Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/Jkdiv5bBO_BKcgc0OerouNuGE1k.roa
File: Jkdiv5bBO_BKcgc0OerouNuGE1k.roa (raw, json)
Hash identifier: VbBTlFGzjAjrvA9wRAtB5k6JdTD926ZHlAXAShcRc2U=
Subject key identifier: 26:47:62:BF:96:C1:3B:F0:4A:72:07:34:39:EA:E8:B8:DB:86:13:59
Certificate issuer: /CN=ea0f5b221f6af32098f3064d68251b617892ac92
Certificate serial: 019420D64077A66103CF5A49E1E07019DC08
Authority key identifier: EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/Jkdiv5bBO_BKcgc0OerouNuGE1k.roa
Signing time: Wed 01 Jan 2025 07:48:19 +0000
ROA not before: Wed 01 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a03:1e80:303:200::/56 maxlen: 56
2a03:1e84:1900::/56 maxlen: 56
2a03:1e84:1900:200::/56 maxlen: 56
2a03:1e84:9260::/48 maxlen: 48
2a03:1e84:9261::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:40:77:a6:61:03:cf:5a:49:e1:e0:70:19:dc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f5b221f6af32098f3064d68251b617892ac92
Validity
Not Before: Jan 1 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=264762bf96c13bf04a72073439eae8b8db861359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:73:7a:05:1b:ae:64:72:27:f7:de:22:6b:
62:e2:a8:43:28:a7:1b:30:c8:d3:f0:1d:c5:da:93:
4e:fa:19:46:ad:bf:29:78:64:3b:0d:58:43:f8:ca:
35:63:65:24:37:f1:64:9c:e2:eb:ec:e6:fe:f9:f0:
66:93:d1:6c:b8:56:45:d2:8b:b6:ab:e8:48:ca:7d:
15:44:86:e3:22:a1:54:a3:af:71:f1:45:bd:90:1e:
dc:52:b8:42:8b:18:c4:86:c8:e5:c3:28:dd:13:56:
38:bd:91:ea:91:8d:dd:45:ac:c1:6c:e0:15:90:07:
bb:55:ff:4a:30:0c:e8:cc:c9:7b:cb:94:aa:ce:13:
3c:4a:3b:4f:36:1e:a5:15:8e:aa:d2:3a:58:bf:f8:
c7:29:45:f8:d0:67:e8:40:a6:b0:e0:68:ee:3f:9a:
5c:e8:f6:19:24:c7:d1:c6:a8:f4:27:ce:c1:c8:d4:
39:bf:95:99:6a:3c:3f:39:13:62:d1:2c:c7:9e:56:
41:48:4f:ef:68:83:95:55:21:13:ed:c1:ab:03:30:
21:b1:0c:d3:8b:de:03:9a:0e:3e:2b:2e:a5:67:05:
09:df:7f:ca:0f:48:3c:92:6a:ac:9e:12:34:ec:aa:
00:8f:36:e6:80:85:09:8b:1c:6b:02:de:5f:7e:c2:
8e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:47:62:BF:96:C1:3B:F0:4A:72:07:34:39:EA:E8:B8:DB:86:13:59
X509v3 Authority Key Identifier:
keyid:EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/Jkdiv5bBO_BKcgc0OerouNuGE1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:1e80:303:200::/56
2a03:1e84:1900::/56
2a03:1e84:1900:200::/56
2a03:1e84:9260::/47
Signature Algorithm: sha256WithRSAEncryption
3f:49:00:f9:6b:99:b0:6d:e6:86:c7:33:39:17:aa:df:69:fe:
13:e9:cd:f4:79:f9:8a:27:4d:06:aa:a8:16:c0:15:72:fc:df:
c0:62:ff:7c:66:01:db:3b:28:d8:8e:55:e1:d0:ba:ea:f2:ab:
d8:c1:56:1d:fa:e2:d7:71:d2:a3:05:6b:74:2f:fc:58:86:5d:
a7:0d:f5:c0:13:b2:ab:9c:77:1a:d6:3a:b7:21:40:1b:cf:af:
d6:50:cd:7e:e4:8a:b4:9a:b8:22:0b:9e:dd:e0:c4:1d:b3:3f:
58:a5:80:92:e0:69:c1:e8:4f:be:a7:4b:e8:a6:40:de:a0:5c:
39:82:17:18:21:62:c9:44:c1:43:ba:fd:79:79:59:01:1d:22:
89:fd:4f:4a:f3:c1:aa:cd:2f:db:1d:8b:ff:b1:75:7a:bc:38:
96:55:44:2c:2d:7c:9b:e4:bc:a3:53:a4:2a:37:1a:2c:a4:dc:
ff:60:14:36:36:ea:d8:ce:7d:8f:36:8c:83:60:e3:ec:df:b2:
94:95:af:68:ab:44:c3:0e:d7:08:23:8e:4f:33:b8:e6:e5:bc:
f3:09:e5:ce:7e:43:cf:4a:51:32:47:13:27:d6:4f:f2:73:14:
e4:ad:91:bc:07:43:6f:82:43:0d:ad:81:20:82:e5:89:29:d2:
a0:8c:f7:39
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQg1kB3pmEDz1pJ4eBwGdwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY1YjIyMWY2YWYzMjA5OGYzMDY0ZDY4MjUxYjYxNzg5
MmFjOTIwHhcNMjUwMTAxMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ3NjJiZjk2YzEzYmYwNGE3MjA3MzQzOWVhZThiOGRiODYxMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukNzegUbrmRyJ/feImti4qhDKKcb
MMjT8B3F2pNO+hlGrb8peGQ7DVhD+Mo1Y2UkN/FknOLr7Ob++fBmk9FsuFZF0ou2
q+hIyn0VRIbjIqFUo69x8UW9kB7cUrhCixjEhsjlwyjdE1Y4vZHqkY3dRazBbOAV
kAe7Vf9KMAzozMl7y5SqzhM8SjtPNh6lFY6q0jpYv/jHKUX40GfoQKaw4GjuP5pc
6PYZJMfRxqj0J87ByNQ5v5WZajw/ORNi0SzHnlZBSE/vaIOVVSET7cGrAzAhsQzT
i94Dmg4+Ky6lZwUJ33/KD0g8kmqsnhI07KoAjzbmgIUJixxrAt5ffsKOfQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCZHYr+WwTvwSnIHNDnq6LjbhhNZMB8GA1UdIwQY
MBaAFOoPWyIfavMgmPMGTWglG2F4kqySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgt
NTdlOTBjNTZhMGUyLzEvSmtkaXY1YkJPX0JLY2djME9lcm91TnVHRTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgtNTdlOTBjNTZhMGUy
LzEvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnAwgAKgMegAMD
AgMIACoDHoQZAAADCAAqAx6EGQACAwcBKgMehJJgMA0GCSqGSIb3DQEBCwUAA4IB
AQA/SQD5a5mwbeaGxzM5F6rfaf4T6c30efmKJ00GqqgWwBVy/N/AYv98ZgHbOyjY
jlXh0Lrq8qvYwVYd+uLXcdKjBWt0L/xYhl2nDfXAE7KrnHca1jq3IUAbz6/WUM1+
5Iq0mrgiC57d4MQdsz9YpYCS4GnB6E++p0vopkDeoFw5ghcYIWLJRMFDuv15eVkB
HSKJ/U9K88GqzS/bHYv/sXV6vDiWVUQsLXyb5LyjU6QqNxospNz/YBQ2NurYzn2P
NoyDYOPs37KUla9oq0TDDtcII45PM7jm5bzzCeXOfkPPSlEyRxMn1k/ycxTkrZG8
B0NvgkMNrYEgguWJKdKgjPc5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:31 2025 by rpki-client