Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/JjwEZWBFYdro1bclN7oB-fRyAwA.roa
File: JjwEZWBFYdro1bclN7oB-fRyAwA.roa (raw, json)
Hash identifier: k4IvqBYPxW6gaMsyO55esYb4IVeV/xHT6lju64eLGfA=
Subject key identifier: 26:3C:04:65:60:45:61:DA:E8:D5:B7:25:37:BA:01:F9:F4:72:03:00
Certificate issuer: /CN=4c8a7886662254be39ea1add72728e000eb2c25a
Certificate serial: 019423696C984BD5A94843F937ECF29F6AFB
Authority key identifier: 4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/JjwEZWBFYdro1bclN7oB-fRyAwA.roa
Signing time: Wed 01 Jan 2025 19:48:19 +0000
ROA not before: Wed 01 Jan 2025 19:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6805
IP address blocks: 82.113.96.0/19 maxlen: 19
82.113.96.0/20 maxlen: 20
82.113.112.0/20 maxlen: 20
89.204.128.0/19 maxlen: 19
89.204.128.0/21 maxlen: 21
89.204.130.0/24 maxlen: 24
89.204.135.0/24 maxlen: 24
89.204.136.0/21 maxlen: 21
89.204.144.0/21 maxlen: 21
89.204.152.0/21 maxlen: 21
89.204.153.0/24 maxlen: 24
185.98.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6c:98:4b:d5:a9:48:43:f9:37:ec:f2:9f:6a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c8a7886662254be39ea1add72728e000eb2c25a
Validity
Not Before: Jan 1 19:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=263c0465604561dae8d5b72537ba01f9f4720300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:89:cd:dd:05:c7:1c:d8:fc:d3:89:d1:b3:
88:f5:b4:e8:37:79:37:a3:4d:48:79:6e:b2:06:46:
98:77:5d:5a:ba:d8:fe:e6:56:45:06:8a:70:d4:d9:
5b:de:b6:4c:95:a6:33:7b:c2:f7:35:1c:de:41:d1:
8a:ff:33:ee:cf:4a:6f:82:5b:35:7c:2f:ef:ec:37:
ed:a3:17:27:6f:35:30:8f:69:65:b1:b6:3d:35:38:
89:47:1e:46:43:03:8e:d3:c8:7a:8e:d8:25:d0:c4:
4a:89:c6:76:f3:03:cd:05:8b:3b:53:6b:4e:f5:ac:
7d:64:59:b7:f9:68:09:14:e5:cc:62:3c:36:4b:02:
62:78:5d:01:64:42:1e:6a:81:bc:fa:4b:ed:81:b0:
89:e7:37:49:6a:59:09:92:6a:7e:44:62:9a:a8:4b:
31:12:5b:81:7f:d9:c8:33:1a:ee:18:72:77:c9:89:
7f:44:4e:58:ee:9d:68:4f:76:4e:0c:f5:2a:2d:e0:
66:2a:2a:a4:0d:97:d8:45:a9:f3:0f:ce:25:59:c6:
4c:9a:a9:d4:1d:92:30:c2:0c:53:28:74:29:99:aa:
16:d8:c8:9f:23:b0:77:28:e0:2d:34:c0:12:49:93:
0b:e6:ab:8a:3c:63:77:02:d2:13:21:54:b7:ab:e6:
2d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3C:04:65:60:45:61:DA:E8:D5:B7:25:37:BA:01:F9:F4:72:03:00
X509v3 Authority Key Identifier:
keyid:4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/JjwEZWBFYdro1bclN7oB-fRyAwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.113.96.0/19
89.204.128.0/19
185.98.140.0/22
Signature Algorithm: sha256WithRSAEncryption
72:01:26:fc:8c:0c:4a:27:5e:f6:ef:ed:f4:89:94:6d:1e:05:
7b:07:0e:6b:09:e1:0c:74:2d:64:66:bc:56:f4:ec:8d:14:1c:
b6:26:e3:7e:87:c9:18:2b:53:69:3f:50:0f:1e:09:4f:97:2f:
93:99:bc:c3:b0:e2:11:ad:29:b3:b8:49:86:b1:ed:d9:91:a2:
f2:84:9e:56:db:a7:6d:c9:1d:67:93:77:fd:d9:00:5d:7f:f6:
8c:95:e5:dd:8f:bd:c1:27:a7:55:07:22:5c:a4:5f:d1:47:8f:
57:0e:49:b6:17:b3:eb:47:f3:7b:cd:a0:07:bc:a9:a5:1b:67:
2b:d1:e1:45:c4:8a:c3:de:c1:e8:0d:c4:ec:90:5a:f8:08:ec:
0d:50:83:37:4e:f2:2e:32:bc:55:6d:8c:75:88:21:6f:3c:19:
01:aa:31:83:d2:bb:f2:28:b7:4f:13:2f:06:0d:aa:4a:9e:c7:
cc:89:38:21:79:57:f1:52:c2:4a:3f:5c:76:1d:8a:c6:e5:0b:
ac:47:ff:20:55:58:40:ad:9b:a8:39:ab:2d:3b:f2:87:1b:ad:
9a:ed:59:1f:e7:29:a7:ae:1c:84:a6:6f:cf:95:46:c3:ab:5b:
cf:5a:d4:bc:54:36:c6:b0:d6:b1:f5:c2:c4:e6:71:d7:99:df:
26:23:cc:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaWyYS9WpSEP5N+zyn2r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOGE3ODg2NjYyMjU0YmUzOWVhMWFkZDcyNzI4ZTAwMGVi
MmMyNWEwHhcNMjUwMTAxMTk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNjMDQ2NTYwNDU2MWRhZThkNWI3MjUzN2JhMDFmOWY0NzIwMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtKJzd0FxxzY/NOJ0bOI9bToN3k3
o01IeW6yBkaYd11autj+5lZFBopw1Nlb3rZMlaYze8L3NRzeQdGK/zPuz0pvgls1
fC/v7DftoxcnbzUwj2llsbY9NTiJRx5GQwOO08h6jtgl0MRKicZ28wPNBYs7U2tO
9ax9ZFm3+WgJFOXMYjw2SwJieF0BZEIeaoG8+kvtgbCJ5zdJalkJkmp+RGKaqEsx
EluBf9nIMxruGHJ3yYl/RE5Y7p1oT3ZODPUqLeBmKiqkDZfYRanzD84lWcZMmqnU
HZIwwgxTKHQpmaoW2MifI7B3KOAtNMASSZML5quKPGN3AtITIVS3q+YtqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCY8BGVgRWHa6NW3JTe6Afn0cgMAMB8GA1UdIwQY
MBaAFEyKeIZmIlS+Oeoa3XJyjgAOssJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElwNGhtWWlWTDQ1NmhyZGNuS09BQTZ5d2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81Njg3YzEtZGY5Zi00YWU1LWE0Y2Mt
ZWMwM2ViZDE5MDAwLzEvSmp3RVpXQkZZZHJvMWJjbE43b0ItZlJ5QXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81Njg3YzEtZGY5Zi00YWU1LWE0Y2MtZWMwM2ViZDE5MDAw
LzEvVElwNGhtWWlWTDQ1NmhyZGNuS09BQTZ5d2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFUnFgAwQF
WcyAAwQCuWKMMA0GCSqGSIb3DQEBCwUAA4IBAQByASb8jAxKJ1727+30iZRtHgV7
Bw5rCeEMdC1kZrxW9OyNFBy2JuN+h8kYK1NpP1APHglPly+TmbzDsOIRrSmzuEmG
se3ZkaLyhJ5W26dtyR1nk3f92QBdf/aMleXdj73BJ6dVByJcpF/RR49XDkm2F7Pr
R/N7zaAHvKmlG2cr0eFFxIrD3sHoDcTskFr4COwNUIM3TvIuMrxVbYx1iCFvPBkB
qjGD0rvyKLdPEy8GDapKnsfMiTgheVfxUsJKP1x2HYrG5QusR/8gVVhArZuoOast
O/KHG62a7Vkf5ymnrhyEpm/PlUbDq1vPWtS8VDbGsNax9cLE5nHXmd8mI8ya
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:29:45 2025 by rpki-client