Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/gMRvTZlzAH8OSJTttCNJ8Cyj7p4.roa
File: gMRvTZlzAH8OSJTttCNJ8Cyj7p4.roa (raw, json)
Hash identifier: p+544aG9xmj27ntfAfl2YzT4JNjkf/4dF3LHwwe9mf0=
Subject key identifier: 80:C4:6F:4D:99:73:00:7F:0E:48:94:ED:B4:23:49:F0:2C:A3:EE:9E
Certificate issuer: /CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Certificate serial: 01941FFA13A903880B388E80FC501624068D
Authority key identifier: 24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/gMRvTZlzAH8OSJTttCNJ8Cyj7p4.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16190
IP address blocks: 2.56.204.0/22 maxlen: 24
91.195.254.0/23 maxlen: 24
91.195.254.0/24 maxlen: 24
91.195.255.0/24 maxlen: 24
91.198.108.0/23 maxlen: 23
91.198.108.0/24 maxlen: 24
91.198.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:13:a9:03:88:0b:38:8e:80:fc:50:16:24:06:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80c46f4d9973007f0e4894edb42349f02ca3ee9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b5:a6:1e:01:04:fc:7b:9b:21:01:7a:ba:79:
55:0b:43:08:33:d6:d7:3f:0c:b0:e5:0a:55:73:04:
75:e1:14:97:45:69:42:a8:f6:d6:74:4c:f4:3e:e4:
ed:16:d4:2f:50:1e:f2:65:32:9b:01:d9:16:40:82:
b3:2f:44:40:01:30:a4:6c:e8:6e:6d:fa:02:de:33:
b4:11:43:3e:62:3f:65:af:72:20:f1:da:1e:3f:b3:
ad:3d:61:b4:1e:62:b5:1e:fe:0a:30:b0:0f:47:df:
04:ed:7b:7b:04:11:93:a2:65:ad:a0:0f:f5:72:49:
65:7a:7f:98:37:f3:97:58:36:fe:9a:bf:03:59:ec:
d4:e5:2f:0b:5c:73:4a:6c:05:a9:88:8b:9e:85:52:
35:1b:46:68:01:18:14:ab:b5:1b:58:8d:b0:fa:e5:
09:84:e2:b4:fb:c3:19:1f:83:ef:20:2b:ad:b9:2d:
1f:c2:4c:44:f3:ce:bf:a2:71:0c:77:b2:09:e7:37:
0a:58:90:35:18:97:73:9d:7a:b6:bb:29:c7:d6:c0:
c0:45:13:85:bc:b2:b8:4d:0a:96:22:04:f1:9b:d2:
52:69:69:9e:5b:b6:c6:cf:76:cb:c4:9e:fa:4a:e1:
fc:74:14:c4:4a:8f:1a:22:27:d0:c8:3f:38:16:5b:
b3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C4:6F:4D:99:73:00:7F:0E:48:94:ED:B4:23:49:F0:2C:A3:EE:9E
X509v3 Authority Key Identifier:
keyid:24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/gMRvTZlzAH8OSJTttCNJ8Cyj7p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:e3:9d:a0:4d:1a:56:3a:c8:cf:6f:51:19:ae:7c:b2:ee:70:
5a:10:0c:a3:f1:ce:b1:f9:65:d0:fe:65:06:84:9e:62:dc:ac:
21:93:eb:96:73:e3:e9:66:ee:dd:9c:a5:75:dc:90:6f:93:22:
03:8a:e5:9b:b1:f9:07:91:72:f7:d5:ae:a4:e3:48:a2:1b:0f:
1e:bc:94:01:f1:8b:7b:ae:76:58:1f:e5:0a:6d:63:73:ca:29:
47:5f:87:18:fc:7d:00:9e:e9:b7:7e:98:0b:0f:a9:61:d7:4c:
cb:fa:60:1b:32:73:a6:b9:f9:16:60:76:99:3c:18:4c:a0:98:
f1:ef:dd:2f:44:c9:ef:06:1c:1a:5d:67:2e:26:65:cd:21:fb:
20:be:26:38:6d:47:6e:6c:30:ce:94:4e:f6:a7:e5:61:1e:89:
bb:41:ba:8b:f0:59:a7:54:bb:60:90:ca:47:41:14:34:d5:c2:
79:78:9e:be:77:9f:27:4c:f2:8d:f5:b9:50:a5:52:16:13:50:
90:d6:5e:19:0e:44:56:f0:19:f6:3e:a4:09:07:0f:53:19:4c:
56:3d:1a:ad:ab:24:e7:ea:26:64:37:de:14:2e:e3:3d:7a:11:
5f:28:0e:84:b1:de:3e:8f:ff:b3:46:ac:83:ca:ac:4c:85:d3:
e9:cb:c9:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+hOpA4gLOI6A/FAWJAaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTBjYTRhYWIyYTNmOGFiYzZjOTczYWE3YzBmYTEzZjI1
NzEwODEwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM0NmY0ZDk5NzMwMDdmMGU0ODk0ZWRiNDIzNDlmMDJjYTNlZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27WmHgEE/HubIQF6unlVC0MIM9bX
Pwyw5QpVcwR14RSXRWlCqPbWdEz0PuTtFtQvUB7yZTKbAdkWQIKzL0RAATCkbOhu
bfoC3jO0EUM+Yj9lr3Ig8doeP7OtPWG0HmK1Hv4KMLAPR98E7Xt7BBGTomWtoA/1
ckllen+YN/OXWDb+mr8DWezU5S8LXHNKbAWpiIuehVI1G0ZoARgUq7UbWI2w+uUJ
hOK0+8MZH4PvICutuS0fwkxE886/onEMd7IJ5zcKWJA1GJdznXq2uynH1sDARROF
vLK4TQqWIgTxm9JSaWmeW7bGz3bLxJ76SuH8dBTESo8aIifQyD84FluzVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIDEb02ZcwB/DkiU7bQjSfAso+6eMB8GA1UdIwQY
MBaAFCRQykqrKj+KvGyXOqfA+hPyVxCBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAt
ZTBkNTc2ZDU1NzdhLzEvZ01SdlRabHpBSDhPU0pUdHRDTko4Q3lqN3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yMTljNmYtZTMwZi00YTllLWFjYzAtZTBkNTc2ZDU1Nzdh
LzEvSkZES1Nxc3FQNHE4YkpjNnA4RDZFX0pYRUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjjMAwQB
W8P+AwQBW8ZsMA0GCSqGSIb3DQEBCwUAA4IBAQA/452gTRpWOsjPb1EZrnyy7nBa
EAyj8c6x+WXQ/mUGhJ5i3Kwhk+uWc+PpZu7dnKV13JBvkyIDiuWbsfkHkXL31a6k
40iiGw8evJQB8Yt7rnZYH+UKbWNzyilHX4cY/H0Anum3fpgLD6lh10zL+mAbMnOm
ufkWYHaZPBhMoJjx790vRMnvBhwaXWcuJmXNIfsgviY4bUdubDDOlE72p+VhHom7
QbqL8FmnVLtgkMpHQRQ01cJ5eJ6+d58nTPKN9blQpVIWE1CQ1l4ZDkRW8Bn2PqQJ
Bw9TGUxWPRqtqyTn6iZkN94ULuM9ehFfKA6Esd4+j/+zRqyDyqxMhdPpy8l0
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:17 2025 by rpki-client