Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/tjmex91I7dJnD023VIWq1boNPLk.roa
File: tjmex91I7dJnD023VIWq1boNPLk.roa (raw, json)
Hash identifier: d7b90ryBvfYcu1eHmFplVZMJtAYKyEN3QoPLIOWafyY=
Subject key identifier: B6:39:9E:C7:DD:48:ED:D2:67:0F:4D:B7:54:85:AA:D5:BA:0D:3C:B9
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019426D866F3188C73A79737A43246872936
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/tjmex91I7dJnD023VIWq1boNPLk.roa
Signing time: Thu 02 Jan 2025 11:48:23 +0000
ROA not before: Thu 02 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:66:f3:18:8c:73:a7:97:37:a4:32:46:87:29:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6399ec7dd48edd2670f4db75485aad5ba0d3cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:da:5e:fe:82:c4:40:f1:f1:73:62:08:4a:1d:
45:a0:cc:cf:66:d6:5d:80:87:b5:06:4a:c9:24:31:
f0:b4:72:f8:85:e3:3a:1f:69:21:91:36:36:85:8a:
dc:65:62:9a:de:6e:ab:ea:af:26:0a:77:16:f3:6a:
ad:af:28:2b:83:20:74:74:30:40:dd:75:af:4d:02:
f0:25:b6:3f:8a:38:33:ed:41:12:a4:77:5a:48:31:
c3:79:a2:4c:40:ff:87:c1:cb:21:c5:88:b8:6d:9f:
3f:9c:0d:6c:8b:7b:95:e0:28:97:65:15:f0:c2:3d:
0f:5b:f9:9a:2f:ea:95:e3:ea:67:ab:f3:df:da:99:
9d:7d:f3:00:cc:50:77:3b:3c:41:24:ba:d5:8f:10:
b7:e4:04:8b:bb:c9:b3:1f:92:af:42:d4:44:c8:8f:
4a:7b:69:b2:a8:00:76:02:40:11:b1:6b:0f:0c:83:
7c:1b:00:ce:47:4f:3e:bb:89:4a:d7:88:79:92:53:
f9:56:99:4c:6d:7d:01:ef:be:e2:da:e0:45:b5:ce:
5c:48:50:d1:18:13:95:b1:15:9e:48:17:fb:47:b3:
b9:c8:c9:55:5d:be:99:21:f3:44:4c:28:50:1e:8c:
b8:00:c8:c5:06:6b:c9:93:44:b1:9a:4b:0f:47:7c:
a1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:39:9E:C7:DD:48:ED:D2:67:0F:4D:B7:54:85:AA:D5:BA:0D:3C:B9
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/tjmex91I7dJnD023VIWq1boNPLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
64:04:f0:8a:6f:bb:db:a6:51:5a:f9:cf:61:23:df:3e:9b:67:
43:b3:c0:07:db:6a:90:6a:f4:c1:7e:17:2b:3f:e6:45:89:9a:
a6:e3:f3:79:58:41:2a:15:2b:98:bd:26:93:27:25:c1:b2:f7:
36:5f:7a:7d:dd:e9:ea:ec:52:cd:d7:9c:2f:87:ab:12:71:c6:
49:8a:42:e9:ba:7c:97:d0:ea:90:7d:4c:a3:90:64:86:f8:ba:
e0:da:75:af:88:3d:3f:f0:18:cd:2f:ee:cf:97:cc:57:59:e5:
82:1e:d7:17:d9:8a:24:f2:ab:83:4c:27:36:4a:5d:da:99:40:
e7:4b:8c:19:a1:7d:83:9b:e2:54:70:9a:17:d8:1d:71:8a:09:
e0:c6:67:a5:e9:fe:21:9f:0e:c9:76:e1:4a:2e:72:2e:e2:4d:
80:49:41:f1:1b:2b:ca:a0:6b:a1:81:da:fa:d6:bb:34:ff:b5:
6b:b8:a8:39:26:72:71:7e:e2:f9:9f:54:aa:6d:42:65:df:ba:
e6:87:fc:9e:d6:69:8e:8b:47:ad:85:e4:d6:3c:c5:3f:5a:bd:
8c:93:e8:80:cf:09:d0:cd:8c:29:37:e9:14:e7:96:2c:f0:a1:
d0:ba:82:42:54:28:94:8a:28:36:14:98:36:76:7d:e5:5e:6c:
30:56:30:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2GbzGIxzp5c3pDJGhyk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMTAyMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM5OWVjN2RkNDhlZGQyNjcwZjRkYjc1NDg1YWFkNWJhMGQzY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtpe/oLEQPHxc2IISh1FoMzPZtZd
gIe1BkrJJDHwtHL4heM6H2khkTY2hYrcZWKa3m6r6q8mCncW82qtrygrgyB0dDBA
3XWvTQLwJbY/ijgz7UESpHdaSDHDeaJMQP+HwcshxYi4bZ8/nA1si3uV4CiXZRXw
wj0PW/maL+qV4+pnq/Pf2pmdffMAzFB3OzxBJLrVjxC35ASLu8mzH5KvQtREyI9K
e2myqAB2AkARsWsPDIN8GwDOR08+u4lK14h5klP5VplMbX0B777i2uBFtc5cSFDR
GBOVsRWeSBf7R7O5yMlVXb6ZIfNETChQHoy4AMjFBmvJk0SxmksPR3yhoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLY5nsfdSO3SZw9Nt1SFqtW6DTy5MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdGptZXg5MUk3ZEpuRDAyM1ZJV3ExYm9OUExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQBkBPCKb7vbplFa+c9hI98+m2dDs8AH22qQ
avTBfhcrP+ZFiZqm4/N5WEEqFSuYvSaTJyXBsvc2X3p93enq7FLN15wvh6sSccZJ
ikLpunyX0OqQfUyjkGSG+Lrg2nWviD0/8BjNL+7Pl8xXWeWCHtcX2Yok8quDTCc2
Sl3amUDnS4wZoX2Dm+JUcJoX2B1xigngxmel6f4hnw7JduFKLnIu4k2ASUHxGyvK
oGuhgdr61rs0/7VruKg5JnJxfuL5n1SqbUJl37rmh/ye1mmOi0etheTWPMU/Wr2M
k+iAzwnQzYwpN+kU55Ys8KHQuoJCVCiUiig2FJg2dn3lXmwwVjDd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:14 2025 by rpki-client