Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/Jdm5F_6iCqPEa_8fp7SMyuecga8.roa
File: Jdm5F_6iCqPEa_8fp7SMyuecga8.roa (raw, json)
Hash identifier: YePWqR0wfY9VWBnw6y6zsSOonySutPSp4/GMkjqq0x4=
Subject key identifier: 25:D9:B9:17:FE:A2:0A:A3:C4:6B:FF:1F:A7:B4:8C:CA:E7:9C:81:AF
Certificate issuer: /CN=220a9859fbf2e6bc3ed8273911762bd8fa5e802e
Certificate serial: 019426D9EF360BBA10CF116560E368A53D87
Authority key identifier: 22:0A:98:59:FB:F2:E6:BC:3E:D8:27:39:11:76:2B:D8:FA:5E:80:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/Jdm5F_6iCqPEa_8fp7SMyuecga8.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39399
IP address blocks: 91.199.194.0/24 maxlen: 24
91.215.24.0/22 maxlen: 22
178.215.176.0/20 maxlen: 20
194.8.156.0/22 maxlen: 22
195.140.228.0/22 maxlen: 22
195.182.192.0/23 maxlen: 23
2001:67c:2280::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ef:36:0b:ba:10:cf:11:65:60:e3:68:a5:3d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220a9859fbf2e6bc3ed8273911762bd8fa5e802e
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d9b917fea20aa3c46bff1fa7b48ccae79c81af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:6a:75:e3:b9:55:f9:e6:53:2c:66:ea:a1:
e3:e6:d2:32:7b:e0:eb:7b:7f:14:18:79:fe:58:3b:
89:8d:94:de:4a:b1:72:cd:02:8a:87:e1:54:8d:cc:
58:7e:19:78:0f:61:5c:8b:9f:58:e0:eb:85:a6:6b:
0e:38:7e:1b:b0:2d:64:34:d4:81:d7:65:61:bb:83:
10:60:1c:6e:ba:37:7c:7d:8c:95:46:ef:0a:c1:f4:
d9:97:40:0d:4b:0d:eb:41:29:97:88:3c:19:54:e2:
39:a4:c2:46:8d:7d:7c:04:80:7f:3b:79:de:93:e8:
87:5f:50:78:32:0f:9d:dd:34:b8:c0:f5:2a:01:73:
15:66:2c:fa:a7:18:7f:a5:8c:ce:14:9f:9d:4f:2c:
7d:46:36:c4:df:87:f5:74:42:cb:6b:3a:e3:8b:10:
ca:ef:73:40:4c:7b:58:c2:8e:77:39:65:57:fb:c3:
cd:72:ac:c7:f0:c3:9f:f4:c0:8d:65:4c:9a:f8:14:
44:68:97:10:dc:b4:6c:d1:b9:44:63:08:e2:fc:5a:
06:56:17:b3:eb:11:da:79:15:86:4e:15:80:94:43:
e5:c3:8a:e2:f8:9c:41:7d:f2:ac:3c:f3:c4:47:fe:
bd:3f:96:13:45:47:ff:6f:05:d8:de:01:5b:83:f8:
87:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D9:B9:17:FE:A2:0A:A3:C4:6B:FF:1F:A7:B4:8C:CA:E7:9C:81:AF
X509v3 Authority Key Identifier:
keyid:22:0A:98:59:FB:F2:E6:BC:3E:D8:27:39:11:76:2B:D8:FA:5E:80:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/Jdm5F_6iCqPEa_8fp7SMyuecga8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.194.0/24
91.215.24.0/22
178.215.176.0/20
194.8.156.0/22
195.140.228.0/22
195.182.192.0/23
IPv6:
2001:67c:2280::/48
Signature Algorithm: sha256WithRSAEncryption
67:ac:7d:02:5f:73:35:f2:fe:c9:57:f9:18:ed:a0:c7:ca:e8:
91:b0:4e:9f:7e:30:a4:7c:f4:d2:ba:59:db:75:8a:2d:13:08:
3d:1d:91:bf:5f:1f:4b:a6:11:3f:bf:8f:4d:7e:7d:a4:41:2a:
be:af:3e:08:32:97:3c:a4:29:45:42:5e:fe:89:8d:4d:eb:84:
a9:d1:a4:14:6f:92:e3:6c:81:10:20:d1:09:42:e5:82:43:d9:
da:bb:5f:be:3d:9b:13:4a:fb:62:48:6a:0a:96:c1:e6:6b:46:
57:82:d6:49:bb:8e:91:f3:54:32:60:9f:d4:79:7c:4e:23:80:
e2:b0:d3:03:35:98:09:6e:34:ae:4e:17:45:39:9e:23:fb:76:
f9:c8:46:89:dd:f8:71:a0:1f:9c:4a:10:29:d6:b1:50:5b:30:
6b:08:a2:06:ad:a7:37:35:82:dc:87:39:ba:c7:aa:c6:7a:5a:
5b:63:e7:e8:85:e5:c3:96:20:3b:f1:69:de:7e:3f:7c:20:c6:
7e:db:f8:54:65:bb:bc:72:e3:90:c0:c9:f0:3a:58:55:d1:ee:
b0:c8:5a:92:6d:c4:35:66:46:d9:c3:44:c3:28:0d:eb:8c:68:
47:12:ea:6a:51:36:19:78:b4:87:ae:d3:ac:2d:cf:da:88:be:
3f:a3:4e:4b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQm2e82C7oQzxFlYONopT2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGE5ODU5ZmJmMmU2YmMzZWQ4MjczOTExNzYyYmQ4ZmE1
ZTgwMmUwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ5YjkxN2ZlYTIwYWEzYzQ2YmZmMWZhN2I0OGNjYWU3OWM4MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34xqdeO5VfnmUyxm6qHj5tIye+Dr
e38UGHn+WDuJjZTeSrFyzQKKh+FUjcxYfhl4D2Fci59Y4OuFpmsOOH4bsC1kNNSB
12Vhu4MQYBxuujd8fYyVRu8KwfTZl0ANSw3rQSmXiDwZVOI5pMJGjX18BIB/O3ne
k+iHX1B4Mg+d3TS4wPUqAXMVZiz6pxh/pYzOFJ+dTyx9RjbE34f1dELLazrjixDK
73NATHtYwo53OWVX+8PNcqzH8MOf9MCNZUya+BREaJcQ3LRs0blEYwji/FoGVhez
6xHaeRWGThWAlEPlw4ri+JxBffKsPPPER/69P5YTRUf/bwXY3gFbg/iHDQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCXZuRf+ogqjxGv/H6e0jMrnnIGvMB8GA1UdIwQY
MBaAFCIKmFn78ua8PtgnORF2K9j6XoAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdxWVdmdnk1cnctMkNjNUVYWXIyUHBlZ0M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODI4MWYtY2QxNy00ZTAyLThmY2Et
OGM1YWMwNmMxNGE4LzEvSmRtNUZfNmlDcVBFYV84ZnA3U015dWVjZ2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lODI4MWYtY2QxNy00ZTAyLThmY2EtOGM1YWMwNmMxNGE4
LzEvSWdxWVdmdnk1cnctMkNjNUVYWXIyUHBlZ0M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW8fCAwQC
W9cYAwQEstewAwQCwgicAwQCw4zkAwQBw7bAMA8EAgACMAkDBwAgAQZ8IoAwDQYJ
KoZIhvcNAQELBQADggEBAGesfQJfczXy/slX+RjtoMfK6JGwTp9+MKR89NK6Wdt1
ii0TCD0dkb9fH0umET+/j01+faRBKr6vPggylzykKUVCXv6JjU3rhKnRpBRvkuNs
gRAg0QlC5YJD2dq7X749mxNK+2JIagqWweZrRleC1km7jpHzVDJgn9R5fE4jgOKw
0wM1mAluNK5OF0U5niP7dvnIRond+HGgH5xKECnWsVBbMGsIogatpzc1gtyHObrH
qsZ6Wltj5+iF5cOWIDvxad5+P3wgxn7b+FRlu7xy45DAyfA6WFXR7rDIWpJtxDVm
RtnDRMMoDeuMaEcS6mpRNhl4tIeu06wtz9qIvj+jTks=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:35:14 2025 by rpki-client