Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/jdjC0ww4NA_4Jmou2NIqk7PauVQ.roa
File: jdjC0ww4NA_4Jmou2NIqk7PauVQ.roa (raw, json)
Hash identifier: DpdKiPWViVyeUlQa6RYjsV7wbTabm/grnxVTUMHIZOw=
Subject key identifier: 8D:D8:C2:D3:0C:38:34:0F:F8:26:6A:2E:D8:D2:2A:93:B3:DA:B9:54
Certificate issuer: /CN=17999e211914a68db83eaf3f7fd384c53e747455
Certificate serial: 0194206824117C61C13AFFA6D7FC6ECFA4A8
Authority key identifier: 17:99:9E:21:19:14:A6:8D:B8:3E:AF:3F:7F:D3:84:C5:3E:74:74:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/jdjC0ww4NA_4Jmou2NIqk7PauVQ.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211037
IP address blocks: 185.21.134.0/24 maxlen: 24
2a04:4480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:24:11:7c:61:c1:3a:ff:a6:d7:fc:6e:cf:a4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17999e211914a68db83eaf3f7fd384c53e747455
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dd8c2d30c38340ff8266a2ed8d22a93b3dab954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:d3:0a:26:bb:e0:8b:a8:d0:cc:39:f7:f7:
dc:1b:4a:42:91:81:bc:3b:17:e6:c0:ae:64:f7:54:
8b:41:17:ee:fb:ad:39:77:6e:a4:11:14:98:ac:29:
68:ed:13:b0:c0:ea:13:f1:54:0d:b6:7e:6c:48:0e:
55:fc:80:13:5f:60:52:e9:2e:24:0f:07:e1:e2:2d:
5b:3f:08:eb:5f:9d:ea:9a:86:ae:c2:f4:0d:ab:ef:
da:46:0b:0b:68:d1:c2:fb:f9:de:a4:2c:f2:04:4e:
04:46:06:3f:6f:bb:9f:e1:b9:c8:e4:01:c7:01:ef:
18:e1:63:9b:a6:2c:aa:f2:d5:8a:6f:7a:de:90:1d:
59:fb:15:b6:3f:35:df:f8:08:af:5a:33:ed:97:db:
bc:bb:1e:57:2c:b0:ba:30:ad:7b:1b:50:b7:21:9e:
9e:95:d4:04:2d:64:5c:fe:1d:5e:45:b4:3d:f6:3d:
04:9b:ae:c5:c8:ba:90:39:8d:93:e6:e1:e3:3c:dc:
d9:b2:1a:8e:7b:cb:31:86:2d:b8:79:16:12:e7:0f:
61:2f:6d:86:2a:1b:75:ac:9b:b1:b4:de:d4:26:1e:
b9:75:d9:a8:58:d3:43:a4:ea:6d:c8:25:b6:ef:5a:
fa:02:c3:39:70:f1:7c:1d:1f:b3:90:1f:ea:c4:5d:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D8:C2:D3:0C:38:34:0F:F8:26:6A:2E:D8:D2:2A:93:B3:DA:B9:54
X509v3 Authority Key Identifier:
keyid:17:99:9E:21:19:14:A6:8D:B8:3E:AF:3F:7F:D3:84:C5:3E:74:74:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5meIRkUpo24Pq8_f9OExT50dFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/jdjC0ww4NA_4Jmou2NIqk7PauVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea117a-412a-49e2-890f-4bb43ba3cde3/1/F5meIRkUpo24Pq8_f9OExT50dFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.134.0/24
IPv6:
2a04:4480::/32
Signature Algorithm: sha256WithRSAEncryption
a5:a8:b9:ce:33:fa:4d:07:dd:8c:90:89:e5:98:6d:f1:f5:f8:
5e:c6:a6:d4:12:7e:95:c9:11:11:18:44:35:b6:d2:5d:ff:c8:
49:c9:ad:85:48:73:7a:30:0a:c7:9d:39:f6:be:bd:20:89:b1:
02:04:e2:e4:b7:ac:76:22:51:35:36:16:74:34:76:21:54:dd:
23:62:38:6b:cb:c6:6c:80:79:95:7d:1d:70:46:a7:a4:ac:2c:
63:ae:c6:e4:ab:75:2e:25:ba:02:b3:b5:94:34:f4:da:7f:84:
43:b8:24:a3:90:1a:ec:64:bc:2d:d1:d5:f4:93:67:1a:b1:40:
b6:a6:95:b5:1d:5a:d5:cc:28:c8:e0:5d:d7:36:2d:2a:f8:40:
c3:58:27:c3:b5:81:28:29:20:1d:25:84:b3:dd:9b:52:5e:88:
83:4a:f7:db:4b:ea:1c:7a:35:94:4f:69:88:0b:19:25:0d:ed:
7b:80:02:86:c2:69:35:e4:a4:26:34:54:d2:93:2a:72:d7:bd:
cb:c9:dd:19:9e:d2:6f:02:05:1a:33:14:72:c8:1d:85:58:34:
e5:79:ca:01:ad:44:5a:ca:e3:b0:46:d9:f3:37:8e:22:56:0f:
dc:5b:ac:28:ee:ce:4f:19:bb:e3:d1:93:63:51:7b:0f:ef:3c:
bf:8e:4d:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaCQRfGHBOv+m1/xuz6SoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTk5ZTIxMTkxNGE2OGRiODNlYWYzZjdmZDM4NGM1M2U3
NDc0NTUwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ4YzJkMzBjMzgzNDBmZjgyNjZhMmVkOGQyMmE5M2IzZGFiOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5XTCia74Iuo0Mw59/fcG0pCkYG8
OxfmwK5k91SLQRfu+605d26kERSYrClo7ROwwOoT8VQNtn5sSA5V/IATX2BS6S4k
Dwfh4i1bPwjrX53qmoauwvQNq+/aRgsLaNHC+/nepCzyBE4ERgY/b7uf4bnI5AHH
Ae8Y4WObpiyq8tWKb3rekB1Z+xW2PzXf+AivWjPtl9u8ux5XLLC6MK17G1C3IZ6e
ldQELWRc/h1eRbQ99j0Em67FyLqQOY2T5uHjPNzZshqOe8sxhi24eRYS5w9hL22G
Kht1rJuxtN7UJh65ddmoWNNDpOptyCW271r6AsM5cPF8HR+zkB/qxF07pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI3YwtMMODQP+CZqLtjSKpOz2rlUMB8GA1UdIwQY
MBaAFBeZniEZFKaNuD6vP3/ThMU+dHRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVtZUlSa1VwbzI0UHE4X2Y5T0V4VDUwZEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lYTExN2EtNDEyYS00OWUyLTg5MGYt
NGJiNDNiYTNjZGUzLzEvamRqQzB3dzROQV80Sm1vdTJOSXFrN1BhdVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lYTExN2EtNDEyYS00OWUyLTg5MGYtNGJiNDNiYTNjZGUz
LzEvRjVtZUlSa1VwbzI0UHE4X2Y5T0V4VDUwZEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRWGMA0E
AgACMAcDBQAqBESAMA0GCSqGSIb3DQEBCwUAA4IBAQClqLnOM/pNB92MkInlmG3x
9fhexqbUEn6VyRERGEQ1ttJd/8hJya2FSHN6MArHnTn2vr0gibECBOLkt6x2IlE1
NhZ0NHYhVN0jYjhry8ZsgHmVfR1wRqekrCxjrsbkq3UuJboCs7WUNPTaf4RDuCSj
kBrsZLwt0dX0k2casUC2ppW1HVrVzCjI4F3XNi0q+EDDWCfDtYEoKSAdJYSz3ZtS
XoiDSvfbS+ocejWUT2mICxklDe17gAKGwmk15KQmNFTSkypy173Lyd0ZntJvAgUa
MxRyyB2FWDTlecoBrURayuOwRtnzN44iVg/cW6wo7s5PGbvj0ZNjUXsP7zy/jk2s
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:56 2025 by rpki-client