Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/JXORbhvqFBRiA6sx9uRbnH1cfQA.roa
File: JXORbhvqFBRiA6sx9uRbnH1cfQA.roa (raw, json)
Hash identifier: Cy8xek89x29qX6vrPKHRgigbXjIhqh0MMdSzd3epi5U=
Subject key identifier: 25:73:91:6E:1B:EA:14:14:62:03:AB:31:F6:E4:5B:9C:7D:5C:7D:00
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01951A4807C5AADECE4E93D90A9F9E017959
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/JXORbhvqFBRiA6sx9uRbnH1cfQA.roa
Signing time: Tue 18 Feb 2025 18:18:02 +0000
ROA not before: Tue 18 Feb 2025 18:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 80.71.154.0/24 maxlen: 24
94.103.178.0/24 maxlen: 24
94.103.189.0/24 maxlen: 24
94.103.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:48:07:c5:aa:de:ce:4e:93:d9:0a:9f:9e:01:79:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 18 18:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2573916e1bea14146203ab31f6e45b9c7d5c7d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:14:3f:62:8d:91:ad:a8:02:df:15:ce:aa:65:
7d:a0:07:2b:d6:61:bb:ab:b0:f9:30:92:48:8e:1f:
45:50:85:3f:be:c6:29:34:a7:00:54:15:cc:b0:53:
68:a9:38:c9:69:58:db:36:11:30:3a:cf:07:a2:ba:
d9:9c:b2:1e:2d:ee:a7:db:c8:bf:14:ad:9a:2d:ae:
75:a5:4c:7a:76:e3:e9:a5:66:d1:11:2f:a7:75:40:
62:ee:c2:34:1f:48:dd:dd:1c:f1:0e:96:9b:0d:ee:
b0:13:a7:e5:67:cc:58:31:8a:ce:a9:1d:81:63:19:
a2:26:14:4c:dd:c3:4b:0c:c2:f1:29:04:76:32:d2:
59:9c:39:2e:dc:06:c9:a6:55:f8:93:9f:cc:39:92:
b9:66:ed:39:02:d4:ea:60:dd:a3:7c:ed:3c:01:67:
98:e0:b6:16:7f:47:50:d1:a2:38:f3:96:a9:ef:38:
37:95:52:38:4e:36:52:ac:3b:d7:ae:29:9c:96:ee:
f5:77:50:df:87:c9:e4:b2:ee:24:6d:9d:b2:5b:6a:
26:0e:3b:c3:f5:15:a1:ba:79:2f:8b:c3:fa:14:ae:
53:5e:eb:50:10:3e:8f:82:40:a4:30:a7:4c:30:ff:
1f:78:5c:c5:14:31:47:c2:d6:38:8d:81:90:ad:ee:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:73:91:6E:1B:EA:14:14:62:03:AB:31:F6:E4:5B:9C:7D:5C:7D:00
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/JXORbhvqFBRiA6sx9uRbnH1cfQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.154.0/24
94.103.178.0/24
94.103.189.0/24
94.103.191.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:6c:82:18:30:54:9a:89:b5:4d:9d:e4:a3:c1:8d:51:2a:f0:
e4:24:91:75:77:d4:61:dc:e5:1f:d8:13:71:4a:29:26:db:56:
f7:03:07:81:62:64:e6:33:02:0b:1c:77:01:12:f0:9d:13:87:
14:73:25:5d:4f:b9:dc:95:1f:e9:b5:55:be:46:25:36:1c:73:
f1:4f:d8:00:20:5b:64:03:12:31:f3:55:2c:ff:2b:af:24:c6:
9d:a7:06:9c:50:de:52:ff:97:41:9e:1e:fa:15:ac:fd:fe:27:
ed:c9:f8:64:ff:ea:00:1e:88:0c:a2:3c:5e:c2:de:97:00:5c:
59:37:b7:86:58:c4:f5:94:c2:53:b3:db:fc:8f:66:1a:19:0b:
65:b1:54:7f:83:8e:fc:91:4b:15:10:48:16:82:78:dc:71:70:
b1:17:b7:da:2d:21:07:c2:eb:50:b2:51:94:16:f2:20:e6:c6:
d4:2d:5b:23:35:c4:11:84:42:ad:ff:ee:62:ae:04:06:25:42:
2f:fd:78:c3:ec:ac:53:5e:bf:83:cb:cc:f0:d0:76:af:36:a9:
01:a4:d9:9e:af:fc:71:28:ed:5c:1f:69:c6:e7:14:f2:96:a5:
a6:e9:58:b3:6c:4e:64:34:4e:89:3f:16:df:b9:84:dd:e4:6f:
a5:ff:86:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUaSAfFqt7OTpPZCp+eAXlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMjE4MTgxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTczOTE2ZTFiZWExNDE0NjIwM2FiMzFmNmU0NWI5YzdkNWM3ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxQ/Yo2RragC3xXOqmV9oAcr1mG7
q7D5MJJIjh9FUIU/vsYpNKcAVBXMsFNoqTjJaVjbNhEwOs8HorrZnLIeLe6n28i/
FK2aLa51pUx6duPppWbRES+ndUBi7sI0H0jd3RzxDpabDe6wE6flZ8xYMYrOqR2B
YxmiJhRM3cNLDMLxKQR2MtJZnDku3AbJplX4k5/MOZK5Zu05AtTqYN2jfO08AWeY
4LYWf0dQ0aI485ap7zg3lVI4TjZSrDvXrimclu71d1Dfh8nksu4kbZ2yW2omDjvD
9RWhunkvi8P6FK5TXutQED6PgkCkMKdMMP8feFzFFDFHwtY4jYGQre7ihQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCVzkW4b6hQUYgOrMfbkW5x9XH0AMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSlhPUmJodnFGQlJpQTZzeDl1UmJuSDFjZlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEeaAwQA
XmeyAwQAXme9AwQAXme/MA0GCSqGSIb3DQEBCwUAA4IBAQBvbIIYMFSaibVNneSj
wY1RKvDkJJF1d9Rh3OUf2BNxSikm21b3AweBYmTmMwILHHcBEvCdE4cUcyVdT7nc
lR/ptVW+RiU2HHPxT9gAIFtkAxIx81Us/yuvJMadpwacUN5S/5dBnh76Faz9/ift
yfhk/+oAHogMojxewt6XAFxZN7eGWMT1lMJTs9v8j2YaGQtlsVR/g478kUsVEEgW
gnjccXCxF7faLSEHwutQslGUFvIg5sbULVsjNcQRhEKt/+5irgQGJUIv/XjD7KxT
Xr+Dy8zw0HavNqkBpNmer/xxKO1cH2nG5xTylqWm6VizbE5kNE6JPxbfuYTd5G+l
/4YJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:36:41 2025 by rpki-client