Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Jaf-Nc0O1GOCePBZlGQ18UYp4xo.roa
File: Jaf-Nc0O1GOCePBZlGQ18UYp4xo.roa (raw, json)
Hash identifier: 4lquctxZybthnn7HIcusM8tbPg35K5u3vKHWESNtRoo=
Subject key identifier: 25:A7:FE:35:CD:0E:D4:63:82:78:F0:59:94:64:35:F1:46:29:E3:1A
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01941F8BFE9760FDB817A0754BF4C7875734
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Jaf-Nc0O1GOCePBZlGQ18UYp4xo.roa
Signing time: Wed 01 Jan 2025 01:47:35 +0000
ROA not before: Wed 01 Jan 2025 01:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25717
IP address blocks: 171.25.138.0/24 maxlen: 24
171.25.139.0/24 maxlen: 24
171.25.140.0/24 maxlen: 24
171.25.141.0/24 maxlen: 24
171.25.142.0/24 maxlen: 24
171.25.143.0/24 maxlen: 24
193.221.16.0/24 maxlen: 24
193.221.17.0/24 maxlen: 24
193.221.18.0/24 maxlen: 24
193.221.19.0/24 maxlen: 24
193.221.20.0/24 maxlen: 24
193.221.21.0/24 maxlen: 24
193.221.22.0/24 maxlen: 24
193.221.23.0/24 maxlen: 24
193.221.32.0/24 maxlen: 24
193.221.33.0/24 maxlen: 24
193.221.34.0/24 maxlen: 24
193.221.35.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.54.0/23 maxlen: 23
193.221.56.0/24 maxlen: 24
193.221.57.0/24 maxlen: 24
193.221.68.0/24 maxlen: 24
193.221.69.0/24 maxlen: 24
193.221.70.0/23 maxlen: 23
193.221.72.0/24 maxlen: 24
193.221.74.0/24 maxlen: 24
193.221.75.0/24 maxlen: 24
193.221.76.0/24 maxlen: 24
193.221.77.0/24 maxlen: 24
193.221.78.0/24 maxlen: 24
193.221.79.0/24 maxlen: 24
193.221.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:fe:97:60:fd:b8:17:a0:75:4b:f4:c7:87:57:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 1 01:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25a7fe35cd0ed4638278f059946435f14629e31a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ec:1b:87:ef:cb:2a:89:9d:52:71:89:a2:48:
ec:73:41:a1:60:f6:b5:7b:59:eb:7e:38:60:f3:26:
12:01:e3:3d:18:40:5b:b4:49:43:bd:12:39:4b:47:
10:1e:6c:ba:2b:67:88:01:6f:9a:68:59:b8:b0:9d:
89:71:ba:15:2c:25:05:2e:e5:41:a7:33:b6:c6:b2:
08:d2:58:8e:91:66:f9:b9:9c:3a:a6:b0:fc:f4:d9:
94:d3:85:31:dd:57:6b:c9:37:26:3c:f3:de:c1:10:
18:7b:60:e4:16:09:6d:4f:d0:32:ac:40:70:86:35:
c4:e3:14:81:dc:d4:5c:09:93:e6:b0:11:cf:cc:63:
05:63:02:c2:48:98:98:91:5a:c3:08:d9:6a:5c:c8:
b7:39:1d:c7:f9:a3:f6:c4:54:f0:04:c7:eb:7b:b8:
c1:5c:17:64:b2:08:df:a6:c7:24:e5:3f:fb:78:4c:
52:6d:62:5a:87:95:30:0c:64:3b:4d:0f:c1:74:23:
0a:5f:a7:a7:30:97:cc:20:ae:0e:d5:47:69:ab:77:
7a:96:bb:65:e8:14:60:e4:d6:2f:f1:eb:fa:ec:10:
94:d9:7c:52:6e:53:23:4b:a8:e1:95:24:a7:88:75:
22:85:30:3e:2c:1c:0a:d2:1f:0c:e5:c2:cb:00:05:
13:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A7:FE:35:CD:0E:D4:63:82:78:F0:59:94:64:35:F1:46:29:E3:1A
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Jaf-Nc0O1GOCePBZlGQ18UYp4xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.138.0-171.25.143.255
193.221.16.0/21
193.221.32.0/22
193.221.38.0/24
193.221.54.0-193.221.57.255
193.221.68.0-193.221.72.255
193.221.74.0-193.221.80.255
Signature Algorithm: sha256WithRSAEncryption
7e:2a:af:21:14:f3:cd:c8:cf:12:33:b0:e3:3c:35:0c:58:ee:
ad:c0:a9:90:03:19:89:b8:0e:e6:8b:86:7b:8d:a2:0e:a1:46:
d6:98:0a:39:fe:17:36:18:44:5d:54:59:89:da:c4:62:d2:14:
db:c4:df:0e:bb:9c:d8:7d:6d:34:e3:8b:d1:0d:fc:83:70:78:
dc:a0:56:b3:ec:37:83:15:29:e7:ad:99:70:ba:32:85:64:7f:
2c:f1:ad:ce:44:3c:48:ea:f5:d0:d9:80:ab:38:be:7b:2f:b2:
8d:f7:f8:a9:2b:e9:92:66:d1:7d:ae:d4:1d:7c:de:88:ad:f6:
1f:2d:b2:67:7c:f1:cb:3c:9d:c8:0e:ef:69:f7:39:70:8c:7d:
af:c4:b0:5e:20:89:50:96:05:aa:f7:7e:d0:70:31:d5:b5:c7:
62:4b:1d:ce:d7:1f:8c:25:d3:ce:90:18:02:03:ac:3f:cb:75:
a4:b1:2e:71:31:d5:ae:8f:10:71:f6:48:b7:27:86:42:1b:ea:
60:38:ef:b6:9f:67:76:63:80:54:32:99:79:c7:63:16:6e:5d:
26:6b:9f:87:3c:37:e4:ac:fb:31:fb:a4:47:59:7a:76:18:01:
a5:57:08:97:56:99:7f:0a:84:7d:f7:1d:c5:14:45:36:c7:e9:
ad:f3:cf:0f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQfi/6XYP24F6B1S/THh1c0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjUwMTAxMDE0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE3ZmUzNWNkMGVkNDYzODI3OGYwNTk5NDY0MzVmMTQ2MjllMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Owbh+/LKomdUnGJokjsc0GhYPa1
e1nrfjhg8yYSAeM9GEBbtElDvRI5S0cQHmy6K2eIAW+aaFm4sJ2JcboVLCUFLuVB
pzO2xrII0liOkWb5uZw6prD89NmU04Ux3VdryTcmPPPewRAYe2DkFgltT9AyrEBw
hjXE4xSB3NRcCZPmsBHPzGMFYwLCSJiYkVrDCNlqXMi3OR3H+aP2xFTwBMfre7jB
XBdksgjfpsck5T/7eExSbWJah5UwDGQ7TQ/BdCMKX6enMJfMIK4O1Udpq3d6lrtl
6BRg5NYv8ev67BCU2XxSblMjS6jhlSSniHUihTA+LBwK0h8M5cLLAAUTcQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCWn/jXNDtRjgnjwWZRkNfFGKeMaMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvSmFmLU5jME8xR09DZVBCWmxHUTE4VVlwNHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAGrGYoD
BASrGYADBAPB3RADBALB3SADBADB3SYwDAMEAcHdNgMEAcHdODAMAwQCwd1EAwQA
wd1IMAwDBAHB3UoDBADB3VAwDQYJKoZIhvcNAQELBQADggEBAH4qryEU883IzxIz
sOM8NQxY7q3AqZADGYm4DuaLhnuNog6hRtaYCjn+FzYYRF1UWYnaxGLSFNvE3w67
nNh9bTTji9EN/INweNygVrPsN4MVKeetmXC6MoVkfyzxrc5EPEjq9dDZgKs4vnsv
so33+Kkr6ZJm0X2u1B183oit9h8tsmd88cs8ncgO72n3OXCMfa/EsF4giVCWBar3
ftBwMdW1x2JLHc7XH4wl086QGAIDrD/LdaSxLnEx1a6PEHH2SLcnhkIb6mA477af
Z3ZjgFQymXnHYxZuXSZrn4c8N+Ss+zH7pEdZenYYAaVXCJdWmX8KhH33HcUURTbH
6a3zzw8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:54 2025 by rpki-client