Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/jiri3_1wYxUytGVauPuF_p1QcDE.roa
File: jiri3_1wYxUytGVauPuF_p1QcDE.roa (raw, json)
Hash identifier: pAKnIcLWyugWirmmWEvyvb0vortDg2AUGgIHTvMYhkg=
Subject key identifier: 8E:2A:E2:DF:FD:70:63:15:32:B4:65:5A:B8:FB:85:FE:9D:50:70:31
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 0194266C1696663106E86873C4660BDA902E
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/jiri3_1wYxUytGVauPuF_p1QcDE.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3302
IP address blocks: 62.94.0.0/16 maxlen: 24
81.92.32.0/20 maxlen: 20
83.211.0.0/16 maxlen: 24
185.82.0.0/22 maxlen: 22
194.20.0.0/16 maxlen: 24
194.21.0.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
194.153.208.0/22 maxlen: 24
195.62.224.0/19 maxlen: 24
212.90.0.0/19 maxlen: 24
212.110.0.0/19 maxlen: 24
213.136.128.0/18 maxlen: 24
213.149.192.0/19 maxlen: 19
213.183.128.0/19 maxlen: 19
213.198.128.0/18 maxlen: 24
217.15.208.0/20 maxlen: 24
217.29.160.0/20 maxlen: 20
2001:750::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:16:96:66:31:06:e8:68:73:c4:66:0b:da:90:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e2ae2dffd70631532b4655ab8fb85fe9d507031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f7:91:34:39:d0:24:c7:52:37:a3:5a:c2:15:
85:27:86:0b:4e:71:98:98:ba:c8:7b:11:50:12:dd:
94:a2:b8:88:70:83:9b:67:10:fc:ac:92:71:50:c5:
90:f1:7f:fb:d4:6e:5e:70:e8:92:b5:11:03:68:71:
fb:00:33:2a:4e:b4:87:98:86:3b:3b:75:d1:13:17:
73:24:fa:23:25:41:ef:0d:bc:5b:4a:26:48:73:45:
37:96:56:19:66:de:bd:a1:70:60:ae:2c:78:4f:e5:
76:28:60:ea:4b:1e:c8:80:ca:45:a6:c7:f4:0f:70:
e0:ca:09:a2:30:72:b0:42:9d:ce:a0:cd:25:8c:8d:
d7:5c:45:8b:04:c1:c7:4c:69:f1:b0:59:13:9d:96:
dd:29:2e:90:cc:4f:32:54:50:ef:47:ab:da:7d:f0:
88:c8:72:17:66:29:80:71:d3:e5:2f:0e:35:df:08:
ee:00:0e:be:26:d1:2e:8b:a8:71:69:11:2f:c8:67:
ca:6e:82:2c:ad:cd:3a:cb:d1:f4:9d:69:48:9d:c1:
01:4a:68:a7:ec:a4:0a:77:ec:a1:ac:4d:ec:c8:df:
5d:83:1b:58:62:da:b0:cd:4e:cd:bf:54:e7:ab:1e:
af:99:40:ed:74:48:66:5d:33:6b:f0:de:a2:00:10:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2A:E2:DF:FD:70:63:15:32:B4:65:5A:B8:FB:85:FE:9D:50:70:31
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/jiri3_1wYxUytGVauPuF_p1QcDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
185.82.0.0/22
194.20.0.0-194.21.63.255
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
217.15.208.0/20
217.29.160.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
57:05:c5:94:bb:55:a3:2c:90:be:23:36:9b:80:86:7a:c3:ce:
f8:f7:44:7e:b0:b1:12:9d:35:a7:d3:87:63:02:de:16:b8:4a:
a1:2f:c2:49:3d:de:2e:24:d0:d8:78:f0:50:d0:d9:91:ec:25:
4d:59:f9:4c:c6:09:77:e1:a1:f2:07:db:3c:1e:d5:bb:a7:2c:
4e:0d:79:c4:5f:c4:02:78:24:04:18:1f:3e:2b:f5:fc:3e:32:
90:fc:78:0b:7f:00:06:a1:db:4e:c3:72:29:89:73:16:60:d8:
c1:cf:0a:29:5b:0b:21:27:a9:b7:d5:50:bb:30:b0:23:28:fe:
07:e0:da:de:d2:9b:63:a6:11:16:c4:bb:0e:23:26:01:a3:61:
bc:b2:b5:c4:f7:9a:8b:c3:9f:96:59:6e:20:a0:cf:6f:00:06:
8f:f1:2e:05:ec:46:f1:7c:28:72:8b:a3:3a:c3:02:11:86:a5:
c4:ba:09:73:b0:a8:b8:e9:de:8e:3f:ca:fe:c8:5e:b9:7a:02:
e9:74:53:b1:87:38:35:10:d2:a0:72:d9:a3:d9:02:cf:45:9c:
67:84:c0:93:cb:e8:29:31:42:00:36:26:9f:f5:3d:7d:29:ca:
2a:cb:e8:24:66:f1:72:d2:cb:b5:d9:c7:21:d8:5e:53:53:61:
b2:fa:6d:8f
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZQmbBaWZjEG6GhzxGYL2pAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJhZTJkZmZkNzA2MzE1MzJiNDY1NWFiOGZiODVmZTlkNTA3MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PeRNDnQJMdSN6NawhWFJ4YLTnGY
mLrIexFQEt2UoriIcIObZxD8rJJxUMWQ8X/71G5ecOiStREDaHH7ADMqTrSHmIY7
O3XRExdzJPojJUHvDbxbSiZIc0U3llYZZt69oXBgrix4T+V2KGDqSx7IgMpFpsf0
D3DgygmiMHKwQp3OoM0ljI3XXEWLBMHHTGnxsFkTnZbdKS6QzE8yVFDvR6vaffCI
yHIXZimAcdPlLw413wjuAA6+JtEui6hxaREvyGfKboIsrc06y9H0nWlIncEBSmin
7KQKd+yhrE3syN9dgxtYYtqwzU7Nv1Tnqx6vmUDtdEhmXTNr8N6iABCKEwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFI4q4t/9cGMVMrRlWrj7hf6dUHAxMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvamlyaTNfMXdZeFV5dEdWYXVQdUZfcDFRY0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MG0EAgABMGcDAwA+XgME
BFFcIAMDAFPTAwQCuVIAMAsDAwLCFAMEBsIVADAMAwQGwpnAAwQCwpnQAwQFwz7g
AwQF1FoAAwQF1G4AAwQG1YiAAwQF1ZXAAwQF1beAAwQG1caAAwQE2Q/QAwQE2R2g
MA0EAgACMAcDBQMgAQdQMA0GCSqGSIb3DQEBCwUAA4IBAQBXBcWUu1WjLJC+Izab
gIZ6w87490R+sLESnTWn04djAt4WuEqhL8JJPd4uJNDYePBQ0NmR7CVNWflMxgl3
4aHyB9s8HtW7pyxODXnEX8QCeCQEGB8+K/X8PjKQ/HgLfwAGodtOw3IpiXMWYNjB
zwopWwshJ6m31VC7MLAjKP4H4Nre0ptjphEWxLsOIyYBo2G8srXE95qLw5+WWW4g
oM9vAAaP8S4F7EbxfChyi6M6wwIRhqXEuglzsKi46d6OP8r+yF65egLpdFOxhzg1
ENKgctmj2QLPRZxnhMCTy+gpMUIANiaf9T19Kcoqy+gkZvFy0su12cch2F5TU2Gy
+m2P
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:00:07 2025 by rpki-client