Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/JGBf-HSBUO7hgbq8X1OnBUjDyVQ.roa
File: JGBf-HSBUO7hgbq8X1OnBUjDyVQ.roa (raw, json)
Hash identifier: MtZT8bLkQTUgeFwypbcTgOQkoRE3SGspSU9gsC7WWCE=
Subject key identifier: 24:60:5F:F8:74:81:50:EE:E1:81:BA:BC:5F:53:A7:05:48:C3:C9:54
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 0194258F2282A0F5F6AE83AA5100C3F6193D
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/JGBf-HSBUO7hgbq8X1OnBUjDyVQ.roa
Signing time: Thu 02 Jan 2025 05:48:44 +0000
ROA not before: Thu 02 Jan 2025 05:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44881
IP address blocks: 93.94.232.0/21 maxlen: 21
109.68.208.0/22 maxlen: 22
185.117.28.0/22 maxlen: 22
185.117.30.0/23 maxlen: 23
2a05:ce80::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:22:82:a0:f5:f6:ae:83:aa:51:00:c3:f6:19:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Jan 2 05:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24605ff8748150eee181babc5f53a70548c3c954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a6:52:54:58:b3:3c:5d:c8:6d:a5:20:cc:76:
83:43:18:ba:a3:49:88:64:5e:e1:eb:8c:54:b6:cf:
00:51:dc:8c:41:a1:bb:65:1e:fe:9f:d6:4c:69:de:
e1:6a:24:a5:a2:0e:62:e3:a6:36:37:ec:cb:d7:64:
92:55:94:fc:bb:68:11:66:0b:bf:60:e0:5d:52:46:
e6:12:60:2b:3b:a6:e0:4e:c5:45:7b:e1:40:d3:2f:
8e:0b:df:f1:7b:a6:b7:15:e1:81:0c:41:57:70:a5:
5c:76:81:37:9d:09:bb:c9:da:8c:11:3e:63:12:9b:
db:13:85:26:25:18:88:50:54:35:a0:a2:45:1b:d5:
8b:5d:12:72:f0:c6:db:92:1d:1a:09:35:ed:c2:cc:
ad:9f:7f:c0:70:91:b0:b0:95:f5:41:4d:b4:b3:2d:
4b:9c:ad:03:f3:79:56:89:47:7e:d0:3d:9d:f2:39:
34:e3:7d:a8:13:bc:30:48:45:2f:a7:ce:35:d7:37:
e8:e3:bf:d3:fa:d2:3f:f8:52:c4:b2:51:84:fa:a8:
24:20:42:a1:8f:d5:c5:cd:41:7c:82:f0:bc:18:d7:
fe:de:9d:92:dd:44:85:76:64:d7:9e:ed:ec:86:63:
9a:f1:cb:59:33:0e:d5:b2:e7:42:24:ca:53:d6:11:
34:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:60:5F:F8:74:81:50:EE:E1:81:BA:BC:5F:53:A7:05:48:C3:C9:54
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/JGBf-HSBUO7hgbq8X1OnBUjDyVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.232.0/21
109.68.208.0/22
185.117.28.0/22
IPv6:
2a05:ce80::/36
Signature Algorithm: sha256WithRSAEncryption
09:50:94:2b:53:9d:ba:ae:4a:c4:8e:29:3f:08:de:86:87:20:
cc:f3:52:78:b0:e7:c7:33:8a:00:1d:04:cd:c1:36:be:86:a1:
40:e1:f0:24:ff:72:05:ae:a6:a6:dd:ee:09:3a:6e:35:e5:94:
5d:63:5f:50:38:12:c9:fd:c8:6d:c9:89:1e:a4:f4:3d:b5:8c:
d5:a4:67:76:60:a1:44:b3:da:4a:91:85:d8:b1:65:7f:87:ee:
d4:61:c6:aa:80:e6:61:88:41:1f:32:e8:26:56:2b:69:ae:e8:
64:40:74:a7:85:28:78:f9:89:22:e9:d9:be:0e:03:2f:2f:22:
1b:da:cc:ec:73:51:f5:55:56:a4:64:e6:5c:b9:e3:29:31:72:
d3:78:23:af:ca:fe:06:5e:38:1c:db:be:b6:ee:eb:91:1f:4c:
07:e1:45:72:79:7b:43:af:78:c4:e5:dc:45:85:e1:75:bf:5c:
9c:ca:a9:50:f3:ac:5b:39:db:0f:2d:aa:1e:05:28:3d:a6:a8:
40:a6:79:72:bc:02:4c:03:28:ee:77:35:80:f4:1c:e8:be:ae:
9a:3b:d7:67:26:46:b2:0c:a3:c7:4c:64:c8:92:43:77:cd:e1:
bf:c8:84:a4:24:e3:97:15:f6:b1:42:0b:41:20:64:d7:38:28:
d4:96:17:fc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQljyKCoPX2roOqUQDD9hk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjUwMTAyMDU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDYwNWZmODc0ODE1MGVlZTE4MWJhYmM1ZjUzYTcwNTQ4YzNjOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KZSVFizPF3IbaUgzHaDQxi6o0mI
ZF7h64xUts8AUdyMQaG7ZR7+n9ZMad7haiSlog5i46Y2N+zL12SSVZT8u2gRZgu/
YOBdUkbmEmArO6bgTsVFe+FA0y+OC9/xe6a3FeGBDEFXcKVcdoE3nQm7ydqMET5j
EpvbE4UmJRiIUFQ1oKJFG9WLXRJy8Mbbkh0aCTXtwsytn3/AcJGwsJX1QU20sy1L
nK0D83lWiUd+0D2d8jk0432oE7wwSEUvp8411zfo47/T+tI/+FLEslGE+qgkIEKh
j9XFzUF8gvC8GNf+3p2S3USFdmTXnu3shmOa8ctZMw7VsudCJMpT1hE0OwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCRgX/h0gVDu4YG6vF9TpwVIw8lUMB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvSkdCZi1IU0JVTzdoZ2JxOFgxT25CVWpEeVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXV7oAwQC
bUTQAwQCuXUcMA4EAgACMAgDBgQqBc6AADANBgkqhkiG9w0BAQsFAAOCAQEACVCU
K1Oduq5KxI4pPwjehocgzPNSeLDnxzOKAB0EzcE2voahQOHwJP9yBa6mpt3uCTpu
NeWUXWNfUDgSyf3IbcmJHqT0PbWM1aRndmChRLPaSpGF2LFlf4fu1GHGqoDmYYhB
HzLoJlYraa7oZEB0p4UoePmJIunZvg4DLy8iG9rM7HNR9VVWpGTmXLnjKTFy03gj
r8r+Bl44HNu+tu7rkR9MB+FFcnl7Q694xOXcRYXhdb9cnMqpUPOsWznbDy2qHgUo
PaaoQKZ5crwCTAMo7nc1gPQc6L6umjvXZyZGsgyjx0xkyJJDd83hv8iEpCTjlxX2
sUILQSBk1zgo1JYX/A==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:36:46 2025 by rpki-client