Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa
File: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (raw, json)
Hash identifier: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=
Subject key identifier: 8D:0A:90:7C:EA:DB:DA:D1:1B:80:BE:BE:9F:5A:58:2A:D2:83:08:62
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 01941FFA232FEE4C6200BC00DB5EDFA20B90
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35356
IP address blocks: 80.93.144.0/20 maxlen: 20
80.93.144.0/21 maxlen: 21
80.93.146.0/24 maxlen: 24
80.93.147.0/24 maxlen: 24
80.93.149.0/24 maxlen: 24
80.93.154.0/24 maxlen: 24
80.93.155.0/24 maxlen: 24
80.93.156.0/24 maxlen: 24
80.93.157.0/24 maxlen: 24
80.93.159.0/24 maxlen: 24
83.142.248.0/22 maxlen: 22
83.142.252.0/23 maxlen: 23
83.142.254.0/24 maxlen: 24
83.142.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:23:2f:ee:4c:62:00:bc:00:db:5e:df:a2:0b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d0a907ceadbdad11b80bebe9f5a582ad2830862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:d3:61:9e:40:a4:bc:41:1b:95:25:1e:00:
99:1e:9b:e1:65:72:17:65:ea:49:f4:8b:ae:d2:f6:
d4:55:d2:9d:41:07:7e:96:13:39:68:9f:b1:20:18:
47:a1:28:12:10:18:1b:53:40:54:94:2e:e1:f6:02:
fc:78:bf:c2:cb:29:de:d6:cc:ef:de:bb:5d:b5:cc:
20:3a:fa:fc:bd:a3:3d:9f:19:7e:41:e9:aa:50:a7:
79:f3:ab:67:52:68:9a:de:94:85:c7:2f:a3:1e:93:
dd:ed:15:ec:66:18:2d:85:4f:2d:0b:9f:73:72:94:
d5:a8:7c:3c:dc:ee:96:e3:9d:df:6d:13:39:a3:ec:
57:c0:0d:c8:90:b9:c8:c7:1e:58:8e:c0:38:38:30:
96:f0:c6:a2:b9:21:6a:e8:bc:70:94:cb:d0:2b:1f:
5e:36:02:16:66:a5:1b:ff:78:b4:9b:32:55:80:99:
4b:d8:4a:6d:30:0f:3b:b3:93:02:58:26:fb:e9:d5:
63:38:f2:c1:82:d7:db:2b:4d:d8:0b:99:73:e0:b8:
55:1c:d2:cc:74:71:4f:80:92:b6:c1:86:c3:7d:fa:
64:ff:87:c8:31:c7:82:2e:3e:e3:5a:9f:be:ec:2d:
82:37:88:f4:ab:06:3d:ad:32:b2:b8:24:f9:dc:a4:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0A:90:7C:EA:DB:DA:D1:1B:80:BE:BE:9F:5A:58:2A:D2:83:08:62
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.144.0/20
83.142.248.0/21
Signature Algorithm: sha256WithRSAEncryption
86:f3:7e:9b:aa:e8:b4:6e:64:3c:8f:b5:64:b6:cb:a7:3e:09:
b6:a0:b6:1c:46:09:b2:30:68:b8:19:8f:1c:5c:a0:5f:12:f9:
75:e8:35:51:d3:9c:e8:4a:38:f7:4b:a1:01:53:ad:71:c7:68:
bb:50:3f:ec:5d:0a:af:82:17:bb:b3:6d:54:98:95:ff:a9:a2:
68:b8:42:cb:c0:86:8e:b0:12:79:a4:00:74:c0:c9:41:6b:6f:
5c:e7:71:0f:35:23:68:3a:8e:a0:34:7e:fb:2d:29:fe:d8:33:
d1:d9:43:4d:97:97:54:48:c7:a7:ee:77:21:35:d8:ef:65:1d:
3a:3e:81:a9:e2:c9:21:3b:0a:d8:b5:dc:3b:ad:12:47:d1:6c:
9a:ce:e0:af:ef:17:37:f9:b3:cf:eb:50:12:10:a4:6a:4a:21:
20:ba:b0:ed:77:f0:95:a7:b0:f9:06:93:33:a5:fb:64:50:d3:
04:2f:c1:7b:9b:e0:e3:79:a8:0f:74:93:a4:8f:f4:5b:fc:68:
44:9f:2e:13:c8:28:93:e6:6f:80:e6:67:14:d4:63:7c:57:c5:
fa:bc:eb:a9:e0:23:9c:8c:dc:6e:c9:03:5d:5c:2c:d1:2a:04:
95:33:ad:a4:9a:31:75:39:aa:1c:b6:e4:a7:03:56:4e:cb:0a:
51:b2:6b:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+iMv7kxiALwA217foguQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBhOTA3Y2VhZGJkYWQxMWI4MGJlYmU5ZjVhNTgyYWQyODMwODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/nTYZ5ApLxBG5UlHgCZHpvhZXIX
ZepJ9Iuu0vbUVdKdQQd+lhM5aJ+xIBhHoSgSEBgbU0BUlC7h9gL8eL/Cyyne1szv
3rtdtcwgOvr8vaM9nxl+QemqUKd586tnUmia3pSFxy+jHpPd7RXsZhgthU8tC59z
cpTVqHw83O6W453fbRM5o+xXwA3IkLnIxx5YjsA4ODCW8MaiuSFq6LxwlMvQKx9e
NgIWZqUb/3i0mzJVgJlL2EptMA87s5MCWCb76dVjOPLBgtfbK03YC5lz4LhVHNLM
dHFPgJK2wYbDffpk/4fIMceCLj7jWp++7C2CN4j0qwY9rTKyuCT53KSYuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI0KkHzq29rRG4C+vp9aWCrSgwhiMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvalFxUWZPcmIydEViZ0w2LW4xcFlLdEtEQ0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUF2QAwQD
U474MA0GCSqGSIb3DQEBCwUAA4IBAQCG836bqui0bmQ8j7VktsunPgm2oLYcRgmy
MGi4GY8cXKBfEvl16DVR05zoSjj3S6EBU61xx2i7UD/sXQqvghe7s21UmJX/qaJo
uELLwIaOsBJ5pAB0wMlBa29c53EPNSNoOo6gNH77LSn+2DPR2UNNl5dUSMen7nch
NdjvZR06PoGp4skhOwrYtdw7rRJH0WyazuCv7xc3+bPP61ASEKRqSiEgurDtd/CV
p7D5BpMzpftkUNMEL8F7m+DjeagPdJOkj/Rb/GhEny4TyCiT5m+A5mcU1GN8V8X6
vOup4COcjNxuyQNdXCzRKgSVM62kmjF1OaoctuSnA1ZOywpRsmtU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:43 2025 by rpki-client