Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/j_zwA3lMJMAwX3hbOGDvv36TWxI.roa
File: j_zwA3lMJMAwX3hbOGDvv36TWxI.roa (raw, json)
Hash identifier: jFs+ea1KgMM5z88rmof87A9yhp5WnGLZNGkzRM11ISg=
Subject key identifier: 8F:FC:F0:03:79:4C:24:C0:30:5F:78:5B:38:60:EF:BF:7E:93:5B:12
Certificate issuer: /CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Certificate serial: 0194258EAFB383223463F94B3095F814899D
Authority key identifier: 74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/j_zwA3lMJMAwX3hbOGDvv36TWxI.roa
Signing time: Thu 02 Jan 2025 05:48:15 +0000
ROA not before: Thu 02 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210318
IP address blocks: 94.156.75.0/24 maxlen: 24
185.37.232.0/24 maxlen: 24
185.37.233.0/24 maxlen: 24
185.37.234.0/24 maxlen: 24
185.37.235.0/24 maxlen: 24
185.37.235.2/32 maxlen: 32
194.55.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 05:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:af:b3:83:22:34:63:f9:4b:30:95:f8:14:89:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Validity
Not Before: Jan 2 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ffcf003794c24c0305f785b3860efbf7e935b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:78:4d:5f:4d:9d:87:14:0f:75:88:4a:a5:66:
21:08:ac:66:33:79:b2:4e:04:0a:bd:29:0f:3a:92:
af:5a:f8:92:f9:43:86:cb:ed:db:fe:b9:28:36:81:
9c:f9:3c:4d:07:a2:d0:86:d9:c3:00:30:fb:9d:fc:
04:83:d9:c6:11:27:50:10:d3:9c:71:3c:8d:1b:d1:
e6:2b:36:26:ce:a6:b4:fc:57:44:19:4f:e5:7b:e2:
04:f3:8e:17:dc:2f:c7:37:2f:7d:fd:ce:fc:18:f3:
84:af:3f:8f:a2:b3:91:4e:62:c3:ea:b0:39:fc:02:
ac:65:e7:0a:6d:67:5c:7e:a6:83:c9:44:14:1b:36:
2e:bf:23:bd:51:43:60:06:9c:31:14:29:8d:6d:8a:
a0:41:79:0e:29:a4:be:99:b1:60:65:ec:42:fd:64:
c6:3a:63:ad:44:a8:c8:ee:da:37:5b:90:5d:8c:72:
aa:c1:7b:4d:72:64:8b:c5:2d:0b:44:5e:92:6a:b7:
34:50:cd:12:e3:53:b0:55:0f:fb:bc:15:a9:eb:5f:
29:5f:19:cf:33:9c:5e:91:5a:b2:e7:fb:fd:9d:95:
23:a4:91:a0:5b:7c:b1:a7:cb:4d:a5:6f:65:6e:6b:
45:1d:90:9c:5e:1f:8a:cd:c1:51:20:03:2c:93:12:
76:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:FC:F0:03:79:4C:24:C0:30:5F:78:5B:38:60:EF:BF:7E:93:5B:12
X509v3 Authority Key Identifier:
keyid:74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/j_zwA3lMJMAwX3hbOGDvv36TWxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.75.0/24
185.37.232.0/22
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:c3:22:da:2e:50:19:2d:be:e3:04:64:f8:f0:d6:79:2c:5d:
6f:38:5a:32:0f:76:1a:73:d6:f0:b6:d3:fd:f6:7f:d7:1e:87:
22:75:7e:6c:d2:c7:81:87:d8:43:6c:1c:0e:be:30:4d:4c:0f:
85:8d:90:b5:74:99:be:5e:8a:de:b4:ad:58:04:f3:0a:bb:33:
f8:2f:85:af:2c:11:2f:54:d4:c8:7d:20:1e:0e:46:cf:41:97:
68:dc:70:c0:29:ce:4d:8c:a2:01:9c:63:20:8d:1d:14:92:98:
5e:3f:28:8d:f0:11:21:ac:cb:c5:1f:bc:c9:61:58:a5:93:45:
3c:67:63:be:ba:bc:5e:d9:7a:d5:00:e3:72:30:2a:75:86:14:
84:e2:8b:5b:58:a0:1a:e1:22:80:72:bd:f1:3c:e3:d7:24:35:
3a:f7:a4:e1:24:0d:72:54:53:e1:35:10:f6:40:3a:52:7b:d6:
fa:60:ae:e6:47:b8:21:30:52:88:1a:09:8e:5a:d3:8d:e2:4f:
70:06:28:f2:11:b8:e9:2a:78:33:43:fb:0c:41:c7:af:c9:a5:
d0:95:0e:90:30:6f:ed:8a:68:58:7a:ed:11:1b:69:d7:ab:d3:
72:de:38:28:2a:5d:18:c3:7f:69:18:1c:37:b9:9a:83:c6:de:
30:52:39:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQljq+zgyI0Y/lLMJX4FImdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTU5YjdmYjRlMDM0ZjY3Nzc1ZjI4NzVlZmJmYzllZmYy
NDdlOGUwHhcNMjUwMTAyMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmZjZjAwMzc5NGMyNGMwMzA1Zjc4NWIzODYwZWZiZjdlOTM1YjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXhNX02dhxQPdYhKpWYhCKxmM3my
TgQKvSkPOpKvWviS+UOGy+3b/rkoNoGc+TxNB6LQhtnDADD7nfwEg9nGESdQENOc
cTyNG9HmKzYmzqa0/FdEGU/le+IE844X3C/HNy99/c78GPOErz+PorORTmLD6rA5
/AKsZecKbWdcfqaDyUQUGzYuvyO9UUNgBpwxFCmNbYqgQXkOKaS+mbFgZexC/WTG
OmOtRKjI7to3W5BdjHKqwXtNcmSLxS0LRF6Sarc0UM0S41OwVQ/7vBWp618pXxnP
M5xekVqy5/v9nZUjpJGgW3yxp8tNpW9lbmtFHZCcXh+KzcFRIAMskxJ2KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI/88AN5TCTAMF94Wzhg779+k1sSMB8GA1UdIwQY
MBaAFHSlm3+04DT2d3Xyh177/J7/JH6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2It
YWQzMmVmNDlkNDE5LzEval96d0EzbE1KTUF3WDNoYk9HRHZ2MzZUV3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2ItYWQzMmVmNDlkNDE5
LzEvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXpxLAwQC
uSXoAwQAwje7MA0GCSqGSIb3DQEBCwUAA4IBAQC/wyLaLlAZLb7jBGT48NZ5LF1v
OFoyD3Yac9bwttP99n/XHocidX5s0seBh9hDbBwOvjBNTA+FjZC1dJm+XoretK1Y
BPMKuzP4L4WvLBEvVNTIfSAeDkbPQZdo3HDAKc5NjKIBnGMgjR0UkphePyiN8BEh
rMvFH7zJYVilk0U8Z2O+urxe2XrVAONyMCp1hhSE4otbWKAa4SKAcr3xPOPXJDU6
96ThJA1yVFPhNRD2QDpSe9b6YK7mR7ghMFKIGgmOWtON4k9wBijyEbjpKngzQ/sM
QcevyaXQlQ6QMG/timhYeu0RG2nXq9Ny3jgoKl0Yw39pGBw3uZqDxt4wUjm+
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:32:32 2025 by rpki-client