Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/JSR7L8D9xzMVHTQmxCxocupUPs8.roa
File: JSR7L8D9xzMVHTQmxCxocupUPs8.roa (raw, json)
Hash identifier: sFWVvlE7717fYPfXWHO2rnVLWNcg9ik7geNB96fmazw=
Subject key identifier: 25:24:7B:2F:C0:FD:C7:33:15:1D:34:26:C4:2C:68:72:EA:54:3E:CF
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 019421446FE93B92C0EBAD242A9144DBED68
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/JSR7L8D9xzMVHTQmxCxocupUPs8.roa
Signing time: Wed 01 Jan 2025 09:48:40 +0000
ROA not before: Wed 01 Jan 2025 09:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.132.224.0/24 maxlen: 24
45.132.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6f:e9:3b:92:c0:eb:ad:24:2a:91:44:db:ed:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 09:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25247b2fc0fdc733151d3426c42c6872ea543ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:20:ea:f1:2b:1f:2a:05:c6:cc:7a:d3:49:
08:76:38:f3:48:40:7c:2b:43:ab:48:51:2c:5f:f4:
84:62:86:5f:0a:fc:1a:1f:3e:2e:2f:69:11:30:51:
e5:de:d3:f8:e9:c3:3d:ee:ec:9f:ca:6f:23:82:3f:
ed:7d:1f:10:fe:2e:d8:30:62:3f:55:36:67:cb:80:
a8:ed:2a:b2:b7:dc:c5:5e:a0:d0:1f:05:28:99:bf:
bf:86:db:d4:3a:0f:c1:89:3e:ba:9e:1f:e7:aa:d3:
5d:ee:92:34:00:e7:62:d6:65:95:e0:45:3a:78:36:
42:07:09:40:63:fc:52:17:e2:53:38:d3:e2:9c:9f:
73:7a:e1:0e:77:fb:d8:de:75:f2:e9:b9:b2:06:14:
00:7b:99:5b:f8:8c:bb:2d:4c:53:b5:97:00:65:7a:
66:79:69:d2:2c:43:58:a5:b9:bc:67:ec:42:b7:21:
b1:21:8e:6a:da:48:43:a3:36:e5:4c:3a:65:65:b3:
0d:8a:14:76:7f:9f:7c:cf:6f:10:33:63:09:f6:c9:
4a:45:1a:c6:cc:82:4b:44:d4:2d:70:ea:e3:9b:23:
e4:04:92:7a:92:ac:a9:ab:f8:ad:dc:03:0f:66:37:
d3:aa:00:b6:ae:8a:fc:71:49:f0:51:41:0b:17:1b:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:24:7B:2F:C0:FD:C7:33:15:1D:34:26:C4:2C:68:72:EA:54:3E:CF
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/JSR7L8D9xzMVHTQmxCxocupUPs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.224.0/23
Signature Algorithm: sha256WithRSAEncryption
df:a4:c4:98:37:a4:63:7f:4c:b3:d6:ae:4d:95:3e:3e:2a:80:
da:57:3c:9b:51:f4:67:71:af:20:24:a2:a7:50:92:c0:1e:03:
a1:96:d5:b6:34:e3:00:d6:f6:f1:5b:a5:e9:4a:ca:8f:20:b4:
2b:5b:46:b6:9c:3e:65:f3:34:99:21:57:03:23:af:53:d4:2a:
22:87:ae:bc:ec:41:cf:64:24:c0:3c:9e:72:70:cd:9d:8a:71:
e4:ed:5e:08:09:7e:df:67:f1:c9:5b:b6:10:c5:92:6a:ba:8d:
b7:94:9d:51:43:88:49:23:19:d8:a7:4e:75:50:57:f9:76:b2:
af:76:34:ef:9f:f8:46:fd:c4:9e:08:86:c6:67:20:ec:34:58:
8f:b6:d7:45:c0:79:78:7f:31:7b:7c:a7:99:41:87:7c:70:db:
a9:ac:c6:bb:64:b9:80:82:2a:e8:8c:26:89:81:99:b8:53:ae:
b2:71:80:9c:4a:72:7b:48:04:f5:97:39:d1:d0:6a:44:ce:56:
7d:e8:9b:fb:86:04:5f:bb:7a:db:f2:7a:b2:cd:1d:dd:fd:7f:
4d:30:e5:99:50:38:aa:02:fe:33:dc:09:5d:32:59:a2:28:1e:
11:9b:d4:93:87:1c:1e:2e:04:c8:95:8a:4f:f1:84:69:e0:a6:
4c:ae:b4:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRG/pO5LA660kKpFE2+1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjUwMTAxMDk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI0N2IyZmMwZmRjNzMzMTUxZDM0MjZjNDJjNjg3MmVhNTQzZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqEg6vErHyoFxsx600kIdjjzSEB8
K0OrSFEsX/SEYoZfCvwaHz4uL2kRMFHl3tP46cM97uyfym8jgj/tfR8Q/i7YMGI/
VTZny4Co7Sqyt9zFXqDQHwUomb+/htvUOg/BiT66nh/nqtNd7pI0AOdi1mWV4EU6
eDZCBwlAY/xSF+JTONPinJ9zeuEOd/vY3nXy6bmyBhQAe5lb+Iy7LUxTtZcAZXpm
eWnSLENYpbm8Z+xCtyGxIY5q2khDozblTDplZbMNihR2f598z28QM2MJ9slKRRrG
zIJLRNQtcOrjmyPkBJJ6kqypq/it3AMPZjfTqgC2ror8cUnwUUELFxuDNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUkey/A/cczFR00JsQsaHLqVD7PMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvSlNSN0w4RDl4ek1WSFRRbXhDeG9jdXBVUHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYTgMA0G
CSqGSIb3DQEBCwUAA4IBAQDfpMSYN6Rjf0yz1q5NlT4+KoDaVzybUfRnca8gJKKn
UJLAHgOhltW2NOMA1vbxW6XpSsqPILQrW0a2nD5l8zSZIVcDI69T1Coih6687EHP
ZCTAPJ5ycM2dinHk7V4ICX7fZ/HJW7YQxZJquo23lJ1RQ4hJIxnYp051UFf5drKv
djTvn/hG/cSeCIbGZyDsNFiPttdFwHl4fzF7fKeZQYd8cNuprMa7ZLmAgirojCaJ
gZm4U66ycYCcSnJ7SAT1lznR0GpEzlZ96Jv7hgRfu3rb8nqyzR3d/X9NMOWZUDiq
Av4z3AldMlmiKB4Rm9SThxweLgTIlYpP8YRp4KZMrrS4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:14 2025 by rpki-client