Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/e_JO57HIUgxnL2zZw_SZRKtvz2k.roa
File: e_JO57HIUgxnL2zZw_SZRKtvz2k.roa (raw, json)
Hash identifier: kYzJL9upOKUtQTqnQ+rXijBf3P483K+T+FEi6SAaLE0=
Subject key identifier: 7B:F2:4E:E7:B1:C8:52:0C:67:2F:6C:D9:C3:F4:99:44:AB:6F:CF:69
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 01942445122388656B0B4745266285C812E1
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/e_JO57HIUgxnL2zZw_SZRKtvz2k.roa
Signing time: Wed 01 Jan 2025 23:48:13 +0000
ROA not before: Wed 01 Jan 2025 23:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16347
IP address blocks: 85.14.166.0/23 maxlen: 23
85.14.174.0/24 maxlen: 24
85.14.178.0/23 maxlen: 23
109.74.84.0/23 maxlen: 23
109.74.91.0/24 maxlen: 24
217.171.23.0/24 maxlen: 24
217.171.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:12:23:88:65:6b:0b:47:45:26:62:85:c8:12:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 23:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bf24ee7b1c8520c672f6cd9c3f49944ab6fcf69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:38:5a:6a:d5:6c:96:32:44:28:39:b8:35:
83:65:71:1b:38:dc:85:1e:52:4d:49:cf:96:c1:80:
c9:58:18:cf:01:85:71:9c:46:35:41:8c:f1:55:32:
b3:ca:c5:f3:58:a9:47:b4:90:e5:1a:53:76:cc:2e:
3d:a8:bc:b6:f7:a5:ef:64:de:69:5a:c5:2d:63:89:
57:d1:50:7c:53:a5:01:ab:bd:b0:2e:ec:99:9e:f2:
57:8f:d8:ae:6d:ce:d5:c4:09:0f:20:63:fb:fc:f9:
6e:95:f8:96:25:10:68:51:af:24:5f:67:b7:32:98:
52:8f:40:21:cb:d2:dc:e3:c3:4f:18:73:4e:de:a3:
4e:e7:7a:75:15:dc:d5:14:07:0e:4b:26:aa:98:dd:
e2:c9:a4:fb:bd:bb:a3:80:4c:6a:60:f3:1b:f6:c4:
50:02:dc:5a:b0:d3:56:c7:05:cf:81:93:cc:7e:b1:
9c:56:4b:a1:89:c3:16:67:69:60:63:26:8a:b8:62:
5c:52:a2:4b:86:28:88:51:21:3e:51:85:30:4c:df:
0c:9a:7c:68:9a:c4:52:b1:5b:1b:56:71:3c:b0:e6:
5d:14:48:74:49:28:0b:1f:cb:8a:50:a8:71:a3:6c:
38:e7:b7:de:5c:81:92:d3:46:28:e4:b2:53:23:45:
03:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F2:4E:E7:B1:C8:52:0C:67:2F:6C:D9:C3:F4:99:44:AB:6F:CF:69
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/e_JO57HIUgxnL2zZw_SZRKtvz2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.166.0/23
85.14.174.0/24
85.14.178.0/23
109.74.84.0/23
109.74.91.0/24
217.171.23.0/24
217.171.28.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:1c:17:b3:b7:9f:08:a9:05:e9:9e:02:34:ae:bd:93:fa:8d:
df:f1:aa:34:b9:d5:05:b8:b5:ff:4e:40:b8:13:7d:3f:bf:1e:
c6:6a:e3:09:2b:9f:07:db:c5:e3:78:e5:5a:7c:a3:53:97:75:
23:db:4c:29:a6:1e:95:80:33:c4:bc:c9:ac:97:15:2f:32:c5:
d5:88:c1:b5:ac:f3:17:ed:8c:cf:53:4e:56:0a:85:88:88:01:
47:df:b0:83:ee:c3:10:19:4b:fa:53:ed:af:14:b1:0d:31:4f:
cd:fb:a3:d9:c5:fc:73:61:f2:53:35:59:8e:0a:e4:6b:cc:f1:
e8:82:32:7a:e8:4d:51:fa:05:6d:09:1a:d3:66:e4:77:b9:29:
1f:d9:e6:e5:ba:13:e8:d1:9e:aa:e8:4a:71:9d:45:ed:28:0c:
ca:e5:77:ff:9b:ba:39:20:d5:12:cc:93:4f:ff:07:45:ba:94:
91:0f:61:1d:be:ea:13:0c:66:6f:9e:66:d0:2d:0f:44:01:07:
d8:6d:5e:bc:bd:b7:1c:09:3a:b5:24:69:12:df:62:b9:11:e4:
e9:ba:bf:b3:d8:88:f0:b5:c2:1f:dc:54:94:ae:8b:1a:71:94:
74:3e:f7:ec:5d:37:fc:97:ec:dc:cf:76:4e:b2:c2:e9:d9:67:
a5:67:82:5c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQkRRIjiGVrC0dFJmKFyBLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjUwMTAxMjM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYyNGVlN2IxYzg1MjBjNjcyZjZjZDljM2Y0OTk0NGFiNmZjZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTk4WmrVbJYyRCg5uDWDZXEbONyF
HlJNSc+WwYDJWBjPAYVxnEY1QYzxVTKzysXzWKlHtJDlGlN2zC49qLy296XvZN5p
WsUtY4lX0VB8U6UBq72wLuyZnvJXj9iubc7VxAkPIGP7/PlulfiWJRBoUa8kX2e3
MphSj0Ahy9Lc48NPGHNO3qNO53p1FdzVFAcOSyaqmN3iyaT7vbujgExqYPMb9sRQ
AtxasNNWxwXPgZPMfrGcVkuhicMWZ2lgYyaKuGJcUqJLhiiIUSE+UYUwTN8Mmnxo
msRSsVsbVnE8sOZdFEh0SSgLH8uKUKhxo2w457feXIGS00Yo5LJTI0UDlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHvyTuexyFIMZy9s2cP0mUSrb89pMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvZV9KTzU3SElVZ3huTDJ6WndfU1pSS3R2ejJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVQ6mAwQA
VQ6uAwQBVQ6yAwQBbUpUAwQAbUpbAwQA2asXAwQA2ascMA0GCSqGSIb3DQEBCwUA
A4IBAQCsHBezt58IqQXpngI0rr2T+o3f8ao0udUFuLX/TkC4E30/vx7GauMJK58H
28XjeOVafKNTl3Uj20wpph6VgDPEvMmslxUvMsXViMG1rPMX7YzPU05WCoWIiAFH
37CD7sMQGUv6U+2vFLENMU/N+6PZxfxzYfJTNVmOCuRrzPHogjJ66E1R+gVtCRrT
ZuR3uSkf2ebluhPo0Z6q6EpxnUXtKAzK5Xf/m7o5INUSzJNP/wdFupSRD2EdvuoT
DGZvnmbQLQ9EAQfYbV68vbccCTq1JGkS32K5EeTpur+z2IjwtcIf3FSUrosacZR0
PvfsXTf8l+zcz3ZOssLp2WelZ4Jc
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:02 2025 by rpki-client