a:2d:cb:4f:a4:
a7:c8:70:8c:d1:0d:0a:49:e7:1f:0e:3f:f0:16:08:
da:16:0f:a6:89:5a:b2:eb:b5:cb:f2:4d:06:ef:73:
73:71:62:e5:b3:e1:3c:36:2d:49:e7:dd:1d:bd:c8:
6e:61:75:78:01:db:7a:e3:26:5a:0b:a1:3c:d0:36:
8e:b5:14:66:8f:8b:44:ae:73:7d:23:4f:09:63:8a:
c7:0a:9d:e6:0d:77:fc:7e:c0:75:34:87:1c:f8:03:
40:2e:cd:76:d5:1a:ca:25:d9:e0:77:30:e1:6f:bb:
8c:9d:16:ea:b3:d5:54:6a:38:08:f0:df:81:51:2b:
71:20:6b:0a:4b:f4:3a:c1:dd:3b:c2:52:54:5b:31:
5c:70:1e:1f:39:6d:51:89:3f:13:53:ca:d9:a5:e8:
13:f8:f3:9f:75:9e:7f:e1:e6:2f:d7:c6:d2:26:47:
20:5a:f8:0e:ba:ad:67:9d:e7:01:86:21:3b:b0:4e:
a4:ef:44:71:b3:e9:ce:60:ff:cb:d6:6b:d7:33:33:
16:09:29:45:c9:c2:c7:a5:81:d1:8d:c2:0e:07:8a:
be:9c:99:20:bb:f1:b5:6b:57:96:80:83:38:f4:5c:
7d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9B:81:87:C9:44:38:7E:06:BF:F4:E2:00:69:A1:DD:03:D3:75:DF
X509v3 Authority Key Identifier:
keyid:24:05:10:80:40:09:40:FF:47:C8:07:DD:67:42:BE:CB:B4:ED:F2:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/1JuBh8lEOH4Gv_TiAGmh3QPTdd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/0bf5e9-d910-4037-8d37-5d39d5018f78/1/JAUQgEAJQP9HyAfdZ0K-y7Tt8i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.56.0/21
85.119.48.0/21
185.162.145.0-185.162.146.255
188.94.184.0/22
IPv6:
2a10:9d80::/29
Signature Algorithm: sha256WithRSAEncryption
36:5e:f1:e7:8a:e2:ca:73:95:e4:6b:f3:52:37:f2:c3:ce:1f:
7e:aa:55:fd:40:22:99:e5:81:ba:87:ec:05:70:55:64:09:30:
67:d5:13:73:a9:08:66:4a:5a:7a:f7:68:9d:b7:14:b6:76:f5:
f8:3b:69:62:17:87:0b:0a:d8:82:41:12:cf:4f:88:fb:4b:60:
2a:39:3a:3d:21:e2:5b:b3:0f:78:a8:9b:44:ba:12:75:5f:91:
d3:83:3a:f1:ac:ac:3d:43:55:34:13:e8:d2:c4:ae:b7:28:a2:
35:39:e9:ca:ff:68:bf:62:26:1c:36:73:b4:76:a2:fa:81:cf:
ab:05:c4:b6:bf:85:8d:d8:bb:78:2c:d1:ce:c6:23:cb:6d:64:
b3:60:30:f8:40:39:5b:fe:69:d2:c3:52:50:ea:07:ca:75:06:
eb:11:60:8b:7b:a4:08:ad:d4:2e:4e:8e:ad:f6:25:db:94:1b:
15:e6:ea:ae:55:8a:4b:35:7c:ae:e1:dc:ab:ad:0b:9e:75:99:
45:a4:44:61:b3:c7:cf:4e:3d:33:b9:42:5a:7e:33:c6:24:9f:
0b:c6:03:7f:85:5e:6d:11:ff:e5:62:85:ee:26:27:ff:03:92:
0b:b4:24:57:46:3b:79:78:1b:5b:b1:98:cf:6b:36:43:47:a2:
4f:60:ae:1c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQjaOIa9jlXHenOOYYDi7D1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MDUxMDgwNDAwOTQwZmY0N2M4MDdkZDY3NDJiZWNiYjRl
ZGYyMmQwHhcNMjUwMTAxMTk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDliODE4N2M5NDQzODdlMDZiZmY0ZTIwMDY5YTFkZDAzZDM3NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpfXEfOOZbag7PgNhVH3FYXnU3pb
CY9BKi3LT6SnyHCM0Q0KSecfDj/wFgjaFg+miVqy67XL8k0G73NzcWLls+E8Ni1J
590dvchuYXV4Adt64yZaC6E80DaOtRRmj4tErnN9I08JY4rHCp3mDXf8fsB1NIcc
+ANALs121RrKJdngdzDhb7uMnRbqs9VUajgI8N+BUStxIGsKS/Q6wd07wlJUWzFc
cB4fOW1RiT8TU8rZpegT+POfdZ5/4eYv18bSJkcgWvgOuq1nnecBhiE7sE6k70Rx
s+nOYP/L1mvXMzMWCSlFycLHpYHRjcIOB4q+nJkgu/G1a1eWgIM49Fx9EwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFNSbgYfJRDh+Br/04gBpod0D03XfMB8GA1UdIwQY
MBaAFCQFEIBACUD/R8gH3WdCvsu07fItMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkFVUWdFQUpRUDlIeUFmZFowSy15N1R0OGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wYmY1ZTktZDkxMC00MDM3LThkMzct
NWQzOWQ1MDE4Zjc4LzEvMUp1Qmg4bEVPSDRHdl9UaUFHbWgzUVBUZGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wYmY1ZTktZDkxMC00MDM3LThkMzctNWQzOWQ1MDE4Zjc4
LzEvSkFVUWdFQUpRUDlIeUFmZFowSy15N1R0OGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDH6k4AwQD
VXcwMAwDBAC5opEDBAC5opIDBAK8XrgwDQQCAAIwBwMFAyoQnYAwDQYJKoZIhvcN
AQELBQADggEBADZe8eeK4spzleRr81I38sPOH36qVf1AIpnlgbqH7AVwVWQJMGfV
E3OpCGZKWnr3aJ23FLZ29fg7aWIXhwsK2IJBEs9PiPtLYCo5Oj0h4luzD3iom0S6
EnVfkdODOvGsrD1DVTQT6NLErrcoojU56cr/aL9iJhw2c7R2ovqBz6sFxLa/hY3Y
u3gs0c7GI8ttZLNgMPhAOVv+adLDUlDqB8p1BusRYIt7pAit1C5Ojq32JduUGxXm
6q5Viks1fK7h3KutC551mUWkRGGzx89OPTO5Qlp+M8YknwvGA3+FXm0R/+Vihe4m
J/8Dkgu0JFdGO3l4G1uxmM9rNkNHok9grhw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:22 2025 by rpki-client