Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/JIaqKyRqQoYvD8TsrxLTXGlz8w0.roa
File: JIaqKyRqQoYvD8TsrxLTXGlz8w0.roa (raw, json)
Hash identifier: Do5yTPKJtBZsvnrJAT23fp5uIOvN1opbLPvdDKN40vc=
Subject key identifier: 24:86:AA:2B:24:6A:42:86:2F:0F:C4:EC:AF:12:D3:5C:69:73:F3:0D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C56288F0F37B8AF97087F16A4D55C
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/JIaqKyRqQoYvD8TsrxLTXGlz8w0.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8331
IP address blocks: 80.90.240.0/20 maxlen: 20
80.90.240.0/24 maxlen: 24
80.90.250.0/24 maxlen: 24
80.90.252.0/24 maxlen: 24
80.90.254.0/24 maxlen: 24
86.62.64.0/18 maxlen: 18
86.62.64.0/24 maxlen: 24
86.62.105.0/24 maxlen: 24
195.54.192.0/19 maxlen: 19
195.54.195.0/24 maxlen: 24
195.54.196.0/24 maxlen: 24
195.54.198.0/24 maxlen: 24
195.54.202.0/23 maxlen: 23
195.54.202.0/24 maxlen: 24
195.54.203.0/24 maxlen: 24
195.91.128.0/17 maxlen: 17
2a00:14d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:56:28:8f:0f:37:b8:af:97:08:7f:16:a4:d5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2486aa2b246a42862f0fc4ecaf12d35c6973f30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d7:21:f1:1e:92:89:47:de:62:44:18:ef:4e:
88:9e:62:e5:4b:21:b4:a1:17:f9:a4:e9:dd:b8:0c:
e1:db:18:d3:76:37:2b:89:e1:25:e8:20:b0:94:92:
b6:ed:e2:f2:c4:16:79:47:4c:f3:94:ff:33:68:22:
a0:58:b1:d1:7d:4c:d2:bb:90:ea:20:f4:23:d1:8b:
f3:38:21:e6:8e:7d:5a:ec:a1:ff:86:d7:60:47:ec:
b8:7d:7f:a9:28:ee:44:79:21:06:47:5a:ef:af:78:
c4:22:fe:f8:3a:d2:15:69:28:e6:ad:c0:65:df:c0:
e8:cd:46:02:fc:73:82:91:00:c7:1a:a4:78:24:1e:
90:1b:e3:bc:4b:63:d2:24:9e:7f:f2:db:dc:36:87:
1b:95:3c:35:58:f2:e0:aa:37:8b:5b:dd:e0:d6:89:
29:f3:63:7a:c4:30:1f:f2:3f:e6:7b:94:22:0b:c0:
86:0e:69:d2:c2:38:be:20:66:86:a0:af:d5:96:0a:
1a:f8:f0:5c:8e:13:e1:dd:33:e1:ca:ed:f5:52:ee:
fb:0c:f7:a5:63:af:69:0d:2b:e6:51:af:79:20:e5:
05:7f:8a:e5:c6:db:fd:66:ea:4a:91:5f:d6:2b:26:
79:20:a8:a1:22:f8:6c:fa:e9:d8:85:3e:60:36:56:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:86:AA:2B:24:6A:42:86:2F:0F:C4:EC:AF:12:D3:5C:69:73:F3:0D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/JIaqKyRqQoYvD8TsrxLTXGlz8w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.240.0/20
86.62.64.0/18
195.54.192.0/19
195.91.128.0/17
IPv6:
2a00:14d0::/32
Signature Algorithm: sha256WithRSAEncryption
b7:0f:7f:62:d3:d4:22:cc:bb:6a:dd:6d:34:9b:fe:d5:86:37:
4a:f1:f8:c0:5c:a8:ef:3f:af:33:4e:35:fc:2d:cc:d1:dd:01:
1f:9f:ff:28:bb:54:81:56:e1:0b:06:0c:60:42:40:bb:1a:7d:
78:f4:d8:19:d1:bc:96:1b:4a:d8:52:cf:3f:84:83:6e:61:61:
04:8a:27:bd:d0:af:a8:77:bf:0d:e7:70:90:f7:ab:ed:ef:7f:
b8:c3:ac:64:85:7e:60:24:61:9b:8f:7d:a8:91:fc:60:5e:01:
2c:5f:dc:11:d0:1a:99:ec:02:79:89:21:58:3c:1f:03:ba:5a:
eb:eb:d8:8c:6f:4c:58:88:39:4c:9c:c7:cb:4d:77:af:86:bf:
76:2f:c0:df:ff:c7:39:2d:bc:d4:68:bd:dd:94:c0:aa:3a:4a:
fc:33:bd:f6:66:6f:17:54:56:d8:1a:4b:b2:66:61:b5:5e:53:
f5:1e:79:50:92:3a:46:1c:e5:52:0c:4f:ec:eb:dd:cc:33:f0:
1f:d0:c0:ce:53:96:38:4c:ab:27:f0:11:c9:a1:ea:cc:df:6c:
b6:f2:d4:06:f6:a9:12:52:1c:59:cd:52:e1:21:4f:cf:a2:d4:
dd:de:be:76:5c:f6:08:1d:12:e1:3a:58:e2:e9:3b:fc:cc:ed:
fa:26:9e:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjFYojw83uK+XCH8WpNVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg2YWEyYjI0NmE0Mjg2MmYwZmM0ZWNhZjEyZDM1YzY5NzNmMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdch8R6SiUfeYkQY706InmLlSyG0
oRf5pOnduAzh2xjTdjcrieEl6CCwlJK27eLyxBZ5R0zzlP8zaCKgWLHRfUzSu5Dq
IPQj0YvzOCHmjn1a7KH/htdgR+y4fX+pKO5EeSEGR1rvr3jEIv74OtIVaSjmrcBl
38DozUYC/HOCkQDHGqR4JB6QG+O8S2PSJJ5/8tvcNocblTw1WPLgqjeLW93g1okp
82N6xDAf8j/me5QiC8CGDmnSwji+IGaGoK/Vlgoa+PBcjhPh3TPhyu31Uu77DPel
Y69pDSvmUa95IOUFf4rlxtv9ZupKkV/WKyZ5IKihIvhs+unYhT5gNlZEUQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCSGqiskakKGLw/E7K8S01xpc/MNMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvSklhcUt5UnFRb1l2RDhUc3J4TFRYR2x6OHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFrwAwQG
Vj5AAwQFwzbAAwQHw1uAMA0EAgACMAcDBQAqABTQMA0GCSqGSIb3DQEBCwUAA4IB
AQC3D39i09QizLtq3W00m/7VhjdK8fjAXKjvP68zTjX8LczR3QEfn/8ou1SBVuEL
BgxgQkC7Gn149NgZ0byWG0rYUs8/hINuYWEEiie90K+od78N53CQ96vt73+4w6xk
hX5gJGGbj32okfxgXgEsX9wR0BqZ7AJ5iSFYPB8Dulrr69iMb0xYiDlMnMfLTXev
hr92L8Df/8c5LbzUaL3dlMCqOkr8M732Zm8XVFbYGkuyZmG1XlP1HnlQkjpGHOVS
DE/s693MM/Af0MDOU5Y4TKsn8BHJoerM32y28tQG9qkSUhxZzVLhIU/PotTd3r52
XPYIHRLhOlji6Tv8zO36Jp64
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:23 2025 by rpki-client