Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JD10CY-i84YcUMqJlGDowbidmN8.roa
File: JD10CY-i84YcUMqJlGDowbidmN8.roa (raw, json)
Hash identifier: XMDhrcZoGK5i42ls2n+Jvun/2Ta8y4audrWdpm2Fv7o=
Subject key identifier: 24:3D:74:09:8F:A2:F3:86:1C:50:CA:89:94:60:E8:C1:B8:9D:98:DF
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FF3CA908DDCA476C50B1FEBC3F3F4
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JD10CY-i84YcUMqJlGDowbidmN8.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213757
IP address blocks: 207.244.210.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f3:ca:90:8d:dc:a4:76:c5:0b:1f:eb:c3:f3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=243d74098fa2f3861c50ca899460e8c1b89d98df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:96:f4:f3:be:22:9a:bf:5e:82:12:74:35:
b4:a3:d6:32:44:2b:96:5d:14:55:1d:fd:4f:92:05:
80:8e:84:bb:fe:27:f5:e4:ac:64:83:db:53:47:1b:
73:04:62:a8:8a:48:90:c1:47:b3:4e:07:e3:5d:58:
27:b1:c4:11:e9:4d:65:e4:29:3f:45:c6:ae:7a:ef:
2d:2c:58:00:4b:ea:d9:cc:cd:b7:7b:f0:2e:e5:d6:
e5:85:1c:23:c8:05:77:3f:e6:1b:8f:32:32:19:a9:
c0:9c:2d:25:a9:2b:20:0e:d4:7a:eb:f7:d8:22:0f:
45:2b:cc:63:5a:11:a6:d2:36:75:fc:a7:38:d1:4b:
4c:c7:d5:ef:ab:c9:fa:34:c5:5b:20:f9:b3:ab:49:
79:61:58:52:6a:2e:19:ad:63:67:78:d7:3c:e5:ea:
b3:ee:e7:21:69:18:19:00:ef:ff:8d:3d:dc:03:bb:
3a:d8:e7:24:1d:1f:04:28:ee:6b:e2:02:0c:90:2f:
31:c4:ed:5a:08:26:85:49:e9:d4:e1:76:b2:79:ec:
cc:52:e0:0e:97:7a:ac:9c:0d:b1:41:1b:bb:8b:7c:
c3:d0:6e:c1:bd:c0:51:23:a5:ce:36:f2:9b:e6:28:
da:a8:d6:68:f4:d8:4a:0c:f9:5f:1d:bf:9a:c5:d3:
ee:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3D:74:09:8F:A2:F3:86:1C:50:CA:89:94:60:E8:C1:B8:9D:98:DF
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/JD10CY-i84YcUMqJlGDowbidmN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.210.0/23
Signature Algorithm: sha256WithRSAEncryption
50:79:0e:f5:5c:d9:75:90:a2:7c:37:23:b6:84:56:55:bc:5d:
35:2e:7c:ca:4d:c4:7d:28:ce:2a:25:a9:40:c1:2c:e0:20:73:
94:e7:09:b2:1a:1c:8e:69:29:bc:5d:09:d0:3f:09:92:31:c4:
a3:57:c4:af:43:8e:d3:5a:a3:52:47:ae:b5:df:98:7a:6e:91:
f6:4a:8a:3e:73:cb:4a:8c:15:eb:34:a3:ce:a6:2e:2f:b7:2b:
70:ef:88:5c:b3:7b:80:48:9d:c0:14:a7:af:c0:c5:c1:f0:b5:
cf:73:e3:7a:ed:dc:a8:bc:48:9c:f3:da:a9:f7:16:de:87:b9:
bb:af:74:fc:45:8b:51:29:53:fb:4b:da:ad:9e:3f:d9:68:29:
77:9f:45:a1:e7:f2:d8:1f:d6:33:85:84:60:3d:66:01:62:5a:
e4:6c:2b:56:26:5a:27:a5:fd:1a:2e:e5:f4:3b:60:b3:b1:38:
37:51:04:0d:3f:f6:c4:9d:c0:b7:fc:87:75:56:f9:b9:91:14:
1c:00:d9:a3:52:1a:85:c9:f4:a1:78:d0:5b:11:d8:cd:c2:c4:
aa:3f:0b:4d:66:01:1e:78:ea:cb:d5:1a:15:49:77:64:0f:93:
7e:cd:02:f0:f2:39:bd:d2:e1:31:f7:88:c3:0f:c9:d2:2c:0b:
ea:d8:1e:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/PKkI3cpHbFCx/rw/P0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNkNzQwOThmYTJmMzg2MWM1MGNhODk5NDYwZThjMWI4OWQ5OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN2W9PO+Ipq/XoISdDW0o9YyRCuW
XRRVHf1PkgWAjoS7/if15Kxkg9tTRxtzBGKoikiQwUezTgfjXVgnscQR6U1l5Ck/
Rcaueu8tLFgAS+rZzM23e/Au5dblhRwjyAV3P+YbjzIyGanAnC0lqSsgDtR66/fY
Ig9FK8xjWhGm0jZ1/Kc40UtMx9Xvq8n6NMVbIPmzq0l5YVhSai4ZrWNneNc85eqz
7uchaRgZAO//jT3cA7s62OckHR8EKO5r4gIMkC8xxO1aCCaFSenU4XayeezMUuAO
l3qsnA2xQRu7i3zD0G7BvcBRI6XONvKb5ijaqNZo9NhKDPlfHb+axdPuyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQ9dAmPovOGHFDKiZRg6MG4nZjfMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvSkQxMENZLWk4NFljVU1xSmxHRG93YmlkbU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBz/TSMA0G
CSqGSIb3DQEBCwUAA4IBAQBQeQ71XNl1kKJ8NyO2hFZVvF01LnzKTcR9KM4qJalA
wSzgIHOU5wmyGhyOaSm8XQnQPwmSMcSjV8SvQ47TWqNSR66135h6bpH2Soo+c8tK
jBXrNKPOpi4vtytw74hcs3uASJ3AFKevwMXB8LXPc+N67dyovEic89qp9xbeh7m7
r3T8RYtRKVP7S9qtnj/ZaCl3n0Wh5/LYH9YzhYRgPWYBYlrkbCtWJlonpf0aLuX0
O2CzsTg3UQQNP/bEncC3/Id1Vvm5kRQcANmjUhqFyfSheNBbEdjNwsSqPwtNZgEe
eOrL1RoVSXdkD5N+zQLw8jm90uEx94jDD8nSLAvq2B72
-----END CERTIFICATE-----
Generated at Sun Feb 2 12:45:44 2025 by rpki-client