Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/JmRIXqWgLbHOS_DUn9tYXP3VwvE.roa
File: JmRIXqWgLbHOS_DUn9tYXP3VwvE.roa (raw, json)
Hash identifier: 07OywnLuhNnV2ffg9k1J1SDz7HRBDcbP+ENwBGJ8ZCU=
Subject key identifier: 26:64:48:5E:A5:A0:2D:B1:CE:4B:F0:D4:9F:DB:58:5C:FD:D5:C2:F1
Certificate issuer: /CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Certificate serial: 019426D8B8CADBB8F905B5043368DD37C8A7
Authority key identifier: 76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/JmRIXqWgLbHOS_DUn9tYXP3VwvE.roa
Signing time: Thu 02 Jan 2025 11:48:44 +0000
ROA not before: Thu 02 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207254
IP address blocks: 185.154.220.0/24 maxlen: 24
185.154.221.0/24 maxlen: 24
185.154.222.0/24 maxlen: 24
185.154.223.0/24 maxlen: 24
2a0b:6140:1::/48 maxlen: 48
2a0b:6140:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:b8:ca:db:b8:f9:05:b5:04:33:68:dd:37:c8:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Validity
Not Before: Jan 2 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2664485ea5a02db1ce4bf0d49fdb585cfdd5c2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1c:6d:23:66:8b:9d:91:d2:db:60:3e:86:e3:
99:87:24:44:f8:f4:50:50:6d:c5:83:50:04:5b:e5:
0d:18:35:23:00:5f:dc:73:d5:93:f7:fe:2e:b1:4c:
16:ab:64:4b:d1:12:db:e4:b1:30:de:f3:98:39:e5:
0b:6d:2e:77:b8:25:d2:74:2a:d0:d7:04:37:19:a3:
e3:60:fb:b0:e5:da:4f:53:89:1a:52:bf:a1:d9:18:
57:1f:cf:51:38:7d:1e:73:0a:c3:fd:92:f3:a7:45:
46:2e:b7:7b:9d:60:c3:99:92:1b:b5:4a:04:8b:fd:
62:ec:08:39:6d:34:02:d9:20:bb:32:ed:33:7c:84:
83:bd:26:cf:98:43:7d:38:28:53:48:44:45:79:5f:
33:8d:f8:2e:c2:96:e0:66:75:dc:36:8b:14:a1:4e:
5c:cf:17:98:7f:d2:37:c3:2f:05:06:9e:aa:94:16:
45:06:57:d8:dd:64:e3:24:32:14:88:6e:0a:ac:ad:
47:3b:24:cd:98:93:81:04:65:35:22:92:bf:88:a4:
a1:18:33:a9:cb:32:0c:97:70:88:bf:86:7a:5f:ed:
7a:52:37:be:41:78:91:de:d0:ea:17:49:df:78:5c:
ff:80:c3:e0:cf:9b:71:c3:1e:20:0b:a1:a3:f1:94:
e4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:64:48:5E:A5:A0:2D:B1:CE:4B:F0:D4:9F:DB:58:5C:FD:D5:C2:F1
X509v3 Authority Key Identifier:
keyid:76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/JmRIXqWgLbHOS_DUn9tYXP3VwvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.220.0/22
IPv6:
2a0b:6140:1::-2a0b:6140:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
37:08:60:31:02:1c:d7:f0:ad:0f:a8:84:be:5e:a2:fa:f5:6f:
1e:ef:c0:ec:fd:35:5a:ed:d2:90:ad:82:34:ac:59:87:9b:ff:
ec:a1:0d:85:56:95:e1:a1:d5:de:44:a9:2c:7d:8b:55:57:47:
e4:2e:eb:79:ff:79:01:70:66:8b:32:c2:d2:ba:74:4d:e5:8b:
80:0e:d6:51:39:04:c0:11:a3:b5:68:8d:50:7d:c9:4b:4f:8a:
37:70:95:78:0c:1c:ae:db:3b:d5:eb:8a:e2:d2:b1:fd:8f:7e:
d9:10:7e:69:91:e8:d1:ed:6e:cf:02:fd:ef:8c:20:61:2c:e8:
78:50:5d:f5:08:f5:b9:bb:a1:e6:e0:47:60:02:24:28:86:05:
6a:9b:19:24:67:b3:d1:3c:ac:b6:19:87:99:83:f9:84:00:71:
7d:a3:52:22:91:96:98:57:93:31:32:d6:02:88:c6:3f:79:0b:
ed:ae:dc:63:60:4a:3d:44:88:a2:75:c9:b3:f9:cc:1a:66:22:
4b:ee:8c:d3:ac:6c:a8:ed:b5:70:df:df:e7:e5:cb:15:40:ae:
c6:03:f3:da:9c:82:6b:5e:64:95:64:ff:d1:8a:8f:1d:ab:53:
ee:7d:d2:fc:8f:86:a0:1a:fa:2c:a1:c6:b2:00:59:11:b3:88:
0c:f9:2c:9c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2LjK27j5BbUEM2jdN8inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NWVhMzQwMGEzNzQ4YzNiNmM2MTI2OGQ0OTJmOGJmMGE5
MDgyMzkwHhcNMjUwMTAyMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjY0NDg1ZWE1YTAyZGIxY2U0YmYwZDQ5ZmRiNTg1Y2ZkZDVjMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBxtI2aLnZHS22A+huOZhyRE+PRQ
UG3Fg1AEW+UNGDUjAF/cc9WT9/4usUwWq2RL0RLb5LEw3vOYOeULbS53uCXSdCrQ
1wQ3GaPjYPuw5dpPU4kaUr+h2RhXH89ROH0ecwrD/ZLzp0VGLrd7nWDDmZIbtUoE
i/1i7Ag5bTQC2SC7Mu0zfISDvSbPmEN9OChTSERFeV8zjfguwpbgZnXcNosUoU5c
zxeYf9I3wy8FBp6qlBZFBlfY3WTjJDIUiG4KrK1HOyTNmJOBBGU1IpK/iKShGDOp
yzIMl3CIv4Z6X+16Uje+QXiR3tDqF0nfeFz/gMPgz5txwx4gC6Gj8ZTkQQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCZkSF6loC2xzkvw1J/bWFz91cLxMB8GA1UdIwQY
MBaAFHZeo0AKN0jDtsYSaNSS+L8KkII5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQt
MGZjNThlNThjYWM5LzEvSm1SSVhxV2dMYkhPU19EVW45dFlYUDNWd3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQtMGZjNThlNThjYWM5
LzEvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuZrcMBoE
AgACMBQwEgMHACoLYUAAAQMHACoLYUAAAjANBgkqhkiG9w0BAQsFAAOCAQEANwhg
MQIc1/CtD6iEvl6i+vVvHu/A7P01Wu3SkK2CNKxZh5v/7KENhVaV4aHV3kSpLH2L
VVdH5C7ref95AXBmizLC0rp0TeWLgA7WUTkEwBGjtWiNUH3JS0+KN3CVeAwcrts7
1euK4tKx/Y9+2RB+aZHo0e1uzwL974wgYSzoeFBd9Qj1ubuh5uBHYAIkKIYFapsZ
JGez0TysthmHmYP5hABxfaNSIpGWmFeTMTLWAojGP3kL7a7cY2BKPUSIonXJs/nM
GmYiS+6M06xsqO21cN/f5+XLFUCuxgPz2pyCa15klWT/0YqPHatT7n3S/I+GoBr6
LKHGsgBZEbOIDPksnA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:53 2025 by rpki-client