Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/jj0FH0DBvDqihM_PehNtHmRi9os.roa
File: jj0FH0DBvDqihM_PehNtHmRi9os.roa (raw, json)
Hash identifier: YyltTND33n/AiLCX9ViD6/mj27hWtc2LPtOCmOwTReA=
Subject key identifier: 8E:3D:05:1F:40:C1:BC:3A:A2:84:CF:CF:7A:13:6D:1E:64:62:F6:8B
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 019421444391B93E74692AE5F1FD5C2F57FA
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/jj0FH0DBvDqihM_PehNtHmRi9os.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5390
IP address blocks: 83.118.224.0/22 maxlen: 24
83.119.0.0/19 maxlen: 24
83.119.0.0/21 maxlen: 24
83.119.8.0/21 maxlen: 24
83.119.14.0/24 maxlen: 24
83.119.16.0/20 maxlen: 24
85.148.0.0/15 maxlen: 16
2a02:2500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:43:91:b9:3e:74:69:2a:e5:f1:fd:5c:2f:57:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e3d051f40c1bc3aa284cfcf7a136d1e6462f68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:89:78:da:0a:2a:aa:51:f0:b1:c0:03:4f:27:
10:07:8f:2e:11:18:e6:5b:62:a3:46:d1:50:06:95:
2f:e6:36:e9:24:39:4a:ed:42:36:6c:4a:48:e6:d7:
bb:ba:4d:57:ad:34:ef:7f:c8:ae:20:ed:2b:de:18:
ff:95:63:7d:56:8f:d4:8f:f8:9f:d0:62:51:48:d1:
58:6c:9d:2e:a6:08:1e:38:04:68:99:77:0c:41:d5:
06:2e:f7:b9:18:27:07:a3:b2:ee:46:e9:68:6e:11:
d8:7f:08:e8:54:40:88:6c:c8:b8:c1:03:78:a0:fa:
ec:dd:5e:02:1f:01:80:33:c9:a2:1b:ea:95:44:8d:
21:7d:8e:40:18:d4:51:99:ac:f3:72:37:9b:a4:54:
82:87:92:cc:1a:ab:1c:3c:45:09:5b:ad:6e:0b:9e:
71:d7:41:92:fc:48:75:8d:13:66:ae:90:a3:5a:85:
f4:f0:18:e0:5f:bc:4b:ff:48:89:00:cb:f5:89:55:
52:c7:dd:ce:b8:71:f5:78:58:3c:76:88:39:c2:1b:
3e:76:99:b8:c4:d7:b1:4f:d4:ff:de:9e:c9:10:e0:
4c:47:c0:df:89:43:79:2c:59:65:f9:41:b0:cb:46:
24:72:61:cb:e2:2a:57:ec:d8:8d:40:49:cb:45:f8:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3D:05:1F:40:C1:BC:3A:A2:84:CF:CF:7A:13:6D:1E:64:62:F6:8B
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/jj0FH0DBvDqihM_PehNtHmRi9os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.224.0/22
83.119.0.0/19
85.148.0.0/15
IPv6:
2a02:2500::/32
Signature Algorithm: sha256WithRSAEncryption
07:70:b9:72:9c:11:5e:9f:de:d1:43:d6:6a:20:b9:93:08:71:
0c:b2:b8:dc:3d:82:e6:7b:a5:98:3e:2e:f1:2b:3b:c2:0c:9a:
0b:5a:0e:60:3f:de:30:3a:04:3d:c8:05:0d:7e:db:d9:2d:ad:
a6:4f:95:c6:34:bb:8d:d2:ad:69:fc:21:24:6b:5b:29:03:1e:
49:f3:22:3e:8a:ba:cd:6a:5a:8b:5a:e1:38:5d:39:06:b6:ab:
ee:d8:3b:e3:50:08:e7:37:e3:8a:1e:30:5b:9c:a2:8b:83:4c:
7c:8e:b7:cf:27:95:0e:30:ea:87:e8:72:f4:c7:0f:ba:ab:6c:
7c:09:78:c9:88:1f:14:18:3c:a4:99:9a:2c:8f:83:ed:87:5d:
7f:7d:e2:6d:13:15:ab:46:b9:c2:20:84:9e:e9:18:d9:86:43:
c5:ef:33:06:42:85:41:70:7a:d0:a6:2a:71:1a:6c:81:e2:dc:
28:dc:47:d8:16:78:bd:e3:e9:f9:ca:6f:02:3e:96:b2:fb:a7:
36:02:71:1c:3c:73:73:75:fc:3b:8e:1f:fd:aa:87:63:31:0c:
5d:b2:1d:1d:12:f7:dc:48:a1:19:fa:e4:fd:ac:82:d6:51:8c:
bc:65:5a:ef:c9:52:4b:92:ae:c3:ca:c3:c5:77:a2:a2:c9:f0:
be:2b:d9:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQhREORuT50aSrl8f1cL1f6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTk2Y2VjYzIxZGQwMjY3N2E3MjdlZjM3ZjA2ODk1NDZl
YTUwOTcwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNkMDUxZjQwYzFiYzNhYTI4NGNmY2Y3YTEzNmQxZTY0NjJmNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApol42goqqlHwscADTycQB48uERjm
W2KjRtFQBpUv5jbpJDlK7UI2bEpI5te7uk1XrTTvf8iuIO0r3hj/lWN9Vo/Uj/if
0GJRSNFYbJ0upggeOARomXcMQdUGLve5GCcHo7LuRulobhHYfwjoVECIbMi4wQN4
oPrs3V4CHwGAM8miG+qVRI0hfY5AGNRRmazzcjebpFSCh5LMGqscPEUJW61uC55x
10GS/Eh1jRNmrpCjWoX08BjgX7xL/0iJAMv1iVVSx93OuHH1eFg8dog5whs+dpm4
xNexT9T/3p7JEOBMR8DfiUN5LFll+UGwy0YkcmHL4ipX7NiNQEnLRfiOgQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI49BR9Awbw6ooTPz3oTbR5kYvaLMB8GA1UdIwQY
MBaAFElZbOzCHdAmd6cn7zfwaJVG6lCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUt
ODk3ZDAwOTc3ZmYyLzEvamowRkgwREJ2RHFpaE1fUGVoTnRIbVJpOW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUtODk3ZDAwOTc3ZmYy
LzEvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCU3bgAwQF
U3cAAwMBVZQwDQQCAAIwBwMFACoCJQAwDQYJKoZIhvcNAQELBQADggEBAAdwuXKc
EV6f3tFD1moguZMIcQyyuNw9guZ7pZg+LvErO8IMmgtaDmA/3jA6BD3IBQ1+29kt
raZPlcY0u43SrWn8ISRrWykDHknzIj6Kus1qWota4ThdOQa2q+7YO+NQCOc344oe
MFucoouDTHyOt88nlQ4w6ofocvTHD7qrbHwJeMmIHxQYPKSZmiyPg+2HXX994m0T
FatGucIghJ7pGNmGQ8XvMwZChUFwetCmKnEabIHi3CjcR9gWeL3j6fnKbwI+lrL7
pzYCcRw8c3N1/DuOH/2qh2MxDF2yHR0S99xIoRn65P2sgtZRjLxlWu/JUkuSrsPK
w8V3oqLJ8L4r2fg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:15:51 2025 by rpki-client