Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/jdL88fKfBRcDZQd2LJ3KQAGZWz0.roa
File: jdL88fKfBRcDZQd2LJ3KQAGZWz0.roa (raw, json)
Hash identifier: Rtx6TLOA/PMGBKD0sU4jO9D8OJMlb2E7ArhYwQT50vQ=
Subject key identifier: 8D:D2:FC:F1:F2:9F:05:17:03:65:07:76:2C:9D:CA:40:01:99:5B:3D
Certificate issuer: /CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Certificate serial: 0194214433A63A7E0E156521BE73B0F55974
Authority key identifier: C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/jdL88fKfBRcDZQd2LJ3KQAGZWz0.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50910
IP address blocks: 80.85.209.0/24 maxlen: 24
80.85.210.0/23 maxlen: 23
80.85.212.0/22 maxlen: 22
80.85.212.0/24 maxlen: 24
80.85.213.0/24 maxlen: 24
80.85.214.0/23 maxlen: 23
80.85.216.0/21 maxlen: 21
80.85.216.0/22 maxlen: 22
80.85.219.0/24 maxlen: 24
80.85.220.0/23 maxlen: 23
80.85.222.0/24 maxlen: 24
80.85.223.0/24 maxlen: 24
109.232.152.0/21 maxlen: 21
109.232.152.0/22 maxlen: 22
109.232.152.0/24 maxlen: 24
109.232.153.0/24 maxlen: 24
109.232.154.0/24 maxlen: 24
109.232.155.0/24 maxlen: 24
109.232.156.0/23 maxlen: 23
109.232.158.0/24 maxlen: 24
109.232.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:33:a6:3a:7e:0e:15:65:21:be:73:b0:f5:59:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dd2fcf1f29f0517036507762c9dca4001995b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:35:5b:1c:5a:ee:ea:85:84:dc:c2:a6:3d:ae:
f4:c1:c0:f7:6d:4c:02:68:56:a0:f1:41:ac:ef:37:
ef:67:d2:e5:ba:f9:15:e7:87:06:d2:a6:cd:d6:cd:
79:6d:5e:b5:03:3e:5d:93:ef:39:19:c1:49:28:dd:
65:2d:b2:fe:7f:ef:ea:31:c8:74:bc:36:33:fb:ec:
7f:5c:ec:2e:3e:55:30:bb:5a:22:e8:a8:3b:2f:14:
ec:0a:d7:46:55:b1:a5:7f:74:51:05:32:22:b6:df:
d7:44:d5:54:53:e4:b4:54:5a:58:e3:5d:83:81:15:
71:bd:61:38:1a:2b:7e:c2:08:94:9f:55:f3:de:82:
8d:40:d4:39:7b:6d:3d:0f:60:e5:89:10:9b:96:91:
bb:d6:0e:89:43:3d:e7:16:c1:5d:8a:e9:e4:6f:53:
29:27:75:2e:10:ed:92:2d:7f:95:05:16:b0:3b:52:
cf:67:fe:ea:8c:c4:8e:ec:72:ee:03:df:a9:53:9d:
75:28:09:0a:1c:93:88:b1:c8:de:a6:03:cb:38:18:
31:5e:82:81:9a:5e:c2:36:d5:ce:f7:2c:0e:85:3f:
00:d8:5b:11:82:98:a3:15:b1:f8:9d:02:d6:90:0a:
3b:aa:94:4d:79:f0:b1:6a:de:9a:92:6e:b6:34:4a:
4b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D2:FC:F1:F2:9F:05:17:03:65:07:76:2C:9D:CA:40:01:99:5B:3D
X509v3 Authority Key Identifier:
keyid:C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/jdL88fKfBRcDZQd2LJ3KQAGZWz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.209.0-80.85.223.255
109.232.152.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:cf:98:b3:43:26:5c:cf:dc:46:e8:89:64:cf:54:d6:6f:c4:
66:a1:04:c6:0d:da:92:7a:9a:7a:e1:a0:1c:17:04:5e:a7:61:
d3:93:a9:45:9b:7a:08:d3:9d:44:71:94:65:03:48:39:8e:f3:
2d:69:68:15:88:d6:58:de:c5:83:43:fb:07:c9:9c:54:09:5a:
39:42:a7:7a:71:29:e5:86:a7:29:15:ae:05:d2:a0:8a:e2:74:
97:58:02:ab:ff:89:e3:c0:2c:80:b9:4c:43:15:6b:91:05:7e:
77:e3:74:06:8c:a3:0a:9f:e5:f8:db:3f:f0:eb:03:b6:d4:ec:
4f:47:f9:22:09:9b:ef:aa:85:63:11:ec:c6:57:02:89:cf:1d:
9d:d5:0f:69:65:c7:50:ac:cd:74:18:23:37:0a:b5:d4:0a:2f:
32:a0:cc:5a:bd:c1:98:be:d9:8a:34:1d:01:a2:71:57:62:91:
cf:b5:7a:d7:c4:c7:24:f8:9b:25:49:e8:72:1d:f2:d1:50:cc:
0e:56:40:74:da:0f:4d:b8:e4:21:95:b5:b9:02:d5:68:b1:d1:
2f:f0:71:92:cd:15:37:2e:af:b4:99:4d:06:48:85:ab:38:1a:
34:0a:e3:25:ef:9f:1b:30:f4:fd:58:45:af:b1:fa:6b:49:82:
15:dc:6d:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhRDOmOn4OFWUhvnOw9Vl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjQzNTFlMGE0OTVjMjZlZmRjNmU0MTVmMGJiMTg5ZmJi
ZDZlZGYwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQyZmNmMWYyOWYwNTE3MDM2NTA3NzYyYzlkY2E0MDAxOTk1YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDVbHFru6oWE3MKmPa70wcD3bUwC
aFag8UGs7zfvZ9LluvkV54cG0qbN1s15bV61Az5dk+85GcFJKN1lLbL+f+/qMch0
vDYz++x/XOwuPlUwu1oi6Kg7LxTsCtdGVbGlf3RRBTIitt/XRNVUU+S0VFpY412D
gRVxvWE4Git+wgiUn1Xz3oKNQNQ5e209D2DliRCblpG71g6JQz3nFsFdiunkb1Mp
J3UuEO2SLX+VBRawO1LPZ/7qjMSO7HLuA9+pU511KAkKHJOIscjepgPLOBgxXoKB
ml7CNtXO9ywOhT8A2FsRgpijFbH4nQLWkAo7qpRNefCxat6akm62NEpLpwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI3S/PHynwUXA2UHdiydykABmVs9MB8GA1UdIwQY
MBaAFMO0NR4KSVwm79xuQV8LsYn7vW7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdRMUhncEpYQ2J2M0c1Qlh3dXhpZnU5YnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zN2UzNjMtODRkMS00NzBlLTk2YTIt
MGVmMWNhYzc0MThkLzEvamRMODhmS2ZCUmNEWlFkMkxKM0tRQUdaV3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zN2UzNjMtODRkMS00NzBlLTk2YTItMGVmMWNhYzc0MThk
LzEvdzdRMUhncEpYQ2J2M0c1Qlh3dXhpZnU5YnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABQVdED
BAVQVcADBANt6JgwDQYJKoZIhvcNAQELBQADggEBAB3PmLNDJlzP3EboiWTPVNZv
xGahBMYN2pJ6mnrhoBwXBF6nYdOTqUWbegjTnURxlGUDSDmO8y1paBWI1ljexYND
+wfJnFQJWjlCp3pxKeWGpykVrgXSoIridJdYAqv/iePALIC5TEMVa5EFfnfjdAaM
owqf5fjbP/DrA7bU7E9H+SIJm++qhWMR7MZXAonPHZ3VD2llx1CszXQYIzcKtdQK
LzKgzFq9wZi+2Yo0HQGicVdikc+1etfExyT4myVJ6HId8tFQzA5WQHTaD0245CGV
tbkC1Wix0S/wcZLNFTcur7SZTQZIhas4GjQK4yXvnxsw9P1YRa+x+mtJghXcbQ4=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:57 2025 by rpki-client