Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/js3FolXTNbl9FECoYSqnW-MLw0A.roa
File: js3FolXTNbl9FECoYSqnW-MLw0A.roa (raw, json)
Hash identifier: l+vnWLzEj6U/PJzE4BCRuD1dAjg4yzYHTVAeiPyP5AQ=
Subject key identifier: 8E:CD:C5:A2:55:D3:35:B9:7D:14:40:A8:61:2A:A7:5B:E3:0B:C3:40
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F816945000059815D6149B2A022FC
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/js3FolXTNbl9FECoYSqnW-MLw0A.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34210
IP address blocks: 217.170.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:81:69:45:00:00:59:81:5d:61:49:b2:a0:22:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ecdc5a255d335b97d1440a8612aa75be30bc340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f8:1c:f9:34:b4:d6:94:3f:6b:c9:ee:bf:76:
8d:48:35:6d:23:56:52:36:45:6d:c2:1f:c7:ab:b7:
c1:d2:77:ff:0f:3b:cb:d7:ba:5e:57:e5:ff:11:9c:
27:e9:9c:42:43:6f:2c:51:ab:24:d6:66:30:11:06:
dc:b8:04:45:a3:89:a2:e4:ac:58:78:3e:96:c1:03:
f4:e3:a5:56:32:70:43:d4:f3:9f:21:a6:06:2f:26:
f5:c5:ea:89:1c:e2:5a:53:a8:f4:15:f2:88:a5:12:
6f:89:3b:d7:5f:f7:cb:85:2c:82:b1:90:cf:14:af:
ec:71:2f:4d:ad:f1:94:cf:56:f2:86:1b:35:d0:99:
44:0e:b7:e6:b3:16:d6:58:ed:2c:80:71:17:4c:c2:
6d:a6:a1:62:36:f3:9f:5e:54:af:c6:e0:74:5d:0c:
d3:67:d8:d9:e5:78:07:24:d1:4e:83:5d:c5:b3:5f:
4d:d9:f9:30:90:f2:f5:2c:bb:b1:1d:de:2c:c0:6a:
17:09:d9:59:91:50:40:8f:cb:91:2a:3e:79:3a:37:
bc:ae:3f:b0:1b:72:fd:b9:6a:c5:b6:c2:76:62:ae:
99:80:8b:b8:58:07:87:d0:28:49:24:e8:1d:31:e4:
16:e9:8c:ab:4b:4b:ad:4a:14:a8:a9:15:54:0d:b0:
1e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:C5:A2:55:D3:35:B9:7D:14:40:A8:61:2A:A7:5B:E3:0B:C3:40
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/js3FolXTNbl9FECoYSqnW-MLw0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:68:0a:b5:fd:64:af:31:c2:a4:a9:2f:ff:57:25:2d:a4:e5:
9a:43:2c:85:e0:30:9a:50:94:f7:44:95:74:88:44:1a:7a:dc:
1b:a3:4a:d7:f7:8f:4d:76:17:4d:c5:ca:9a:55:bd:88:f8:40:
d9:45:aa:18:65:58:ce:20:cf:84:b4:00:9e:92:22:8e:2f:88:
88:06:76:68:31:cd:f6:4b:bf:b9:6f:d2:8c:6c:ea:2c:6d:6e:
48:98:e3:bf:7b:38:87:ee:f6:26:d9:04:d0:47:30:b6:08:ca:
ac:af:30:ec:52:7b:f9:d5:fd:09:7a:c3:ab:58:cf:82:ec:bc:
7c:fb:35:ad:3d:61:dc:28:05:0c:bd:ce:5d:53:0b:f0:15:6f:
72:4c:51:bf:85:98:f4:71:70:88:a9:2e:af:ed:3e:8a:96:1c:
d7:a2:11:db:80:c4:5b:20:45:98:8f:86:79:1b:fb:32:50:bd:
8f:0e:6b:26:91:10:d4:4b:89:ad:50:d1:92:49:e6:ba:64:54:
8c:aa:ad:54:8e:eb:a5:b5:dd:32:aa:df:8b:5f:34:4e:30:24:
25:c0:5d:5c:99:a0:1a:40:d0:c5:b1:67:fe:1a:c6:1c:7b:6c:
1f:c9:df:c9:a3:d3:a0:39:00:9d:a8:28:8e:d0:a5:52:3a:2c:
cc:89:89:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4FpRQAAWYFdYUmyoCL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNkYzVhMjU1ZDMzNWI5N2QxNDQwYTg2MTJhYTc1YmUzMGJjMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fgc+TS01pQ/a8nuv3aNSDVtI1ZS
NkVtwh/Hq7fB0nf/DzvL17peV+X/EZwn6ZxCQ28sUask1mYwEQbcuARFo4mi5KxY
eD6WwQP046VWMnBD1POfIaYGLyb1xeqJHOJaU6j0FfKIpRJviTvXX/fLhSyCsZDP
FK/scS9NrfGUz1byhhs10JlEDrfmsxbWWO0sgHEXTMJtpqFiNvOfXlSvxuB0XQzT
Z9jZ5XgHJNFOg13Fs19N2fkwkPL1LLuxHd4swGoXCdlZkVBAj8uRKj55Oje8rj+w
G3L9uWrFtsJ2Yq6ZgIu4WAeH0ChJJOgdMeQW6YyrS0utShSoqRVUDbAeDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7NxaJV0zW5fRRAqGEqp1vjC8NAMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvanMzRm9sWFROYmw5RkVDb1lTcW5XLU1MdzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2aoIMA0G
CSqGSIb3DQEBCwUAA4IBAQAuaAq1/WSvMcKkqS//VyUtpOWaQyyF4DCaUJT3RJV0
iEQaetwbo0rX949NdhdNxcqaVb2I+EDZRaoYZVjOIM+EtACekiKOL4iIBnZoMc32
S7+5b9KMbOosbW5ImOO/eziH7vYm2QTQRzC2CMqsrzDsUnv51f0JesOrWM+C7Lx8
+zWtPWHcKAUMvc5dUwvwFW9yTFG/hZj0cXCIqS6v7T6KlhzXohHbgMRbIEWYj4Z5
G/syUL2PDmsmkRDUS4mtUNGSSea6ZFSMqq1Ujuultd0yqt+LXzROMCQlwF1cmaAa
QNDFsWf+GsYce2wfyd/Jo9OgOQCdqCiO0KVSOizMiYk6
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:11 2025 by rpki-client