Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/JXYW_skYLqupswPrQ1TTwul_4pw.roa
File: JXYW_skYLqupswPrQ1TTwul_4pw.roa (raw, json)
Hash identifier: 1coVSV/CuzWHZNGFRb5/HYHfOudcsuDKmbV75xqav7E=
Subject key identifier: 25:76:16:FE:C9:18:2E:AB:A9:B3:03:EB:43:54:D3:C2:E9:7F:E2:9C
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0194AC9F4558E50D4F17AE21E06A46113ED6
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/JXYW_skYLqupswPrQ1TTwul_4pw.roa
Signing time: Tue 28 Jan 2025 11:15:06 +0000
ROA not before: Tue 28 Jan 2025 11:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50952
IP address blocks: 178.18.224.0/22 maxlen: 22
178.18.235.0/24 maxlen: 24
2a03:5f80:9::/48 maxlen: 48
2a03:5f80:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:9f:45:58:e5:0d:4f:17:ae:21:e0:6a:46:11:3e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 28 11:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=257616fec9182eaba9b303eb4354d3c2e97fe29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6a:17:26:1e:e3:f5:73:87:b5:25:37:d6:29:
88:42:85:23:7c:79:93:e3:ca:22:2a:96:78:a1:28:
5c:51:3d:6e:14:bd:f4:4c:df:22:d3:39:e1:dd:6b:
86:55:dc:c0:ee:67:21:d6:4a:a9:fb:e9:6e:13:e9:
54:08:6d:c4:06:1f:a7:bc:c0:55:da:c2:25:de:66:
ea:d2:f5:c8:46:e7:5b:57:8e:2c:64:01:3e:25:6a:
db:32:a6:c1:a2:9f:90:37:a5:39:9f:65:43:1d:a6:
99:a6:14:91:4b:17:63:1c:90:99:f2:a3:f5:1e:97:
ad:97:84:0b:f4:41:72:26:37:6d:45:3c:5c:d5:17:
81:94:09:d9:b6:13:ce:67:f9:2b:65:f7:bd:20:9a:
c9:5c:82:52:42:aa:89:b3:41:8c:c9:8f:83:03:56:
85:33:42:f1:3a:ab:fd:53:85:91:59:4b:56:c8:3e:
0b:fe:d2:78:c2:06:c5:c7:5c:90:95:20:bb:52:b7:
d3:e5:40:72:71:b3:19:c0:28:ba:b4:09:d5:b8:ad:
b0:1b:3f:ba:c9:ef:e6:e1:fc:d6:27:d8:3b:04:7e:
4b:4e:e1:47:6d:f7:cb:d3:92:65:17:3b:69:0f:88:
bc:f9:c8:15:d8:33:f4:33:88:9d:7f:32:a6:66:e7:
c8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:76:16:FE:C9:18:2E:AB:A9:B3:03:EB:43:54:D3:C2:E9:7F:E2:9C
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/JXYW_skYLqupswPrQ1TTwul_4pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.224.0/22
178.18.235.0/24
IPv6:
2a03:5f80:9::/48
2a03:5f80:b::/48
Signature Algorithm: sha256WithRSAEncryption
9a:9c:4d:52:fb:bd:a9:ed:f3:0e:25:0a:3f:95:8a:b3:79:64:
28:47:e8:0c:f3:42:4f:4b:39:68:b6:ea:87:7b:8a:6d:b3:cc:
8e:ed:0c:d4:42:76:d9:2f:60:75:ae:2d:11:83:5c:d1:8c:67:
77:2f:9d:cc:93:45:5a:00:5d:ee:68:fc:d2:93:d9:7b:9d:04:
70:5a:3c:5a:5f:50:f6:27:e6:20:09:0a:e0:0b:da:30:2b:54:
ef:e1:33:e7:b1:53:3f:cb:ac:0d:3b:00:fe:ad:fc:33:70:6b:
72:5b:dc:b9:14:a3:6f:98:c7:9b:f1:d5:d1:56:78:bd:49:c8:
3c:e8:c2:7b:a0:0b:b0:71:f2:ff:de:7a:3c:db:d6:6d:d8:8d:
cd:54:b7:21:35:1c:33:0e:94:c0:30:3d:4e:3a:89:8d:81:0b:
b5:3c:1b:45:75:3f:81:75:d7:79:8e:d9:a2:9a:ef:d4:b2:7f:
bb:33:51:49:e7:2e:bf:d4:52:14:3a:2e:3c:b4:53:94:34:84:
26:08:bc:cd:02:59:44:7e:37:ac:02:27:79:0a:03:72:2d:83:
e3:1a:61:17:35:a8:e0:f5:ee:4b:29:ae:a4:de:d7:0d:d7:28:
5b:3c:0b:9d:38:95:e3:25:61:44:bc:02:13:8a:0c:87:85:e8:
37:e0:c9:d0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZSsn0VY5Q1PF64h4GpGET7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMTI4MTExNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc2MTZmZWM5MTgyZWFiYTliMzAzZWI0MzU0ZDNjMmU5N2ZlMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimoXJh7j9XOHtSU31imIQoUjfHmT
48oiKpZ4oShcUT1uFL30TN8i0znh3WuGVdzA7mch1kqp++luE+lUCG3EBh+nvMBV
2sIl3mbq0vXIRudbV44sZAE+JWrbMqbBop+QN6U5n2VDHaaZphSRSxdjHJCZ8qP1
Hpetl4QL9EFyJjdtRTxc1ReBlAnZthPOZ/krZfe9IJrJXIJSQqqJs0GMyY+DA1aF
M0LxOqv9U4WRWUtWyD4L/tJ4wgbFx1yQlSC7UrfT5UBycbMZwCi6tAnVuK2wGz+6
ye/m4fzWJ9g7BH5LTuFHbffL05JlFztpD4i8+cgV2DP0M4idfzKmZufIrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCV2Fv7JGC6rqbMD60NU08Lpf+KcMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvSlhZV19za1lMcXVwc3dQclExVFR3dWxfNHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCshLgAwQA
shLrMBgEAgACMBIDBwAqA1+AAAkDBwAqA1+AAAswDQYJKoZIhvcNAQELBQADggEB
AJqcTVL7vant8w4lCj+VirN5ZChH6AzzQk9LOWi26od7im2zzI7tDNRCdtkvYHWu
LRGDXNGMZ3cvncyTRVoAXe5o/NKT2XudBHBaPFpfUPYn5iAJCuAL2jArVO/hM+ex
Uz/LrA07AP6t/DNwa3Jb3LkUo2+Yx5vx1dFWeL1JyDzownugC7Bx8v/eejzb1m3Y
jc1UtyE1HDMOlMAwPU46iY2BC7U8G0V1P4F113mO2aKa79Syf7szUUnnLr/UUhQ6
Ljy0U5Q0hCYIvM0CWUR+N6wCJ3kKA3Itg+MaYRc1qOD17ksprqTe1w3XKFs8C504
leMlYUS8AhOKDIeF6DfgydA=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:29:26 2025 by rpki-client