Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/jCdTYmvYMmAVCpwgaEf86kYug58.roa
File: jCdTYmvYMmAVCpwgaEf86kYug58.roa (raw, json)
Hash identifier: ztqwVKV63uIGzbrcGebHuh3wlQjH5xZyStSjcOzpGqU=
Subject key identifier: 8C:27:53:62:6B:D8:32:60:15:0A:9C:20:68:47:FC:EA:46:2E:83:9F
Certificate issuer: /CN=a73879de2594cfdd4c9e4225556281b208d94614
Certificate serial: 019423D72FBD050C4DDFEC90BCD705317DE0
Authority key identifier: A7:38:79:DE:25:94:CF:DD:4C:9E:42:25:55:62:81:B2:08:D9:46:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pzh53iWUz91MnkIlVWKBsgjZRhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/jCdTYmvYMmAVCpwgaEf86kYug58.roa
Signing time: Wed 01 Jan 2025 21:48:12 +0000
ROA not before: Wed 01 Jan 2025 21:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212979
IP address blocks: 195.69.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/pzh53iWUz91MnkIlVWKBsgjZRhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/pzh53iWUz91MnkIlVWKBsgjZRhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pzh53iWUz91MnkIlVWKBsgjZRhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2f:bd:05:0c:4d:df:ec:90:bc:d7:05:31:7d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a73879de2594cfdd4c9e4225556281b208d94614
Validity
Not Before: Jan 1 21:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c2753626bd83260150a9c206847fcea462e839f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6a:ba:0e:86:d1:c5:bd:b5:b8:cf:b0:61:a5:
05:da:a7:a2:32:6f:52:8d:2b:33:4c:6f:21:a9:70:
d8:92:7a:b1:77:17:af:b9:62:b6:89:5c:ed:3a:5c:
5a:f6:18:74:19:67:05:63:c4:be:4c:99:68:d0:b3:
6f:a8:53:c5:35:02:e3:a6:cf:df:44:76:11:de:9c:
16:17:c5:78:bd:b1:df:35:80:13:c6:d3:89:eb:c8:
ab:8b:8f:7a:98:0e:42:83:b4:89:2f:21:fa:60:46:
75:d3:ed:92:89:a6:03:f0:d8:a8:c7:1c:05:ef:6e:
49:d7:d8:e5:6a:a0:85:b4:c3:24:3c:1b:9c:07:0e:
6d:15:1c:f8:26:70:82:db:96:e6:0b:cb:29:d7:a7:
d5:ab:28:c8:96:ea:aa:76:ce:5a:67:0c:36:5b:fc:
c5:f3:75:4f:2e:9a:47:20:5b:4b:9b:83:11:e8:89:
bb:37:7e:11:04:99:88:1a:8c:19:37:3f:e2:7c:f4:
2c:3a:57:09:ca:84:95:f2:e0:8d:d0:14:c0:0d:5b:
df:3f:df:8d:ac:3e:ef:47:d8:af:bf:7e:8a:46:d7:
34:ea:28:ac:49:d2:b2:72:15:56:40:81:3b:a7:9d:
5c:ec:5e:25:48:70:f8:cd:46:8c:ad:31:b2:f8:b6:
29:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:27:53:62:6B:D8:32:60:15:0A:9C:20:68:47:FC:EA:46:2E:83:9F
X509v3 Authority Key Identifier:
keyid:A7:38:79:DE:25:94:CF:DD:4C:9E:42:25:55:62:81:B2:08:D9:46:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzh53iWUz91MnkIlVWKBsgjZRhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/jCdTYmvYMmAVCpwgaEf86kYug58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/dbf185-b087-4b44-8f81-9f7d97c63152/1/pzh53iWUz91MnkIlVWKBsgjZRhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.226.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5d:be:c8:14:2f:f2:b4:58:df:1e:ad:9a:cf:3d:df:8b:e3:
62:b5:b9:fc:c9:b2:e6:8f:d6:02:df:0b:48:e3:63:34:06:6b:
7d:6b:7e:35:04:53:c9:9b:71:f4:07:80:fd:bc:13:de:7f:33:
c8:9c:6e:36:94:5e:a7:ec:86:27:b3:d0:d2:d2:9e:2f:d9:a6:
ca:44:c7:47:fe:ad:70:39:4b:a5:87:31:19:c3:47:74:f1:2a:
3c:04:6d:cf:96:e4:0e:c4:6d:1e:55:b6:fd:20:b1:3f:ff:6c:
ba:a9:26:0a:ef:7a:5a:88:dc:23:63:3a:92:c2:38:bb:90:75:
12:89:92:9c:1a:29:d0:a0:d3:c8:62:97:c9:27:53:50:74:83:
39:53:a2:f0:a0:06:94:2a:a7:d0:49:24:1b:44:44:4b:54:13:
52:a3:7d:02:29:72:52:f4:c3:9e:09:2f:4c:06:92:97:09:4b:
ea:51:51:c7:c9:30:bc:ce:a5:58:8d:f9:83:a6:67:5a:da:aa:
71:43:8c:37:f3:b8:8f:05:ce:f4:5d:a8:dd:60:5b:8d:8d:be:
66:00:bd:a3:b3:59:6d:84:b0:79:02:98:77:a2:69:e4:e8:ba:
72:77:d7:f5:92:f7:c3:db:b6:36:81:ec:e4:13:10:ec:e1:04:
92:cf:17:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1y+9BQxN3+yQvNcFMX3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3Mzg3OWRlMjU5NGNmZGQ0YzllNDIyNTU1NjI4MWIyMDhk
OTQ2MTQwHhcNMjUwMTAxMjE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzI3NTM2MjZiZDgzMjYwMTUwYTljMjA2ODQ3ZmNlYTQ2MmU4MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Gq6DobRxb21uM+wYaUF2qeiMm9S
jSszTG8hqXDYknqxdxevuWK2iVztOlxa9hh0GWcFY8S+TJlo0LNvqFPFNQLjps/f
RHYR3pwWF8V4vbHfNYATxtOJ68iri496mA5Cg7SJLyH6YEZ10+2SiaYD8NioxxwF
725J19jlaqCFtMMkPBucBw5tFRz4JnCC25bmC8sp16fVqyjIluqqds5aZww2W/zF
83VPLppHIFtLm4MR6Im7N34RBJmIGowZNz/ifPQsOlcJyoSV8uCN0BTADVvfP9+N
rD7vR9ivv36KRtc06iisSdKychVWQIE7p51c7F4lSHD4zUaMrTGy+LYp7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwnU2Jr2DJgFQqcIGhH/OpGLoOfMB8GA1UdIwQY
MBaAFKc4ed4llM/dTJ5CJVVigbII2UYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpoNTNpV1V6OTFNbmtJbFZXS0JzZ2paUmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kYmYxODUtYjA4Ny00YjQ0LThmODEt
OWY3ZDk3YzYzMTUyLzEvakNkVFltdllNbUFWQ3B3Z2FFZjg2a1l1ZzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kYmYxODUtYjA4Ny00YjQ0LThmODEtOWY3ZDk3YzYzMTUy
LzEvcHpoNTNpV1V6OTFNbmtJbFZXS0JzZ2paUmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0XiMA0G
CSqGSIb3DQEBCwUAA4IBAQA6Xb7IFC/ytFjfHq2azz3fi+Nitbn8ybLmj9YC3wtI
42M0Bmt9a341BFPJm3H0B4D9vBPefzPInG42lF6n7IYns9DS0p4v2abKRMdH/q1w
OUulhzEZw0d08So8BG3PluQOxG0eVbb9ILE//2y6qSYK73paiNwjYzqSwji7kHUS
iZKcGinQoNPIYpfJJ1NQdIM5U6LwoAaUKqfQSSQbRERLVBNSo30CKXJS9MOeCS9M
BpKXCUvqUVHHyTC8zqVYjfmDpmda2qpxQ4w387iPBc70XajdYFuNjb5mAL2js1lt
hLB5Aph3omnk6Lpyd9f1kvfD27Y2gezkExDs4QSSzxel
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:44:23 2025 by rpki-client