Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/jWdU42AeB5hmcNLcJB4amqPIFto.roa
File: jWdU42AeB5hmcNLcJB4amqPIFto.roa (raw, json)
Hash identifier: qbiegPKmrBhrxPY1qr/z8fci1piffaE6KNVioMcvGi4=
Subject key identifier: 8D:67:54:E3:60:1E:07:98:66:70:D2:DC:24:1E:1A:9A:A3:C8:16:DA
Certificate issuer: /CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Certificate serial: 019426D9D1705F1D19FD336F87A2EC350680
Authority key identifier: DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/jWdU42AeB5hmcNLcJB4amqPIFto.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45014
IP address blocks: 80.93.160.0/20 maxlen: 24
92.60.96.0/20 maxlen: 24
159.253.56.0/21 maxlen: 24
185.18.32.0/24 maxlen: 24
185.184.236.0/22 maxlen: 22
194.150.252.0/23 maxlen: 24
217.172.128.0/20 maxlen: 24
2a00:1a90::/32 maxlen: 48
2a03:f2c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d1:70:5f:1d:19:fd:33:6f:87:a2:ec:35:06:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d6754e3601e07986670d2dc241e1a9aa3c816da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1e:3d:48:4e:66:2c:c4:0e:a6:8a:42:78:9b:
1b:64:7f:3a:8d:08:99:65:60:26:73:36:b7:c7:28:
fa:fb:01:6d:24:29:9e:66:4a:73:28:04:fe:54:50:
e8:1f:c4:fc:0e:33:56:14:3e:fb:f6:f5:c9:e8:a0:
9f:91:0f:6f:c5:aa:42:29:52:06:e7:d3:1b:59:57:
40:ee:2c:41:56:56:2c:bf:3f:dc:ac:1c:ed:77:4d:
e2:4d:8f:5b:c5:ab:54:3f:74:74:03:b8:7b:b3:c3:
07:1a:a3:90:5b:0b:f4:d8:ae:54:d5:b6:4b:6a:6b:
60:e0:4b:db:43:f0:ab:0b:e4:75:22:70:25:d5:98:
88:02:92:06:a1:08:c8:70:01:b9:f8:2d:c3:64:64:
74:bd:08:3b:26:8c:32:24:dd:0b:c4:e5:d6:08:56:
f4:73:dc:5b:83:0e:8d:33:b1:3b:9b:c0:43:60:a4:
d8:c9:f0:03:3a:1f:e2:e4:ff:a2:ec:77:f3:bb:76:
52:10:ed:c1:4d:70:82:51:f3:5f:79:d1:5f:7f:38:
12:92:72:0e:c7:d1:98:4d:b0:3e:f8:10:5f:5c:84:
ca:ef:bd:6f:cc:d5:b7:4c:9d:60:ae:64:82:12:ec:
db:9e:10:55:eb:b6:fb:ef:7a:f5:94:ea:38:dc:50:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:67:54:E3:60:1E:07:98:66:70:D2:DC:24:1E:1A:9A:A3:C8:16:DA
X509v3 Authority Key Identifier:
keyid:DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/jWdU42AeB5hmcNLcJB4amqPIFto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.160.0/20
92.60.96.0/20
159.253.56.0/21
185.18.32.0/24
185.184.236.0/22
194.150.252.0/23
217.172.128.0/20
IPv6:
2a00:1a90::/32
2a03:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:0d:a5:52:bd:ab:cd:81:47:25:c0:af:ca:88:df:d1:6c:64:
ac:92:8e:d8:2b:d2:a8:8e:cd:6a:d6:e5:1d:06:8b:c3:ba:f4:
b5:8a:c7:89:8e:fd:99:3c:e9:68:4a:9b:2d:2c:70:ba:fc:2c:
fb:96:80:4c:fc:5b:44:d1:23:d5:c8:08:3d:1d:94:0b:27:eb:
90:9d:fd:a5:6e:83:03:da:7b:ba:c2:6f:16:54:3c:db:9f:83:
10:dc:6c:aa:cc:2b:02:51:77:61:0e:4b:1d:1b:96:1e:3f:32:
c6:f2:a2:0c:2e:ec:eb:5d:32:9d:58:00:70:6a:83:7f:ed:0a:
1b:7e:b0:a5:c2:36:bb:2c:c5:c7:1f:54:66:57:76:bc:88:2b:
2e:d6:52:73:bd:e4:1b:a1:bf:13:32:d8:3f:32:83:06:8a:83:
66:b9:d4:ee:74:d6:a6:37:39:fe:a6:46:e9:c4:a9:dc:9e:e8:
7a:f0:87:45:cf:5d:c1:19:ca:d5:40:76:90:c8:a6:23:3c:c2:
d0:91:90:38:e8:db:f5:77:a0:19:05:b9:30:75:d5:ad:38:6d:
6d:c7:1f:4b:49:c8:49:15:b4:b1:8e:77:1b:13:74:cb:ff:f4:
45:1e:e7:39:80:4f:d6:b9:9a:2e:bb:47:21:34:96:1c:05:f9:
14:c6:75:0d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQm2dFwXx0Z/TNvh6LsNQaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYTdjMWUwZThhMWM3YWQwMmQwYmI4MjhiNDExODhh
ZTUyNDMwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDY3NTRlMzYwMWUwNzk4NjY3MGQyZGMyNDFlMWE5YWEzYzgxNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8h49SE5mLMQOpopCeJsbZH86jQiZ
ZWAmcza3xyj6+wFtJCmeZkpzKAT+VFDoH8T8DjNWFD779vXJ6KCfkQ9vxapCKVIG
59MbWVdA7ixBVlYsvz/crBztd03iTY9bxatUP3R0A7h7s8MHGqOQWwv02K5U1bZL
amtg4EvbQ/CrC+R1InAl1ZiIApIGoQjIcAG5+C3DZGR0vQg7JowyJN0LxOXWCFb0
c9xbgw6NM7E7m8BDYKTYyfADOh/i5P+i7Hfzu3ZSEO3BTXCCUfNfedFffzgSknIO
x9GYTbA++BBfXITK771vzNW3TJ1grmSCEuzbnhBV67b773r1lOo43FBCLQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFI1nVONgHgeYZnDS3CQeGpqjyBbaMB8GA1UdIwQY
MBaAFNvgynweDoocetAtC7gotBGIrlJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMt
NGY5MTEyZWRlOTY4LzEvaldkVTQyQWVCNWhtY05MY0pCNGFtcVBJRnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMtNGY5MTEyZWRlOTY4
LzEvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEUF2gAwQE
XDxgAwQDn/04AwQAuRIgAwQCubjsAwQBwpb8AwQE2ayAMBQEAgACMA4DBQAqABqQ
AwUAKgPywDANBgkqhkiG9w0BAQsFAAOCAQEABA2lUr2rzYFHJcCvyojf0WxkrJKO
2CvSqI7NatblHQaLw7r0tYrHiY79mTzpaEqbLSxwuvws+5aATPxbRNEj1cgIPR2U
CyfrkJ39pW6DA9p7usJvFlQ825+DENxsqswrAlF3YQ5LHRuWHj8yxvKiDC7s610y
nVgAcGqDf+0KG36wpcI2uyzFxx9UZld2vIgrLtZSc73kG6G/EzLYPzKDBoqDZrnU
7nTWpjc5/qZG6cSp3J7oevCHRc9dwRnK1UB2kMimIzzC0JGQOOjb9XegGQW5MHXV
rThtbccfS0nISRW0sY53GxN0y//0RR7nOYBP1rmaLrtHITSWHAX5FMZ1DQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:59:51 2025 by rpki-client