Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JJidGXds83DsEMkNKrI9_k1cYjI.roa
File: JJidGXds83DsEMkNKrI9_k1cYjI.roa (raw, json)
Hash identifier: I5uYSFl5W1HuOPluOLWo3xeNCjWyApRPnNA2+arSAVg=
Subject key identifier: 24:98:9D:19:77:6C:F3:70:EC:10:C9:0D:2A:B2:3D:FE:4D:5C:62:32
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747D4DEFA24A73A7665E03A477FEA58
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JJidGXds83DsEMkNKrI9_k1cYjI.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49870
IP address blocks: 2.56.167.0/24 maxlen: 24
45.81.21.0/24 maxlen: 24
45.81.22.0/23 maxlen: 23
45.140.222.0/23 maxlen: 23
77.83.240.0/24 maxlen: 24
89.190.156.0/24 maxlen: 24
89.190.159.0/24 maxlen: 24
194.50.16.0/23 maxlen: 24
212.107.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d4:de:fa:24:a7:3a:76:65:e0:3a:47:7f:ea:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24989d19776cf370ec10c90d2ab23dfe4d5c6232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9b:94:91:9b:ed:58:32:11:2a:3f:1a:ef:f0:
51:c9:d3:a6:21:86:c8:01:fb:6f:c9:dc:de:b2:bc:
c7:53:c5:19:09:9e:65:5e:c6:bc:5a:cb:b5:40:87:
62:a7:ae:f5:45:90:96:a9:51:09:f2:4e:4e:6f:e5:
6c:0e:5b:a2:fa:34:4d:68:16:2b:97:f8:80:a8:d4:
1b:e7:23:50:1d:73:b8:95:05:09:b2:ff:c7:4a:a6:
69:4a:17:60:76:6d:ae:5c:f6:7d:2b:54:1e:4c:3d:
71:35:dd:7e:9f:6d:ce:d5:40:f5:af:94:d0:ee:cf:
2a:15:0f:02:e2:8a:bc:1b:b6:1c:cb:d0:f2:eb:d7:
34:1c:c3:92:33:0c:32:be:78:2b:22:95:cc:bd:12:
2d:c1:c2:33:6f:d2:5d:f9:ed:39:86:ae:54:be:43:
26:5d:54:0c:9d:b7:96:08:c3:da:d1:c9:7d:ea:f0:
6f:67:9f:48:5f:b0:14:b4:dd:1c:b3:8c:cc:70:c4:
33:7e:58:4c:91:d5:a6:82:c1:bf:31:1f:a7:91:ef:
bc:50:ae:2b:e3:67:3b:88:f8:3f:dc:c4:30:4b:63:
ed:b2:7a:ec:a5:d5:c3:e9:ff:8b:30:e5:d1:3c:27:
9a:dd:e5:1f:9c:d1:a1:54:10:4b:96:06:28:60:93:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:98:9D:19:77:6C:F3:70:EC:10:C9:0D:2A:B2:3D:FE:4D:5C:62:32
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/JJidGXds83DsEMkNKrI9_k1cYjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.167.0/24
45.81.21.0-45.81.23.255
45.140.222.0/23
77.83.240.0/24
89.190.156.0/24
89.190.159.0/24
194.50.16.0/23
212.107.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:dd:10:47:44:a5:35:4a:fc:7a:b3:e2:98:14:ff:12:ba:8e:
db:4b:32:f1:40:31:63:64:e3:24:74:9e:37:cb:d4:6c:a8:a5:
c5:14:d1:cb:cb:59:58:98:ef:b6:57:f4:8d:46:7c:d6:1c:8f:
e8:ae:c9:02:59:a1:46:6d:5d:f4:ea:4d:b1:78:87:fa:0d:61:
11:ba:0b:eb:9a:f9:f1:85:05:5d:80:6f:a9:dc:e1:23:e9:50:
58:1d:6f:47:93:17:be:7b:78:a0:ad:c7:42:7f:4c:ba:cd:d9:
76:e7:03:3e:c8:16:f3:52:d1:b2:9b:60:af:56:ea:c7:bf:d2:
f7:32:4f:b4:bc:72:fa:22:34:bf:6c:44:30:dc:8c:b2:20:7e:
a9:8c:a5:a5:09:b6:f1:79:99:0f:91:a4:33:96:a5:25:40:ce:
37:30:bb:08:90:d8:e1:01:a1:6f:45:19:fe:da:e2:84:78:13:
b0:a4:c5:96:22:99:cb:bb:77:03:d5:6e:f0:fb:fd:b6:0e:8c:
bf:9e:e8:f2:34:e1:ce:68:ad:58:b4:96:b3:d2:60:d8:ad:b2:
72:cb:a5:75:15:41:ba:81:ba:68:98:7e:08:91:20:ff:c2:0c:
24:ab:c8:55:24:1c:62:1f:f2:52:2b:e2:7a:32:b7:d6:6d:af:
30:9a:0f:51
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQnR9Te+iSnOnZl4DpHf+pYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDk4OWQxOTc3NmNmMzcwZWMxMGM5MGQyYWIyM2RmZTRkNWM2MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZuUkZvtWDIRKj8a7/BRydOmIYbI
AftvydzesrzHU8UZCZ5lXsa8Wsu1QIdip671RZCWqVEJ8k5Ob+VsDlui+jRNaBYr
l/iAqNQb5yNQHXO4lQUJsv/HSqZpShdgdm2uXPZ9K1QeTD1xNd1+n23O1UD1r5TQ
7s8qFQ8C4oq8G7Ycy9Dy69c0HMOSMwwyvngrIpXMvRItwcIzb9Jd+e05hq5UvkMm
XVQMnbeWCMPa0cl96vBvZ59IX7AUtN0cs4zMcMQzflhMkdWmgsG/MR+nke+8UK4r
42c7iPg/3MQwS2PtsnrspdXD6f+LMOXRPCea3eUfnNGhVBBLlgYoYJMjMwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCSYnRl3bPNw7BDJDSqyPf5NXGIyMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSkppZEdYZHM4M0RzRU1rTktySTlfazFjWWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAAjinMAwD
BAAtURUDBAMtURADBAEtjN4DBABNU/ADBABZvpwDBABZvp8DBAHCMhADBADUawww
DQYJKoZIhvcNAQELBQADggEBAHzdEEdEpTVK/Hqz4pgU/xK6jttLMvFAMWNk4yR0
njfL1GyopcUU0cvLWViY77ZX9I1GfNYcj+iuyQJZoUZtXfTqTbF4h/oNYRG6C+ua
+fGFBV2Ab6nc4SPpUFgdb0eTF757eKCtx0J/TLrN2XbnAz7IFvNS0bKbYK9W6se/
0vcyT7S8cvoiNL9sRDDcjLIgfqmMpaUJtvF5mQ+RpDOWpSVAzjcwuwiQ2OEBoW9F
Gf7a4oR4E7CkxZYimcu7dwPVbvD7/bYOjL+e6PI04c5orVi0lrPSYNitsnLLpXUV
QbqBumiYfgiRIP/CDCSryFUkHGIf8lIr4noyt9ZtrzCaD1E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:01:44 2025 by rpki-client