Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/jgvyflC9cxUvuv1ddomja9gsSes.roa
File: jgvyflC9cxUvuv1ddomja9gsSes.roa (raw, json)
Hash identifier: 5URFyBRZ0uEAXpl92dbXCwRyKauPGInl6RJ5C4/n3ps=
Subject key identifier: 8E:0B:F2:7E:50:BD:73:15:2F:BA:FD:5D:76:89:A3:6B:D8:2C:49:EB
Certificate issuer: /CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2
Certificate serial: 01941FFA8CC3F80D14350C5A8442DFA62ADD
Authority key identifier: 50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/jgvyflC9cxUvuv1ddomja9gsSes.roa
Signing time: Wed 01 Jan 2025 03:48:20 +0000
ROA not before: Wed 01 Jan 2025 03:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51887
IP address blocks: 91.220.159.0/24 maxlen: 24
91.221.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:8c:c3:f8:0d:14:35:0c:5a:84:42:df:a6:2a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2
Validity
Not Before: Jan 1 03:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e0bf27e50bd73152fbafd5d7689a36bd82c49eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ee:70:25:08:6e:0e:41:f0:ae:63:b4:6f:15:
57:3f:81:63:07:18:9b:09:67:20:3c:f3:18:40:38:
64:e7:36:28:c4:7c:b7:d6:07:7f:a3:82:f9:41:3b:
b0:8f:07:81:42:ae:cf:28:40:20:11:94:ea:de:79:
ec:d5:d8:c1:b2:2b:e6:b4:d0:98:7a:30:d8:83:be:
79:cd:25:36:e9:44:b3:8a:69:a0:8a:b5:00:c7:a6:
e3:fc:31:41:93:df:46:2a:8a:4b:b6:ad:94:7a:dc:
f9:96:48:4e:1e:60:31:70:c4:fd:d8:c3:60:6f:9d:
5b:9f:1b:3e:17:0e:65:08:77:fc:b7:f8:6c:09:96:
2b:89:61:56:29:34:e2:c4:a0:bd:63:3d:27:9d:4d:
70:d0:5d:f2:4a:20:2d:5d:d1:cf:9a:65:e3:05:64:
7b:ad:c5:23:27:41:a4:47:09:a4:08:24:8e:56:4b:
ef:7c:69:e2:1a:18:c6:ba:44:a7:0e:36:2d:e8:96:
4a:5e:67:d0:8b:de:9b:e5:ea:60:b2:c1:e6:34:58:
97:46:f3:5f:b3:1b:b4:ff:66:5b:60:9f:66:54:1e:
e4:7a:fa:19:1d:11:1d:cf:dd:a2:53:ee:fd:8c:1a:
b5:a8:3e:f4:7f:d3:c2:fd:c3:61:ac:a0:3e:5e:8b:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0B:F2:7E:50:BD:73:15:2F:BA:FD:5D:76:89:A3:6B:D8:2C:49:EB
X509v3 Authority Key Identifier:
keyid:50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/jgvyflC9cxUvuv1ddomja9gsSes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.159.0/24
91.221.120.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:f9:06:64:af:83:28:4f:e9:8e:9c:8c:69:35:a0:a6:bd:ac:
c1:32:3c:79:a4:2f:8c:19:eb:7e:9c:64:b8:eb:59:91:63:c6:
22:00:82:67:17:ad:b2:f3:cf:31:e9:b5:0f:a1:fa:23:4d:59:
eb:13:0e:a6:18:18:47:99:42:ff:d1:12:a8:66:33:fa:0c:2a:
61:d7:41:02:a9:6b:83:fc:eb:5e:b2:cb:32:60:62:90:58:31:
cd:2c:5f:58:b9:e7:50:8b:e4:cf:20:79:85:96:48:2f:61:8c:
8d:63:40:4a:81:97:05:99:24:85:a5:47:44:fc:82:73:15:5c:
e4:4c:93:c9:7a:f4:c1:a7:15:c3:09:3a:7b:f4:06:ba:c8:c3:
09:d9:f6:a9:07:a5:1c:40:d7:5b:dc:6a:99:b0:9f:71:a8:a1:
f7:19:54:a0:2b:00:47:d0:07:7e:e1:48:cc:f5:62:ac:5c:58:
27:f5:40:75:7a:df:f4:36:83:16:2c:d5:6e:ef:d8:24:7c:c6:
85:d0:48:c0:5c:71:3d:0d:73:df:80:5d:21:b5:ab:54:63:cb:
da:00:d5:63:c2:02:4a:1b:1d:af:eb:c4:72:bf:ed:a8:ba:d9:
73:cc:30:79:18:26:0c:15:46:0c:89:0c:59:64:bd:b7:e3:04:
1f:12:10:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+ozD+A0UNQxahELfpirdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMmMzN2U3ZWNiNTliNjY3ZmE4MmVjZjA5M2U1ZWQ4NzY2
MWE4ZTIwHhcNMjUwMTAxMDM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBiZjI3ZTUwYmQ3MzE1MmZiYWZkNWQ3Njg5YTM2YmQ4MmM0OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe5wJQhuDkHwrmO0bxVXP4FjBxib
CWcgPPMYQDhk5zYoxHy31gd/o4L5QTuwjweBQq7PKEAgEZTq3nns1djBsivmtNCY
ejDYg755zSU26USzimmgirUAx6bj/DFBk99GKopLtq2Uetz5lkhOHmAxcMT92MNg
b51bnxs+Fw5lCHf8t/hsCZYriWFWKTTixKC9Yz0nnU1w0F3ySiAtXdHPmmXjBWR7
rcUjJ0GkRwmkCCSOVkvvfGniGhjGukSnDjYt6JZKXmfQi96b5epgssHmNFiXRvNf
sxu0/2ZbYJ9mVB7kevoZHREdz92iU+79jBq1qD70f9PC/cNhrKA+Xour9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI4L8n5QvXMVL7r9XXaJo2vYLEnrMB8GA1UdIwQY
MBaAFFAsN+fstZtmf6guzwk+Xth2YajiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWIt
YmExNDg0M2M1NDljLzEvamd2eWZsQzljeFV2dXYxZGRvbWphOWdzU2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWItYmExNDg0M2M1NDlj
LzEvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yfAwQB
W914MA0GCSqGSIb3DQEBCwUAA4IBAQCP+QZkr4MoT+mOnIxpNaCmvazBMjx5pC+M
Get+nGS461mRY8YiAIJnF62y888x6bUPofojTVnrEw6mGBhHmUL/0RKoZjP6DCph
10ECqWuD/OtesssyYGKQWDHNLF9YuedQi+TPIHmFlkgvYYyNY0BKgZcFmSSFpUdE
/IJzFVzkTJPJevTBpxXDCTp79Aa6yMMJ2fapB6UcQNdb3GqZsJ9xqKH3GVSgKwBH
0Ad+4UjM9WKsXFgn9UB1et/0NoMWLNVu79gkfMaF0EjAXHE9DXPfgF0htatUY8va
ANVjwgJKGx2v68Ryv+2outlzzDB5GCYMFUYMiQxZZL234wQfEhBa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:16 2025 by rpki-client