Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/JU98MMZrXXCEmCDnbfUPfcRJYzY.roa
File: JU98MMZrXXCEmCDnbfUPfcRJYzY.roa (raw, json)
Hash identifier: d0FfbQJiAVpejVIYMn3deKx0UKlbPnVFJ7hRSLq9XpM=
Subject key identifier: 25:4F:7C:30:C6:6B:5D:70:84:98:20:E7:6D:F5:0F:7D:C4:49:63:36
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAAED55DDF3BD4E9964D903C53F33F
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/JU98MMZrXXCEmCDnbfUPfcRJYzY.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208864
IP address blocks: 46.243.188.0/22 maxlen: 22
128.0.68.0/23 maxlen: 23
188.72.68.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ae:d5:5d:df:3b:d4:e9:96:4d:90:3c:53:f3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=254f7c30c66b5d70849820e76df50f7dc4496336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7b:9f:0d:14:98:3f:72:0e:be:5e:4e:a6:24:
fd:70:71:aa:2b:69:45:18:c7:d9:f2:4f:29:76:bc:
1f:2c:d6:ca:19:af:8a:fd:76:ff:55:30:7b:64:e3:
4a:7e:fe:d0:61:c1:75:8f:0d:fa:99:45:5c:bb:a5:
df:ca:bf:20:e6:71:7a:00:8f:d6:54:e9:7a:2b:1e:
61:0b:5e:22:94:db:e8:fc:e2:61:17:d1:c0:1e:05:
a2:ed:63:71:6d:15:59:cf:98:9e:a3:39:02:bc:e1:
e0:9d:4c:dc:70:b3:be:b9:07:6d:f7:10:3b:67:f2:
b0:5f:18:f7:a7:3a:07:f1:1a:19:cd:f3:72:b0:07:
65:e0:fd:3a:37:fc:3a:8d:0f:fe:c6:9b:f1:94:d6:
29:80:1b:99:c4:db:49:79:3f:5f:bd:91:e0:c3:fb:
78:e7:a3:36:2a:44:26:d7:35:ec:00:34:6c:49:9b:
26:83:6d:6a:2a:89:fa:c6:d7:9c:3d:a9:2d:d6:a1:
45:dd:25:19:7a:cf:6e:41:b1:c3:70:79:14:fb:16:
bb:08:8f:14:59:a9:92:5b:31:36:d8:8d:95:95:2e:
77:2e:17:42:68:ca:fd:b4:9f:d5:ad:fb:a4:98:c0:
97:57:ff:c3:78:62:79:8f:b0:30:85:3b:8b:81:0c:
c5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:7C:30:C6:6B:5D:70:84:98:20:E7:6D:F5:0F:7D:C4:49:63:36
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/JU98MMZrXXCEmCDnbfUPfcRJYzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.188.0/22
128.0.68.0/23
188.72.68.0/23
Signature Algorithm: sha256WithRSAEncryption
01:d8:8b:3b:cd:3b:07:6a:92:89:99:ef:b2:2a:52:8c:cf:59:
f2:87:86:ea:eb:96:e9:00:e2:65:47:1a:70:fa:b6:ff:57:d5:
b9:66:41:57:23:fe:0a:9e:84:fe:85:49:48:25:cc:36:59:b6:
65:87:b1:bb:30:83:09:fd:33:f9:48:5d:4d:b6:9a:88:00:ee:
97:61:8e:77:b7:19:95:43:c3:94:8e:05:a2:c3:6a:3a:d5:e2:
e1:01:78:e9:e5:4e:78:1e:9c:60:54:c6:1a:1a:7c:f4:0e:e3:
c9:da:34:5b:96:ad:38:58:c7:54:44:ac:f4:e0:b1:e3:52:b1:
85:36:1a:e3:09:26:6d:1e:fd:02:31:7b:64:ce:8a:1e:27:9b:
d5:d9:d7:7e:fb:8c:c0:9f:88:31:75:61:f3:4b:2c:7b:9e:6b:
9e:f6:13:13:5a:96:be:ff:fc:ea:14:f0:c9:dc:41:ae:50:c1:
a3:ab:90:29:11:9e:0c:a4:17:6c:cd:fc:41:8d:29:fc:17:21:
33:99:b1:9a:9b:68:fb:73:6e:d2:61:70:d3:35:a7:69:a7:09:
54:7e:74:fd:2f:f4:3a:8d:aa:18:3f:2f:3d:90:fd:7d:b2:3a:
46:85:d1:fa:e2:d0:30:a2:1f:38:fa:ef:d0:71:c4:44:c6:30:
07:eb:6e:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+q7VXd871OmWTZA8U/M/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRmN2MzMGM2NmI1ZDcwODQ5ODIwZTc2ZGY1MGY3ZGM0NDk2MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3ufDRSYP3IOvl5OpiT9cHGqK2lF
GMfZ8k8pdrwfLNbKGa+K/Xb/VTB7ZONKfv7QYcF1jw36mUVcu6Xfyr8g5nF6AI/W
VOl6Kx5hC14ilNvo/OJhF9HAHgWi7WNxbRVZz5ieozkCvOHgnUzccLO+uQdt9xA7
Z/KwXxj3pzoH8RoZzfNysAdl4P06N/w6jQ/+xpvxlNYpgBuZxNtJeT9fvZHgw/t4
56M2KkQm1zXsADRsSZsmg21qKon6xtecPakt1qFF3SUZes9uQbHDcHkU+xa7CI8U
WamSWzE22I2VlS53LhdCaMr9tJ/VrfukmMCXV//DeGJ5j7AwhTuLgQzF+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCVPfDDGa11whJgg5231D33ESWM2MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvSlU5OE1NWnJYWENFbUNEbmJmVVBmY1JKWXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLvO8AwQB
gABEAwQBvEhEMA0GCSqGSIb3DQEBCwUAA4IBAQAB2Is7zTsHapKJme+yKlKMz1ny
h4bq65bpAOJlRxpw+rb/V9W5ZkFXI/4KnoT+hUlIJcw2WbZlh7G7MIMJ/TP5SF1N
tpqIAO6XYY53txmVQ8OUjgWiw2o61eLhAXjp5U54HpxgVMYaGnz0DuPJ2jRblq04
WMdURKz04LHjUrGFNhrjCSZtHv0CMXtkzooeJ5vV2dd++4zAn4gxdWHzSyx7nmue
9hMTWpa+//zqFPDJ3EGuUMGjq5ApEZ4MpBdszfxBjSn8FyEzmbGam2j7c27SYXDT
NadppwlUfnT9L/Q6jaoYPy89kP19sjpGhdH64tAwoh84+u/QccRExjAH625w
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:12:05 2025 by rpki-client