Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/jnl0pkc8VZioDFc1rU2LXYR9u10.roa
File: jnl0pkc8VZioDFc1rU2LXYR9u10.roa (raw, json)
Hash identifier: hBLoItEXtLXi0Hx0eyOzMHvYDZZAUIWBeCW6pZ7dYGc=
Subject key identifier: 8E:79:74:A6:47:3C:55:98:A8:0C:57:35:AD:4D:8B:5D:84:7D:BB:5D
Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Certificate serial: 01942067C65D60810323DE9FA121CDAF562F
Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/jnl0pkc8VZioDFc1rU2LXYR9u10.roa
Signing time: Wed 01 Jan 2025 05:47:39 +0000
ROA not before: Wed 01 Jan 2025 05:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43456
IP address blocks: 185.93.172.0/24 maxlen: 24
185.164.48.0/24 maxlen: 24
185.164.49.0/24 maxlen: 24
185.164.50.0/24 maxlen: 24
185.164.51.0/24 maxlen: 24
185.171.16.0/24 maxlen: 24
185.171.17.0/24 maxlen: 24
185.171.18.0/24 maxlen: 24
185.171.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c6:5d:60:81:03:23:de:9f:a1:21:cd:af:56:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Validity
Not Before: Jan 1 05:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e7974a6473c5598a80c5735ad4d8b5d847dbb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:32:09:c6:83:7f:1d:cc:ee:75:ae:33:e9:3a:
c2:1f:4e:6b:86:0b:84:3c:ed:e8:12:24:df:52:da:
7e:1a:fb:1e:b5:25:96:b7:67:7e:12:6f:28:8b:ee:
6d:ee:86:e5:32:a3:b9:a5:27:d3:29:b5:64:ec:3f:
a2:9f:d3:b6:97:85:34:16:b6:30:45:04:28:f9:02:
9d:46:4f:68:c7:43:c7:a9:c7:1f:96:f0:e8:4a:a8:
ea:81:d9:95:c0:5e:64:d4:f1:e2:cb:63:46:05:eb:
9d:69:8d:47:4d:fa:ac:3c:f1:73:cd:d7:69:f9:74:
b6:21:91:f2:8e:15:fa:f9:d2:59:dc:bf:e9:60:78:
4a:ad:3c:51:5e:22:bf:37:1b:99:60:11:6a:36:75:
ce:a2:27:4f:42:14:b8:d3:e7:15:a6:36:da:58:05:
ad:76:7b:0a:63:ca:17:37:9f:a6:6d:b8:c1:c1:e0:
e3:c8:31:a1:ec:3a:85:22:39:5d:d5:78:b6:9b:93:
ad:45:e4:8a:52:fa:b0:c0:96:40:3c:17:71:64:ec:
e6:a0:76:96:36:d6:2b:d0:da:68:11:c2:5c:6f:a7:
9d:1a:53:73:35:7e:e0:3f:ad:6f:65:33:b4:da:0a:
7d:69:d2:7c:f0:e6:73:41:f3:ba:5b:4d:43:f2:a6:
a5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:79:74:A6:47:3C:55:98:A8:0C:57:35:AD:4D:8B:5D:84:7D:BB:5D
X509v3 Authority Key Identifier:
keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/jnl0pkc8VZioDFc1rU2LXYR9u10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.172.0/24
185.164.48.0/22
185.171.16.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:b9:4e:f4:a3:78:23:b9:e1:49:1c:f1:89:b5:c3:4b:c9:a1:
3d:b7:26:3b:9c:e0:e0:0b:96:d7:6d:f5:d9:77:2c:f3:5b:d3:
51:d3:fa:f4:60:38:23:d3:ab:2b:a1:f4:05:cc:77:86:f2:40:
3b:24:bc:53:97:f6:b1:ec:98:dc:59:68:9b:96:d4:68:a7:79:
b0:17:24:4e:4a:69:b3:7c:bb:23:21:31:1f:77:a6:59:c1:d9:
fd:58:75:aa:a4:73:ee:ad:c5:1b:60:bc:17:82:04:6c:d6:50:
a4:34:dd:c6:0b:e8:bd:c8:c4:4e:8d:0b:a7:4b:e9:76:42:e8:
50:7b:65:0e:a9:bf:9e:1e:05:5f:59:5b:76:30:74:cf:7a:22:
49:bd:39:45:ed:cb:89:44:5d:77:8b:11:9c:90:f7:00:5f:a1:
9f:32:9b:cb:04:39:52:47:a7:7e:33:73:b9:4e:62:53:22:4a:
31:4f:26:53:a1:58:35:5d:6c:02:15:4e:cb:b0:26:61:4c:fb:
aa:d6:bb:4d:bd:80:d6:59:d8:43:9b:d1:1a:7a:a3:1f:d9:ad:
7a:bd:6f:13:b4:47:25:86:0b:83:33:71:2f:bc:ce:8f:5e:e4:
21:31:a1:51:6e:7a:84:10:72:b4:aa:59:86:3a:7a:1a:5a:53:
aa:58:a6:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgZ8ZdYIEDI96foSHNr1YvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NzczZDczM2QxODQ1YzQxZDNmOWEzNjJiNTViNzRlNjg2
ZjljMDIwHhcNMjUwMTAxMDU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc5NzRhNjQ3M2M1NTk4YTgwYzU3MzVhZDRkOGI1ZDg0N2RiYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DIJxoN/Hczuda4z6TrCH05rhguE
PO3oEiTfUtp+GvsetSWWt2d+Em8oi+5t7oblMqO5pSfTKbVk7D+in9O2l4U0FrYw
RQQo+QKdRk9ox0PHqccflvDoSqjqgdmVwF5k1PHiy2NGBeudaY1HTfqsPPFzzddp
+XS2IZHyjhX6+dJZ3L/pYHhKrTxRXiK/NxuZYBFqNnXOoidPQhS40+cVpjbaWAWt
dnsKY8oXN5+mbbjBweDjyDGh7DqFIjld1Xi2m5OtReSKUvqwwJZAPBdxZOzmoHaW
NtYr0NpoEcJcb6edGlNzNX7gP61vZTO02gp9adJ88OZzQfO6W01D8qalBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI55dKZHPFWYqAxXNa1Ni12EfbtdMB8GA1UdIwQY
MBaAFNl3PXM9GEXEHT+aNitVt05ob5wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMt
MDFhMjlmNWY2ZGRlLzEvam5sMHBrYzhWWmlvREZjMXJVMkxYWVI5dTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMtMDFhMjlmNWY2ZGRl
LzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuV2sAwQC
uaQwAwQCuasQMA0GCSqGSIb3DQEBCwUAA4IBAQA9uU70o3gjueFJHPGJtcNLyaE9
tyY7nODgC5bXbfXZdyzzW9NR0/r0YDgj06srofQFzHeG8kA7JLxTl/ax7JjcWWib
ltRop3mwFyROSmmzfLsjITEfd6ZZwdn9WHWqpHPurcUbYLwXggRs1lCkNN3GC+i9
yMROjQunS+l2QuhQe2UOqb+eHgVfWVt2MHTPeiJJvTlF7cuJRF13ixGckPcAX6Gf
MpvLBDlSR6d+M3O5TmJTIkoxTyZToVg1XWwCFU7LsCZhTPuq1rtNvYDWWdhDm9Ea
eqMf2a16vW8TtEclhguDM3EvvM6PXuQhMaFRbnqEEHK0qlmGOnoaWlOqWKa+
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:35:05 2025 by rpki-client