Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/jegjWR7VprdJlP9Id7lnXfq_3BY.roa
File: jegjWR7VprdJlP9Id7lnXfq_3BY.roa (raw, json)
Hash identifier: 3+QVUbiATKXjEawCpJp9FdwXwbHQPUAeJSJ9r2KyWeA=
Subject key identifier: 8D:E8:23:59:1E:D5:A6:B7:49:94:FF:48:77:B9:67:5D:FA:BF:DC:16
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 0195F11525C14269283DA586F3319F178EC2
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/jegjWR7VprdJlP9Id7lnXfq_3BY.roa
Signing time: Tue 01 Apr 2025 11:20:49 +0000
ROA not before: Tue 01 Apr 2025 11:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 46.16.192.0/21 maxlen: 24
85.118.192.0/21 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.77.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.11.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
93.123.88.0/24 maxlen: 24
93.123.89.0/24 maxlen: 24
93.123.90.0/24 maxlen: 24
93.123.91.0/24 maxlen: 24
93.123.92.0/24 maxlen: 24
93.123.93.0/24 maxlen: 24
93.123.94.0/24 maxlen: 24
93.123.95.0/24 maxlen: 24
94.156.136.0/24 maxlen: 24
94.156.137.0/24 maxlen: 24
94.156.138.0/24 maxlen: 24
94.156.139.0/24 maxlen: 24
94.156.140.0/24 maxlen: 24
94.156.141.0/24 maxlen: 24
94.156.142.0/24 maxlen: 24
94.156.143.0/24 maxlen: 24
149.62.192.0/18 maxlen: 24
185.201.36.0/22 maxlen: 24
193.104.79.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
194.147.223.0/24 maxlen: 24
2a12:4700::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:15:25:c1:42:69:28:3d:a5:86:f3:31:9f:17:8e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Apr 1 11:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8de823591ed5a6b74994ff4877b9675dfabfdc16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a1:a4:26:4b:2f:31:b9:1e:fb:c5:76:8c:26:
b9:92:fb:b6:2c:2f:c1:3e:f4:40:f5:17:b7:73:d7:
41:d2:6e:2f:f7:d7:51:3f:80:7b:6f:18:24:47:2c:
f2:d6:2e:f3:61:fe:dd:fe:29:d5:d8:c2:0b:d4:56:
c8:0a:09:3b:24:0c:41:f0:60:29:06:36:14:f5:3c:
62:d7:c7:ce:d5:9f:b2:cf:a9:33:e9:fe:0f:db:bc:
de:52:f5:24:b9:6e:0e:b5:f0:e9:a8:72:9b:d0:62:
54:5c:b9:f0:3c:26:99:e2:43:ea:20:9c:91:92:2c:
0b:72:46:93:0b:e9:58:46:3a:d5:31:ba:ad:0a:32:
df:29:85:07:a6:dc:75:1d:be:83:1c:ba:f6:ed:fa:
20:8f:76:07:2c:e2:0f:b3:ed:c6:e1:71:55:a6:fb:
40:43:e4:bf:0e:23:4c:7b:19:ea:46:12:47:ad:a1:
31:09:f6:a1:7f:ce:78:3e:af:76:4c:ed:85:a4:bb:
b0:af:de:93:4e:74:65:cc:c4:b8:d2:64:e0:07:a2:
83:a6:f2:ad:e0:fa:a6:ee:ab:82:6d:1d:39:24:39:
88:40:8f:27:1f:45:29:ad:ef:51:c8:b5:b0:6c:72:
2b:1e:65:cf:a3:f4:78:c4:12:7f:6f:c6:fe:da:c3:
eb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E8:23:59:1E:D5:A6:B7:49:94:FF:48:77:B9:67:5D:FA:BF:DC:16
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/jegjWR7VprdJlP9Id7lnXfq_3BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.192.0/21
85.118.192.0/21
87.120.72.0/21
91.92.8.0/21
93.123.88.0/21
94.156.136.0/21
149.62.192.0/18
185.201.36.0/22
193.104.79.0/24
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
194.147.223.0/24
IPv6:
2a12:4700::/32
Signature Algorithm: sha256WithRSAEncryption
c8:87:52:9c:7a:3b:23:ff:c3:72:13:58:8d:73:05:eb:03:6b:
a6:91:89:4a:9d:b5:f0:65:d6:c3:ba:f3:d7:e3:a5:f1:45:bc:
27:b0:18:7b:c1:8a:08:3d:1c:21:6f:69:53:26:14:6e:e1:89:
3d:a3:e0:86:76:f5:a2:ee:ee:90:39:f3:60:d5:2e:1a:a4:f4:
6a:42:47:9f:e3:05:6e:f4:66:02:ae:25:06:84:0a:90:ce:9a:
e1:c1:a3:fc:7e:73:25:54:ae:88:11:86:ba:ce:a9:7a:96:aa:
5a:af:e8:96:f6:62:6a:3e:1f:11:a5:b8:9f:ff:03:e6:bc:e7:
c4:32:42:66:d6:98:1f:fc:cf:e4:6a:e4:e2:90:66:5c:48:ad:
27:0a:ba:b1:f3:95:39:98:a6:19:26:8d:fd:10:35:8a:22:a9:
31:d0:ec:ae:03:99:d3:67:75:e6:4d:3c:1a:77:fd:df:1a:79:
93:63:a0:05:e1:80:f5:83:f1:16:df:30:3a:4a:29:07:ed:4a:
f8:9e:1d:95:02:93:e0:54:7f:e0:7a:78:60:07:bf:48:e7:d6:
b2:ab:6a:9b:ac:fb:ca:c4:09:36:bb:9e:b1:6b:28:7b:c7:3f:
6f:95:60:5c:52:2a:7c:f3:06:88:1f:a5:ba:88:0c:84:3a:8d:
94:1b:ea:02
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZXxFSXBQmkoPaWG8zGfF47CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjUwNDAxMTEyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU4MjM1OTFlZDVhNmI3NDk5NGZmNDg3N2I5Njc1ZGZhYmZkYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaGkJksvMbke+8V2jCa5kvu2LC/B
PvRA9Re3c9dB0m4v99dRP4B7bxgkRyzy1i7zYf7d/inV2MIL1FbICgk7JAxB8GAp
BjYU9Txi18fO1Z+yz6kz6f4P27zeUvUkuW4OtfDpqHKb0GJUXLnwPCaZ4kPqIJyR
kiwLckaTC+lYRjrVMbqtCjLfKYUHptx1Hb6DHLr27fogj3YHLOIPs+3G4XFVpvtA
Q+S/DiNMexnqRhJHraExCfahf854Pq92TO2FpLuwr96TTnRlzMS40mTgB6KDpvKt
4Pqm7quCbR05JDmIQI8nH0Upre9RyLWwbHIrHmXPo/R4xBJ/b8b+2sPrRQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFI3oI1ke1aa3SZT/SHe5Z136v9wWMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvamVnaldSN1ZwcmRKbFA5SWQ3bG5YZnFfM0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQDLhDAAwQD
VXbAAwQDV3hIAwQDW1wIAwQDXXtYAwQDXpyIAwQGlT7AAwQCuckkAwQAwWhPAwQA
wcGrAwQAwcG2AwQAwcKTAwQAwcKbAwQAwpPfMA0EAgACMAcDBQAqEkcAMA0GCSqG
SIb3DQEBCwUAA4IBAQDIh1Kcejsj/8NyE1iNcwXrA2umkYlKnbXwZdbDuvPX46Xx
RbwnsBh7wYoIPRwhb2lTJhRu4Yk9o+CGdvWi7u6QOfNg1S4apPRqQkef4wVu9GYC
riUGhAqQzprhwaP8fnMlVK6IEYa6zql6lqpar+iW9mJqPh8Rpbif/wPmvOfEMkJm
1pgf/M/kauTikGZcSK0nCrqx85U5mKYZJo39EDWKIqkx0OyuA5nTZ3XmTTwad/3f
GnmTY6AF4YD1g/EW3zA6SikH7Ur4nh2VApPgVH/genhgB79I59ayq2qbrPvKxAk2
u56xayh7xz9vlWBcUip88waIH6W6iAyEOo2UG+oC
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:41:31 2025 by rpki-client