Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/jYKhHXV1OB2pC6LjAmSh2r6YUk0.roa
File: jYKhHXV1OB2pC6LjAmSh2r6YUk0.roa (raw, json)
Hash identifier: 7C9VKQGPhygAtV4ulo4sNDzQRhMNsoU08LmAQx4ncWw=
Subject key identifier: 8D:82:A1:1D:75:75:38:1D:A9:0B:A2:E3:02:64:A1:DA:BE:98:52:4D
Certificate issuer: /CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Certificate serial: 01942444C979306B2FDBF4CCB9DA3F043694
Authority key identifier: 7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/jYKhHXV1OB2pC6LjAmSh2r6YUk0.roa
Signing time: Wed 01 Jan 2025 23:47:55 +0000
ROA not before: Wed 01 Jan 2025 23:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57204
IP address blocks: 185.83.108.0/23 maxlen: 23
195.80.233.0/24 maxlen: 24
2a05:9a80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c9:79:30:6b:2f:db:f4:cc:b9:da:3f:04:36:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Validity
Not Before: Jan 1 23:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d82a11d7575381da90ba2e30264a1dabe98524d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:0e:de:86:e9:fa:6a:ee:bb:c2:8d:10:10:8b:
6e:6a:d6:0d:d2:bc:56:92:4f:83:c8:19:e8:cc:e1:
44:1c:75:95:f2:15:ba:e5:98:6b:c0:71:5f:01:fd:
38:0e:e5:0d:20:f1:d6:15:d7:85:ba:e4:f6:da:f1:
30:9e:7d:63:4d:14:a5:fb:c0:fa:45:4d:5e:25:1e:
88:9b:b7:be:2f:83:bd:14:9f:7c:74:e5:03:92:ff:
e8:a2:6c:df:93:e2:48:46:3e:36:46:c0:45:f5:51:
c9:a3:5e:f2:f8:ea:e1:66:de:58:be:f2:8e:8a:ed:
1f:21:33:1f:02:4e:5f:d4:ad:0e:71:d0:f7:28:83:
e5:f1:49:cd:7c:c5:f0:53:e9:62:38:c6:37:57:d2:
79:7a:00:83:6a:28:63:b7:75:02:36:a8:3a:f9:5c:
57:c6:4f:ec:c2:94:42:43:89:9b:c6:37:61:e9:0c:
94:8c:3e:19:5f:17:d4:26:80:1b:61:24:e0:b2:80:
ca:f6:3c:07:cb:8d:47:60:ab:4d:fb:50:6c:a6:06:
74:d4:a1:92:86:9d:cb:4e:25:71:8e:18:1f:90:6d:
4d:a9:7a:27:81:2b:40:66:7d:bf:10:b4:95:bb:f0:
bb:ce:66:9a:6c:b3:d5:a3:0e:0f:c6:1e:73:c5:67:
17:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:82:A1:1D:75:75:38:1D:A9:0B:A2:E3:02:64:A1:DA:BE:98:52:4D
X509v3 Authority Key Identifier:
keyid:7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/jYKhHXV1OB2pC6LjAmSh2r6YUk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.108.0/23
195.80.233.0/24
IPv6:
2a05:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:c6:54:17:26:2f:ed:96:a8:9a:e4:03:23:7d:e0:45:39:50:
c4:58:b4:3b:52:67:05:1b:4c:4a:11:47:7c:5b:76:55:95:e4:
dd:32:a6:41:d3:6e:ae:91:ae:45:50:7d:fc:de:6d:ab:5e:6f:
47:3d:38:ff:b6:fb:bb:69:4c:44:fd:c1:a7:06:41:ef:ce:c8:
04:f6:62:02:ae:29:74:d4:be:26:ef:25:8c:33:95:ba:6f:a0:
d7:80:d9:86:9d:75:b0:76:ca:48:76:3d:eb:17:88:de:c1:32:
9e:a3:5d:4d:44:0b:4a:1a:33:25:f1:a5:ee:b2:52:89:3f:4f:
75:38:61:54:a0:1e:d5:89:b4:f7:0c:28:56:a0:f8:12:91:e0:
f4:54:a4:f1:84:e1:1a:21:f7:38:08:b2:3d:76:e8:61:72:97:
a5:a5:ad:3a:e4:e5:cd:4a:15:39:b2:d7:4d:a4:7d:1e:96:5a:
8a:56:04:a2:f8:8d:3b:24:b3:87:6c:f9:5c:eb:30:7e:a7:7d:
c3:ef:74:db:15:b7:5a:27:f2:05:96:81:88:54:95:50:be:a5:
ad:a5:f9:7d:ae:b0:d9:11:9e:3c:1c:c9:b5:a9:aa:e8:b7:73:
0b:a6:9b:37:3f:52:b5:e4:ee:7d:d9:1f:52:7a:5e:fc:e5:76:
4f:aa:70:69
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRMl5MGsv2/TMudo/BDaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODhkNGE0YWIxOGE1OWI2NjRkYWJhZmRiMzg4MGRjMzVi
MjJiOTEwHhcNMjUwMTAxMjM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDgyYTExZDc1NzUzODFkYTkwYmEyZTMwMjY0YTFkYWJlOTg1MjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+A7ehun6au67wo0QEItuatYN0rxW
kk+DyBnozOFEHHWV8hW65ZhrwHFfAf04DuUNIPHWFdeFuuT22vEwnn1jTRSl+8D6
RU1eJR6Im7e+L4O9FJ98dOUDkv/oomzfk+JIRj42RsBF9VHJo17y+OrhZt5YvvKO
iu0fITMfAk5f1K0OcdD3KIPl8UnNfMXwU+liOMY3V9J5egCDaihjt3UCNqg6+VxX
xk/swpRCQ4mbxjdh6QyUjD4ZXxfUJoAbYSTgsoDK9jwHy41HYKtN+1BspgZ01KGS
hp3LTiVxjhgfkG1NqXongStAZn2/ELSVu/C7zmaabLPVow4Pxh5zxWcXnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI2CoR11dTgdqQui4wJkodq+mFJNMB8GA1UdIwQY
MBaAFHuI1KSrGKWbZk2rr9s4gNw1siuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMt
NzQzNzY1YmQwZjNlLzEvallLaEhYVjFPQjJwQzZMakFtU2gycjZZVWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMtNzQzNzY1YmQwZjNl
LzEvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuVNsAwQA
w1DpMA0EAgACMAcDBQMqBZqAMA0GCSqGSIb3DQEBCwUAA4IBAQAuxlQXJi/tlqia
5AMjfeBFOVDEWLQ7UmcFG0xKEUd8W3ZVleTdMqZB026uka5FUH383m2rXm9HPTj/
tvu7aUxE/cGnBkHvzsgE9mICril01L4m7yWMM5W6b6DXgNmGnXWwdspIdj3rF4je
wTKeo11NRAtKGjMl8aXuslKJP091OGFUoB7VibT3DChWoPgSkeD0VKTxhOEaIfc4
CLI9duhhcpelpa065OXNShU5stdNpH0ellqKVgSi+I07JLOHbPlc6zB+p33D73Tb
FbdaJ/IFloGIVJVQvqWtpfl9rrDZEZ48HMm1qarot3MLpps3P1K15O592R9Sel78
5XZPqnBp
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:33:53 2025 by rpki-client