Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/pyjq9eTJ16BICExepyy4hHdzJBY.roa
File: pyjq9eTJ16BICExepyy4hHdzJBY.roa (raw, json)
Hash identifier: 1qL3K1S3vi6SKpgKIPcn0F7XdPnvihL3lLBBWXETN6c=
Subject key identifier: A7:28:EA:F5:E4:C9:D7:A0:48:08:4C:5E:A7:2C:B8:84:77:73:24:16
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 019424453FF8C7B8429213FC2A0B4A1B87CF
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/pyjq9eTJ16BICExepyy4hHdzJBY.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.8.0/24 maxlen: 24
185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b82::/32 maxlen: 32
2a0b:6b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3f:f8:c7:b8:42:92:13:fc:2a:0b:4a:1b:87:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a728eaf5e4c9d7a048084c5ea72cb88477732416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7d:0e:45:5f:ee:ac:2d:d9:fe:2e:6d:93:e7:
f2:29:32:12:c0:24:35:ee:45:4a:9c:a7:0a:50:35:
78:d2:80:eb:ca:97:03:a5:7a:06:9d:28:67:47:93:
75:0f:1e:98:d2:61:2d:cb:9d:c1:d2:17:85:2b:10:
12:9e:db:d6:68:57:37:bd:0d:69:09:ab:6c:59:8e:
d2:cb:ee:61:2b:64:38:73:31:e8:14:3b:03:6d:ea:
d0:e1:23:5e:bf:20:2b:b8:e2:0b:63:7b:27:af:7c:
fe:65:10:67:f3:e6:71:a1:e0:b1:40:b3:b8:2a:53:
b6:91:0b:f2:3d:0a:23:3f:11:e3:b9:28:29:35:25:
02:86:1c:e7:fe:e9:17:94:a0:46:e5:ad:64:2c:f2:
60:3a:1e:04:94:e6:8e:37:98:5b:98:51:af:39:c3:
09:e9:de:e1:77:ef:5a:c8:af:0b:60:a7:e2:6b:11:
48:c1:dd:db:a9:e9:fe:d9:78:cd:67:82:6b:ec:66:
b9:fb:50:58:bf:9e:12:5f:ff:e4:d9:56:5e:5b:a0:
2d:af:cf:60:25:ca:65:5b:66:92:81:a7:51:4b:11:
95:b4:d9:59:a3:92:8e:b1:2f:b7:b1:b8:64:47:5c:
81:88:56:ff:6a:a5:3a:98:b8:6c:42:75:58:11:e1:
d2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:28:EA:F5:E4:C9:D7:A0:48:08:4C:5E:A7:2C:B8:84:77:73:24:16
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/pyjq9eTJ16BICExepyy4hHdzJBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
185.186.11.0/24
IPv6:
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b82::/32
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
60:d7:61:8e:87:3f:7d:04:ad:a6:ea:44:79:f4:ed:c7:77:5d:
d9:ba:44:7e:e1:cd:ae:ad:48:c4:0d:ab:50:4c:18:e9:13:f3:
5c:f5:db:17:f5:6f:51:8d:0b:1f:76:ea:d0:73:28:64:cc:d6:
53:d0:c1:25:1f:c4:fc:38:a9:02:3d:a3:da:2c:58:fa:47:f6:
a6:37:8e:ff:67:d6:6a:ab:26:d5:e8:50:08:91:76:eb:c6:6f:
b3:a4:8e:0f:8b:b4:50:fc:72:ee:e1:03:fb:b6:39:5f:41:50:
26:cd:0f:f9:5c:b9:67:5e:90:e6:0d:1c:bf:d6:a2:ed:5b:e7:
3f:f7:07:98:9a:a0:1c:0e:8c:7a:d2:6d:d4:b3:5f:dd:e7:f6:
c6:93:31:d0:52:4f:f5:b0:3d:7b:b1:c1:50:7f:23:70:fb:3e:
64:6d:ab:e6:07:a1:5e:30:f7:42:b9:91:47:1f:b8:b5:87:ef:
8d:5e:77:ae:b2:45:df:88:7e:37:eb:c1:d4:6e:13:d6:98:c3:
68:fe:7f:e7:c3:1c:ec:3f:05:65:21:5e:f7:44:d9:87:ed:c8:
18:10:e8:14:71:ae:59:f9:83:4c:c4:7b:d1:1a:31:79:95:d9:
c6:63:3e:44:99:53:fb:df:88:8c:97:b7:b6:66:69:d3:c4:d5:
a7:8e:1a:62
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQkRT/4x7hCkhP8KgtKG4fPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI4ZWFmNWU0YzlkN2EwNDgwODRjNWVhNzJjYjg4NDc3NzMyNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA130ORV/urC3Z/i5tk+fyKTISwCQ1
7kVKnKcKUDV40oDrypcDpXoGnShnR5N1Dx6Y0mEty53B0heFKxASntvWaFc3vQ1p
CatsWY7Sy+5hK2Q4czHoFDsDberQ4SNevyAruOILY3snr3z+ZRBn8+ZxoeCxQLO4
KlO2kQvyPQojPxHjuSgpNSUChhzn/ukXlKBG5a1kLPJgOh4ElOaON5hbmFGvOcMJ
6d7hd+9ayK8LYKfiaxFIwd3bqen+2XjNZ4Jr7Ga5+1BYv54SX//k2VZeW6Atr89g
JcplW2aSgadRSxGVtNlZo5KOsS+3sbhkR1yBiFb/aqU6mLhsQnVYEeHSGwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKco6vXkydegSAhMXqcsuIR3cyQWMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvcHlqcTllVEoxNkJJQ0V4ZXB5eTRoSGR6SkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjASBAIAATAMAwQAuboIAwQA
uboLMCgEAgACMCIwEgMHACoLa4EAAwMHACoLa4EABAMFACoLa4IDBQAqC2uHMA0G
CSqGSIb3DQEBCwUAA4IBAQBg12GOhz99BK2m6kR59O3Hd13ZukR+4c2urUjEDatQ
TBjpE/Nc9dsX9W9RjQsfdurQcyhkzNZT0MElH8T8OKkCPaPaLFj6R/amN47/Z9Zq
qybV6FAIkXbrxm+zpI4Pi7RQ/HLu4QP7tjlfQVAmzQ/5XLlnXpDmDRy/1qLtW+c/
9weYmqAcDox60m3Us1/d5/bGkzHQUk/1sD17scFQfyNw+z5kbavmB6FeMPdCuZFH
H7i1h++NXneuskXfiH4368HUbhPWmMNo/n/nwxzsPwVlIV73RNmH7cgYEOgUca5Z
+YNMxHvRGjF5ldnGYz5EmVP734iMl7e2ZmnTxNWnjhpi
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:41:31 2025 by rpki-client