Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/jx4NNkHPAbONhfyLhU8TOxw7M1s.roa
File: jx4NNkHPAbONhfyLhU8TOxw7M1s.roa (raw, json)
Hash identifier: g2tq87dmJIfsiGuaezvjDvuxwyvPju47/Uw+kKdECC0=
Subject key identifier: 8F:1E:0D:36:41:CF:01:B3:8D:85:FC:8B:85:4F:13:3B:1C:3B:33:5B
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 0194221FDA79EEE36DCB634B36A9C976806A
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/jx4NNkHPAbONhfyLhU8TOxw7M1s.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44574
IP address blocks: 5.153.96.0/21 maxlen: 24
5.153.192.0/19 maxlen: 24
31.12.96.0/19 maxlen: 24
31.13.0.0/21 maxlen: 24
37.252.32.0/19 maxlen: 24
91.199.78.0/24 maxlen: 24
93.121.0.0/17 maxlen: 24
95.172.224.0/19 maxlen: 24
151.249.0.0/18 maxlen: 24
159.20.32.0/19 maxlen: 24
185.196.80.0/22 maxlen: 24
212.105.160.0/19 maxlen: 24
2001:67c:2544::/48 maxlen: 48
2a00:10e8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:da:79:ee:e3:6d:cb:63:4b:36:a9:c9:76:80:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f1e0d3641cf01b38d85fc8b854f133b1c3b335b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:10:73:5a:05:63:66:ab:75:f7:8d:58:b8:0a:
ae:e3:1d:8a:ab:c1:0a:da:fa:3a:c4:a9:72:43:31:
f6:50:4d:80:df:b8:8f:f6:48:22:2a:2a:7a:aa:82:
d5:73:3b:bb:5e:1e:68:29:6a:43:52:47:c2:dd:32:
67:ba:62:b8:e4:95:5c:d5:7a:40:50:56:b6:fd:b2:
9d:eb:61:34:87:7b:ea:2a:50:0c:00:2d:6d:43:9b:
8d:e1:41:18:e5:8a:96:2c:4d:e5:fe:15:bc:57:9a:
a4:76:5e:68:82:af:ae:00:c2:81:e9:fc:4b:1b:ff:
67:8d:ca:5b:ca:6f:6e:c0:d8:24:59:7c:9c:42:99:
69:4f:23:f7:e1:01:6f:45:81:9a:22:85:b0:07:7f:
f1:bc:4f:b6:24:e2:5e:ad:66:1e:88:c2:8c:83:7e:
71:13:96:04:0a:03:be:e8:14:6d:7f:d8:f4:ed:1b:
98:95:22:6e:f0:70:ba:ab:e3:56:77:0b:c8:1c:21:
c5:d7:8d:7b:76:57:6b:a5:47:83:f0:56:26:b3:9b:
5b:34:b3:46:5e:77:22:22:0c:98:0f:88:f0:75:fb:
71:91:cb:dc:54:fd:72:c1:c9:3c:44:26:ab:51:b8:
22:be:ee:c2:e7:a9:a4:10:66:50:bd:07:23:37:3b:
49:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1E:0D:36:41:CF:01:B3:8D:85:FC:8B:85:4F:13:3B:1C:3B:33:5B
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/jx4NNkHPAbONhfyLhU8TOxw7M1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.96.0/21
5.153.192.0/19
31.12.96.0/19
31.13.0.0/21
37.252.32.0/19
91.199.78.0/24
93.121.0.0/17
95.172.224.0/19
151.249.0.0/18
159.20.32.0/19
185.196.80.0/22
212.105.160.0/19
IPv6:
2001:67c:2544::/48
2a00:10e8::/29
Signature Algorithm: sha256WithRSAEncryption
0f:86:dc:cb:50:4f:ee:58:db:97:81:d9:cb:80:5c:6d:c1:cb:
5f:79:36:be:4e:50:f7:3b:b8:fb:c6:f7:63:02:42:34:f0:fd:
20:b0:76:88:13:65:c3:27:69:d8:7e:70:7d:40:ff:db:98:41:
90:15:18:6d:6c:47:a3:15:90:5e:74:88:ad:51:be:00:de:44:
75:f0:d0:5d:98:b5:02:f0:30:00:11:d7:01:a1:af:9b:15:dd:
11:85:df:64:fc:4a:9c:97:e1:9c:42:98:99:2d:27:5e:66:6a:
0e:21:ec:98:ca:88:91:a7:f7:da:12:43:cb:ca:20:11:15:7b:
bc:81:51:21:4c:93:35:71:e5:01:64:3d:0a:d2:82:37:b7:94:
82:52:57:17:6b:ff:6f:69:c5:18:c3:34:6d:57:e9:47:7e:52:
43:b6:c5:a5:be:92:8e:4e:3f:7a:83:45:f1:42:e6:6f:52:73:
c7:ed:83:49:e0:d7:ba:0c:8d:6d:ac:e6:5a:38:28:3c:f3:38:
96:25:93:86:c5:09:11:7f:90:9d:30:06:d3:83:4a:9c:f8:3b:
ed:69:90:72:83:c5:38:af:a5:79:cf:3d:b3:d1:e9:9b:7b:fd:
3c:4f:2e:64:ab:4d:bf:9a:f9:96:72:4b:26:2c:85:ec:89:34:
88:86:8d:dc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQiH9p57uNty2NLNqnJdoBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjFlMGQzNjQxY2YwMWIzOGQ4NWZjOGI4NTRmMTMzYjFjM2IzMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBBzWgVjZqt1941YuAqu4x2Kq8EK
2vo6xKlyQzH2UE2A37iP9kgiKip6qoLVczu7Xh5oKWpDUkfC3TJnumK45JVc1XpA
UFa2/bKd62E0h3vqKlAMAC1tQ5uN4UEY5YqWLE3l/hW8V5qkdl5ogq+uAMKB6fxL
G/9njcpbym9uwNgkWXycQplpTyP34QFvRYGaIoWwB3/xvE+2JOJerWYeiMKMg35x
E5YECgO+6BRtf9j07RuYlSJu8HC6q+NWdwvIHCHF1417dldrpUeD8FYms5tbNLNG
XnciIgyYD4jwdftxkcvcVP1ywck8RCarUbgivu7C56mkEGZQvQcjNztJ4wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFI8eDTZBzwGzjYX8i4VPEzscOzNbMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvang0Tk5rSFBBYk9OaGZ5TGhVOFRPeHc3TTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBOBAIAATBIAwQDBZlgAwQF
BZnAAwQFHwxgAwQDHw0AAwQFJfwgAwQAW8dOAwQHXXkAAwQFX6zgAwQGl/kAAwQF
nxQgAwQCucRQAwQF1GmgMBYEAgACMBADBwAgAQZ8JUQDBQMqABDoMA0GCSqGSIb3
DQEBCwUAA4IBAQAPhtzLUE/uWNuXgdnLgFxtwctfeTa+TlD3O7j7xvdjAkI08P0g
sHaIE2XDJ2nYfnB9QP/bmEGQFRhtbEejFZBedIitUb4A3kR18NBdmLUC8DAAEdcB
oa+bFd0Rhd9k/Eqcl+GcQpiZLSdeZmoOIeyYyoiRp/faEkPLyiARFXu8gVEhTJM1
ceUBZD0K0oI3t5SCUlcXa/9vacUYwzRtV+lHflJDtsWlvpKOTj96g0XxQuZvUnPH
7YNJ4Ne6DI1trOZaOCg88ziWJZOGxQkRf5CdMAbTg0qc+DvtaZByg8U4r6V5zz2z
0embe/08Ty5kq02/mvmWcksmLIXsiTSIho3c
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:04:56 2025 by rpki-client