Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/jyUtfXExJkIeWPFE-JODMPcR0NE.roa
File: jyUtfXExJkIeWPFE-JODMPcR0NE.roa (raw, json)
Hash identifier: IvazoNxGfM9C2jqRgwqUMFSQjgy5bfUJvRSuAgaM680=
Subject key identifier: 8F:25:2D:7D:71:31:26:42:1E:58:F1:44:F8:93:83:30:F7:11:D0:D1
Certificate issuer: /CN=9b2e6fd50ddc817abbac5a64f7c6a12546859ce2
Certificate serial: 0194221F8CFDBFD0A4C66A429C472E725CDF
Authority key identifier: 9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/my5v1Q3cgXq7rFpk98ahJUaFnOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/jyUtfXExJkIeWPFE-JODMPcR0NE.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47875
IP address blocks: 94.124.32.0/21 maxlen: 21
94.124.32.0/22 maxlen: 22
94.124.32.0/24 maxlen: 24
94.124.33.0/24 maxlen: 24
94.124.34.0/24 maxlen: 24
94.124.35.0/24 maxlen: 24
94.124.36.0/22 maxlen: 24
94.124.36.0/24 maxlen: 24
94.124.37.0/24 maxlen: 24
94.124.38.0/24 maxlen: 24
94.124.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/my5v1Q3cgXq7rFpk98ahJUaFnOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8c:fd:bf:d0:a4:c6:6a:42:9c:47:2e:72:5c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b2e6fd50ddc817abbac5a64f7c6a12546859ce2
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f252d7d713126421e58f144f8938330f711d0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:13:23:7d:9d:ce:77:28:10:43:45:d9:96:85:
3c:4b:6c:50:78:12:55:0e:51:f2:35:fb:36:ad:99:
6d:75:8b:9c:eb:5a:e4:e7:22:22:3d:9e:b8:6f:f4:
8e:40:bc:36:fe:86:2b:2a:2b:5c:35:2d:e3:46:c9:
95:09:49:79:ea:40:29:86:fb:7e:00:e1:c5:5d:38:
87:b7:bb:4c:90:eb:94:15:2c:f0:3c:67:ab:b7:b3:
5f:d9:a7:fb:90:8f:87:b1:60:f6:b4:43:07:31:d7:
37:f7:27:65:c3:8e:ac:28:6d:f5:e2:25:e2:6c:1f:
13:41:5e:80:8a:e9:45:a0:3e:ed:66:fb:09:23:01:
80:97:5f:36:c1:14:ba:50:3c:60:17:b6:14:75:c7:
2e:8b:6d:30:7f:15:74:1a:e1:c3:1c:1e:02:01:6f:
72:0b:0e:a6:22:f3:5a:e2:71:60:9c:91:48:23:cb:
e4:2d:c5:7f:ff:ac:d9:08:a0:d4:58:51:ff:cf:be:
66:86:19:af:eb:7c:eb:3f:1e:37:d5:f1:7d:f6:fa:
e2:16:fd:01:f1:d1:74:6a:98:86:c5:4b:25:f5:c7:
a7:54:ec:eb:1f:a1:24:db:12:bc:a5:b0:ef:64:96:
ef:3d:2e:3b:e7:a6:e7:27:56:44:0c:3a:fb:dd:da:
f6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:25:2D:7D:71:31:26:42:1E:58:F1:44:F8:93:83:30:F7:11:D0:D1
X509v3 Authority Key Identifier:
keyid:9B:2E:6F:D5:0D:DC:81:7A:BB:AC:5A:64:F7:C6:A1:25:46:85:9C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/my5v1Q3cgXq7rFpk98ahJUaFnOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/jyUtfXExJkIeWPFE-JODMPcR0NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3ba2d9-74ce-4881-b23f-7cb0723da0bd/1/my5v1Q3cgXq7rFpk98ahJUaFnOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.32.0/21
Signature Algorithm: sha256WithRSAEncryption
79:51:46:3c:9c:27:79:d4:e1:e4:37:be:34:e3:17:cf:8f:c8:
83:1e:51:32:f0:03:63:34:cf:64:2a:a7:52:4a:35:65:88:09:
a1:96:4a:4f:c0:4d:26:5d:13:c2:98:14:09:ef:33:dd:c6:79:
79:a3:37:76:db:70:a1:2f:93:e1:4e:a8:df:5a:12:1d:45:f7:
e4:d4:6d:ed:c9:e7:50:b4:05:9b:1d:9e:8e:17:52:74:70:52:
9b:d4:6d:79:fc:de:a2:f0:6d:72:77:5e:47:5e:68:3f:12:bd:
b9:ab:09:44:6e:7b:17:2c:2f:56:39:6b:f7:e7:0c:c9:62:99:
97:17:7a:ae:d6:d1:62:f4:23:7c:44:79:02:44:bd:b3:5d:c1:
d1:4b:d2:a0:e0:9b:85:89:23:b2:0a:af:c7:d7:a1:2d:57:d5:
e1:99:63:0e:24:b9:c9:92:d1:9f:0a:fd:25:ee:8c:87:0b:f7:
31:f9:e2:47:c8:db:e6:6b:7c:d2:0d:85:0c:5e:0f:6d:e6:a4:
1b:4a:11:94:75:cd:bd:82:21:4d:c8:cb:1d:2d:2d:ab:28:2d:
22:3e:fb:39:b2:7a:24:27:b3:33:39:26:73:03:f3:e0:f5:01:
57:d7:43:89:ce:6c:8d:0d:29:a6:7f:f2:bc:3f:6a:53:63:4d:
af:c0:a3:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4z9v9CkxmpCnEcuclzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMmU2ZmQ1MGRkYzgxN2FiYmFjNWE2NGY3YzZhMTI1NDY4
NTljZTIwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI1MmQ3ZDcxMzEyNjQyMWU1OGYxNDRmODkzODMzMGY3MTFkMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRMjfZ3OdygQQ0XZloU8S2xQeBJV
DlHyNfs2rZltdYuc61rk5yIiPZ64b/SOQLw2/oYrKitcNS3jRsmVCUl56kAphvt+
AOHFXTiHt7tMkOuUFSzwPGert7Nf2af7kI+HsWD2tEMHMdc39ydlw46sKG314iXi
bB8TQV6AiulFoD7tZvsJIwGAl182wRS6UDxgF7YUdccui20wfxV0GuHDHB4CAW9y
Cw6mIvNa4nFgnJFII8vkLcV//6zZCKDUWFH/z75mhhmv63zrPx431fF99vriFv0B
8dF0apiGxUsl9cenVOzrH6Ek2xK8pbDvZJbvPS4756bnJ1ZEDDr73dr2WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8lLX1xMSZCHljxRPiTgzD3EdDRMB8GA1UdIwQY
MBaAFJsub9UN3IF6u6xaZPfGoSVGhZziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXk1djFRM2NnWHE3ckZwazk4YWhKVWFGbk9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8zYmEyZDktNzRjZS00ODgxLWIyM2Yt
N2NiMDcyM2RhMGJkLzEvanlVdGZYRXhKa0llV1BGRS1KT0RNUGNSME5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8zYmEyZDktNzRjZS00ODgxLWIyM2YtN2NiMDcyM2RhMGJk
LzEvbXk1djFRM2NnWHE3ckZwazk4YWhKVWFGbk9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXnwgMA0G
CSqGSIb3DQEBCwUAA4IBAQB5UUY8nCd51OHkN7404xfPj8iDHlEy8ANjNM9kKqdS
SjVliAmhlkpPwE0mXRPCmBQJ7zPdxnl5ozd223ChL5PhTqjfWhIdRffk1G3tyedQ
tAWbHZ6OF1J0cFKb1G15/N6i8G1yd15HXmg/Er25qwlEbnsXLC9WOWv35wzJYpmX
F3qu1tFi9CN8RHkCRL2zXcHRS9Kg4JuFiSOyCq/H16EtV9XhmWMOJLnJktGfCv0l
7oyHC/cx+eJHyNvma3zSDYUMXg9t5qQbShGUdc29giFNyMsdLS2rKC0iPvs5snok
J7MzOSZzA/Pg9QFX10OJzmyNDSmmf/K8P2pTY02vwKP8
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:52 2025 by rpki-client