Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/JafDMsZo_2WlBv1_b3upjycXmLU.roa
File: JafDMsZo_2WlBv1_b3upjycXmLU.roa (raw, json)
Hash identifier: cGcJ9xKOVuAlrxxUBxsd3T744wFpR+9phZElM6fNzW0=
Subject key identifier: 25:A7:C3:32:C6:68:FF:65:A5:06:FD:7F:6F:7B:A9:8F:27:17:98:B5
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 019427B61BAB74989BB333D581EC59C2D480
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/JafDMsZo_2WlBv1_b3upjycXmLU.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210876
IP address blocks: 217.67.161.0/24 maxlen: 24
217.67.162.0/23 maxlen: 24
217.67.166.0/23 maxlen: 23
217.67.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1b:ab:74:98:9b:b3:33:d5:81:ec:59:c2:d4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25a7c332c668ff65a506fd7f6f7ba98f271798b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:31:0b:78:12:66:cd:a5:bb:17:f1:8d:92:
d4:4b:43:ec:21:77:68:96:97:a7:36:23:8f:34:57:
76:0d:92:ef:e0:29:60:a5:29:1f:0b:fc:8b:6a:07:
13:fc:b5:ab:7f:62:d8:ed:56:18:f7:6d:ec:c8:c6:
39:79:60:6b:de:da:af:5c:46:1a:7e:18:0a:24:0c:
5a:9d:85:91:99:46:65:97:07:43:68:df:13:c6:9d:
5d:ac:08:55:d1:94:49:be:9c:10:10:c7:a3:89:5a:
d6:da:87:25:4a:5e:fd:0b:9a:7d:27:2a:26:40:9b:
48:54:8e:f4:bd:ff:4c:2e:6c:05:65:ba:f5:e1:68:
84:ae:7d:78:bb:3c:1c:22:49:87:83:21:b5:0f:87:
bf:c0:27:3d:7a:79:c5:e6:9a:a0:2c:bb:9d:55:f6:
0a:5b:b1:05:ea:84:a8:45:33:0a:c4:e1:55:63:98:
6c:c0:8b:32:61:9a:70:00:d4:59:e3:57:c8:42:eb:
ab:81:19:52:50:23:ab:e8:4b:21:41:7d:33:e4:ba:
eb:e3:40:b8:c2:83:d0:59:fd:b9:95:5f:e8:23:41:
e1:5d:3a:1a:ab:c5:e8:71:22:63:29:84:c5:f6:43:
97:2a:82:67:79:b0:62:24:81:d0:06:66:1d:13:eb:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A7:C3:32:C6:68:FF:65:A5:06:FD:7F:6F:7B:A9:8F:27:17:98:B5
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/JafDMsZo_2WlBv1_b3upjycXmLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.161.0-217.67.163.255
217.67.166.0-217.67.171.255
Signature Algorithm: sha256WithRSAEncryption
08:96:47:ba:7f:b3:05:04:c4:a7:49:61:53:15:f4:4e:3c:ae:
81:96:8d:bb:f6:22:2e:5b:06:3f:24:fb:e5:44:c7:ea:a2:85:
cc:47:4a:dd:86:48:ea:54:06:06:03:86:7c:c1:78:e1:73:ee:
da:cb:80:ee:d0:39:bd:52:12:a8:52:17:ae:d2:5b:72:49:2d:
2e:07:a4:c9:cb:fc:88:ea:26:91:be:56:7b:d4:a0:65:fa:6a:
b5:88:5b:88:99:4e:52:ad:8c:4c:f4:6b:33:01:ea:65:41:ac:
7b:97:6d:ee:cc:3d:86:b4:d9:92:53:d3:6e:de:01:e4:67:0b:
99:3b:bb:b2:42:2f:db:72:42:de:47:b6:c6:8b:df:14:7f:8f:
8c:b2:d0:7c:aa:6a:c9:63:6e:6b:f9:11:db:e6:e5:f4:ac:b1:
61:42:5f:0d:fc:86:7b:85:ec:45:3c:50:ad:95:8e:cd:bb:29:
f2:73:5a:15:d1:19:cd:79:e8:e7:0d:fa:22:48:1e:ee:ee:8c:
a9:e2:3c:2a:50:1a:80:9f:79:9d:66:8a:cc:a2:fd:15:70:6d:
e9:96:7f:b5:cd:27:16:e9:20:8c:d4:60:11:c1:52:0d:64:a9:
54:db:84:6c:5c:29:df:cc:c5:be:56:6c:f5:c6:69:d0:e5:f1:
58:b8:76:24
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQnthurdJibszPVgexZwtSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE3YzMzMmM2NjhmZjY1YTUwNmZkN2Y2ZjdiYTk4ZjI3MTc5OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOUxC3gSZs2luxfxjZLUS0PsIXdo
lpenNiOPNFd2DZLv4ClgpSkfC/yLagcT/LWrf2LY7VYY923syMY5eWBr3tqvXEYa
fhgKJAxanYWRmUZllwdDaN8Txp1drAhV0ZRJvpwQEMejiVrW2oclSl79C5p9Jyom
QJtIVI70vf9MLmwFZbr14WiErn14uzwcIkmHgyG1D4e/wCc9ennF5pqgLLudVfYK
W7EF6oSoRTMKxOFVY5hswIsyYZpwANRZ41fIQuurgRlSUCOr6EshQX0z5Lrr40C4
woPQWf25lV/oI0HhXToaq8XocSJjKYTF9kOXKoJnebBiJIHQBmYdE+u6nwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCWnwzLGaP9lpQb9f297qY8nF5i1MB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvSmFmRE1zWm9fMldsQnYxX2IzdXBqeWNYbUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADZQ6ED
BALZQ6AwDAMEAdlDpgMEAtlDqDANBgkqhkiG9w0BAQsFAAOCAQEACJZHun+zBQTE
p0lhUxX0TjyugZaNu/YiLlsGPyT75UTH6qKFzEdK3YZI6lQGBgOGfMF44XPu2suA
7tA5vVISqFIXrtJbckktLgekycv8iOomkb5We9SgZfpqtYhbiJlOUq2MTPRrMwHq
ZUGse5dt7sw9hrTZklPTbt4B5GcLmTu7skIv23JC3ke2xovfFH+PjLLQfKpqyWNu
a/kR2+bl9KyxYUJfDfyGe4XsRTxQrZWOzbsp8nNaFdEZzXno5w36Ikge7u6MqeI8
KlAagJ95nWaKzKL9FXBt6ZZ/tc0nFukgjNRgEcFSDWSpVNuEbFwp38zFvlZs9cZp
0OXxWLh2JA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:46 2025 by rpki-client