Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/jVDEyqMCODRbBkqkq43-QF92dZM.roa
File: jVDEyqMCODRbBkqkq43-QF92dZM.roa (raw, json)
Hash identifier: s/kttAz6ZQTi3SrIl36OIG3RsnNyK9roMAcg0ML6WjQ=
Subject key identifier: 8D:50:C4:CA:A3:02:38:34:5B:06:4A:A4:AB:8D:FE:40:5F:76:75:93
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 019424459E4BF61F532452DEBB94D0DF5B07
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/jVDEyqMCODRbBkqkq43-QF92dZM.roa
Signing time: Wed 01 Jan 2025 23:48:49 +0000
ROA not before: Wed 01 Jan 2025 23:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9105
IP address blocks: 79.77.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
80.40.0.0/13 maxlen: 24
81.1.64.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
81.170.0.0/17 maxlen: 24
81.178.0.0/15 maxlen: 24
83.67.0.0/16 maxlen: 24
89.168.128.0/17 maxlen: 24
194.106.32.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
195.137.0.0/17 maxlen: 24
212.1.128.0/19 maxlen: 24
212.74.96.0/19 maxlen: 24
212.139.0.0/16 maxlen: 24
212.159.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9e:4b:f6:1f:53:24:52:de:bb:94:d0:df:5b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d50c4caa30238345b064aa4ab8dfe405f767593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:35:95:88:97:6d:b0:ee:4e:8f:86:16:0e:
1c:db:f2:39:e7:66:78:c0:1b:a0:85:b9:0e:1e:4e:
c9:5e:3e:69:b8:23:c7:41:cc:9c:ce:8a:74:07:34:
d5:cf:cf:ed:b4:a3:eb:b0:af:c3:1c:98:19:21:fb:
15:8d:f0:10:07:f2:a4:14:9f:29:a4:1c:a0:86:a7:
c6:70:ca:62:92:46:39:32:59:59:6c:61:3e:4d:61:
ef:55:1e:d6:14:dd:04:8e:86:6e:1c:06:d6:f8:04:
60:bd:7e:a0:6d:e7:63:5d:ae:5a:04:af:80:63:e4:
2a:51:25:98:45:fe:2c:3c:46:cc:aa:44:08:40:34:
f8:50:83:8c:f3:5e:01:ad:c2:69:07:1c:c2:95:4f:
d3:47:ca:f6:5a:f1:ff:89:96:53:8b:d4:81:c0:03:
e6:5a:9e:1e:6f:71:d5:2d:f0:46:cb:ff:d5:8d:bb:
51:05:c4:7b:63:7b:77:07:a4:b7:cf:ff:4c:5f:29:
12:43:fe:0a:0b:df:36:61:25:1c:8c:8e:0d:a7:ae:
b4:86:d0:2d:35:d5:d7:10:87:2d:88:a3:64:0d:9c:
f5:3b:41:98:55:f3:91:00:e8:e0:2b:7d:3e:3d:7e:
21:55:0d:75:da:14:81:e7:9a:6d:f1:ce:cd:84:38:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:50:C4:CA:A3:02:38:34:5B:06:4A:A4:AB:8D:FE:40:5F:76:75:93
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/jVDEyqMCODRbBkqkq43-QF92dZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
83.67.0.0/16
89.168.128.0/17
194.106.32.0/19
194.247.224.0/19
195.137.0.0/17
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:06:d9:9b:09:a1:35:94:58:09:8f:9a:28:46:a5:fb:7c:a2:
04:c3:53:e3:b8:91:83:7c:bf:40:77:39:c3:07:ef:62:86:e2:
b4:d8:59:c2:41:72:7c:03:8f:9d:bb:92:e7:3b:07:61:00:48:
cb:aa:f4:c8:37:d8:59:f8:e3:8b:e5:dc:33:9c:5c:ee:fe:10:
03:bd:1c:de:a1:0e:0e:2c:76:4a:a4:50:1d:94:e7:48:5d:89:
d0:71:c8:10:4a:56:ce:40:16:79:47:78:20:38:79:11:ac:43:
d5:55:8c:d2:b9:fc:be:ea:af:b5:b5:c3:69:ed:f4:bd:b2:ce:
38:87:e4:73:9c:bc:2f:3e:4a:32:c7:72:5c:9e:be:d5:65:c6:
8a:15:93:f0:58:02:5f:d1:68:e9:ad:65:98:a7:0c:7e:82:aa:
5a:04:f7:d1:84:df:fd:10:09:7c:8a:b5:97:7d:8a:05:b4:70:
ed:c2:09:30:ee:0c:a5:42:8d:2e:7a:c8:20:bc:d5:18:a6:78:
53:5d:ef:e6:0f:b3:2c:56:9b:8e:66:ed:96:37:cf:67:df:48:
be:2d:d3:4e:2c:42:f3:e2:26:84:05:46:06:a6:99:b7:84:39:
43:f1:06:8c:4d:e9:84:f2:aa:6e:4d:2e:59:ce:c4:c4:4d:88:
5a:eb:44:44
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQkRZ5L9h9TJFLeu5TQ31sHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDUwYzRjYWEzMDIzODM0NWIwNjRhYTRhYjhkZmU0MDVmNzY3NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLM1lYiXbbDuTo+GFg4c2/I552Z4
wBughbkOHk7JXj5puCPHQcyczop0BzTVz8/ttKPrsK/DHJgZIfsVjfAQB/KkFJ8p
pByghqfGcMpikkY5MllZbGE+TWHvVR7WFN0EjoZuHAbW+ARgvX6gbedjXa5aBK+A
Y+QqUSWYRf4sPEbMqkQIQDT4UIOM814BrcJpBxzClU/TR8r2WvH/iZZTi9SBwAPm
Wp4eb3HVLfBGy//VjbtRBcR7Y3t3B6S3z/9MXykSQ/4KC982YSUcjI4Np660htAt
NdXXEIctiKNkDZz1O0GYVfORAOjgK30+PX4hVQ112hSB55pt8c7NhDh2QwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFI1QxMqjAjg0WwZKpKuN/kBfdnWTMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvalZERXlxTUNPRFJiQmtxa3E0My1RRjkyZFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbMAoDAwBPTQMD
BE9AAwMDUCgDBAZRAUADAwBRVgMEB1GqAAMDAVGyAwMAU0MDBAdZqIADBAXCaiAD
BAXC9+ADBAfDiQADBAXUAYADBAXUSmADAwDUiwMEBtSfgDANBgkqhkiG9w0BAQsF
AAOCAQEASwbZmwmhNZRYCY+aKEal+3yiBMNT47iRg3y/QHc5wwfvYobitNhZwkFy
fAOPnbuS5zsHYQBIy6r0yDfYWfjji+XcM5xc7v4QA70c3qEODix2SqRQHZTnSF2J
0HHIEEpWzkAWeUd4IDh5EaxD1VWM0rn8vuqvtbXDae30vbLOOIfkc5y8Lz5KMsdy
XJ6+1WXGihWT8FgCX9Fo6a1lmKcMfoKqWgT30YTf/RAJfIq1l32KBbRw7cIJMO4M
pUKNLnrIILzVGKZ4U13v5g+zLFabjmbtljfPZ99Ivi3TTixC8+ImhAVGBqaZt4Q5
Q/EGjE3phPKqbk0uWc7ExE2IWutERA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:17:51 2025 by rpki-client