Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JJI-C-9oBtcYV-r3BsX5tLItXlM.roa
File: JJI-C-9oBtcYV-r3BsX5tLItXlM.roa (raw, json)
Hash identifier: zjcnzqo9avDuhv+fzgrvfrwSKuXtAwZT2xHNcRH+6B8=
Subject key identifier: 24:92:3E:0B:EF:68:06:D7:18:57:EA:F7:06:C5:F9:B4:B2:2D:5E:53
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 019570ED38DCCE7FCF5296FB5A810BEE22EF
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JJI-C-9oBtcYV-r3BsX5tLItXlM.roa
Signing time: Fri 07 Mar 2025 14:05:49 +0000
ROA not before: Fri 07 Mar 2025 14:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 45.114.12.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
45.250.64.0/22 maxlen: 32
91.132.114.0/23 maxlen: 32
103.53.216.0/22 maxlen: 22
103.240.180.0/22 maxlen: 32
185.232.45.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:ed:38:dc:ce:7f:cf:52:96:fb:5a:81:0b:ee:22:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Mar 7 14:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24923e0bef6806d71857eaf706c5f9b4b22d5e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:37:c9:01:10:8d:f3:e8:1e:92:00:0f:8d:
9b:09:dd:11:d0:1f:a5:39:4a:11:26:b4:e5:d2:d9:
04:7b:d3:fe:ef:e0:44:42:87:72:70:55:55:a5:38:
43:3d:8d:01:d4:e5:2d:35:10:56:b3:f1:9c:7a:80:
01:b7:ae:c5:4a:0f:38:b0:0f:be:c3:d4:7b:c8:2f:
c9:0e:96:a2:46:ef:0f:97:a6:a0:bd:a8:82:b1:f3:
b8:06:97:27:0f:40:b6:01:f7:6d:14:24:71:fd:1e:
b4:61:10:2d:db:92:d9:f0:49:4b:43:ca:ce:b7:a0:
ad:9e:25:9e:a9:ce:17:4b:ff:34:e8:43:6c:57:90:
23:e5:29:b7:20:4e:3f:2c:45:13:8d:f3:92:51:32:
e0:be:c5:65:4f:02:17:8e:32:4b:2a:ee:27:0b:c7:
35:04:e2:24:4c:95:7b:e6:09:b5:9a:11:93:cc:7b:
31:7f:1a:a7:d5:30:95:df:fb:fa:17:11:01:aa:76:
0c:00:5e:67:79:d2:1a:ce:94:5f:76:7a:03:2e:8d:
fa:9d:08:f6:72:f3:ed:5d:e6:27:72:08:e0:30:5e:
ca:24:4b:cd:14:e3:25:b4:4c:2e:f3:48:a6:37:b8:
ad:37:06:20:92:50:61:a6:86:92:6c:4e:eb:73:a3:
e5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:92:3E:0B:EF:68:06:D7:18:57:EA:F7:06:C5:F9:B4:B2:2D:5E:53
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JJI-C-9oBtcYV-r3BsX5tLItXlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
45.250.64.0/22
91.132.114.0/23
103.53.216.0/22
103.240.180.0/22
185.232.45.0/24
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:73:6e:10:66:1d:6e:75:f0:a3:73:41:0a:92:73:ec:22:ff:
40:6d:98:bb:5b:5a:a5:f9:29:79:2f:29:7e:f1:c3:65:35:6d:
66:24:b6:cc:8e:3a:7e:f3:91:63:a6:77:bb:3a:14:48:38:bc:
9d:d4:b2:89:d4:07:35:8b:0c:9e:e2:ec:f4:37:3e:3d:3e:20:
30:59:ef:5b:53:5e:a8:ba:d6:19:c1:dd:c0:a9:39:54:2f:46:
33:df:b9:fa:ee:7e:16:66:6b:8e:68:25:1c:0e:e6:f0:09:00:
1e:0b:e5:a8:31:10:64:23:e0:18:3d:ad:96:aa:93:b2:2e:33:
2f:ed:e4:13:86:16:32:86:0a:b4:f0:0e:08:6d:30:c8:b1:e7:
7a:6a:6c:59:db:92:3f:80:93:fd:f9:4f:77:d4:59:37:27:f0:
25:f3:92:36:b0:e1:30:81:2d:24:1d:c2:4c:35:cb:8a:54:35:
ac:1b:08:46:01:9d:7f:be:1f:02:f4:6c:1f:89:3f:d6:fe:2f:
2b:18:82:4f:33:b2:f1:7a:c7:55:07:ea:92:a1:c9:ae:f0:f5:
6d:18:65:49:a4:e5:bc:93:ee:dc:d0:bf:6c:a1:a5:74:c2:9e:
e8:72:1f:95:a6:0d:e7:6b:a5:95:5b:bb:43:a8:95:67:7d:37:
95:ed:ea:12
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZVw7Tjczn/PUpb7WoEL7iLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjUwMzA3MTQwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDkyM2UwYmVmNjgwNmQ3MTg1N2VhZjcwNmM1ZjliNGIyMmQ1ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzs3yQEQjfPoHpIAD42bCd0R0B+l
OUoRJrTl0tkEe9P+7+BEQodycFVVpThDPY0B1OUtNRBWs/GceoABt67FSg84sA++
w9R7yC/JDpaiRu8Pl6agvaiCsfO4BpcnD0C2AfdtFCRx/R60YRAt25LZ8ElLQ8rO
t6CtniWeqc4XS/806ENsV5Aj5Sm3IE4/LEUTjfOSUTLgvsVlTwIXjjJLKu4nC8c1
BOIkTJV75gm1mhGTzHsxfxqn1TCV3/v6FxEBqnYMAF5nedIazpRfdnoDLo36nQj2
cvPtXeYncgjgMF7KJEvNFOMltEwu80imN7itNwYgklBhpoaSbE7rc6PlKwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCSSPgvvaAbXGFfq9wbF+bSyLV5TMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvSkpJLUMtOW9CdGNZVi1yM0JzWDV0TEl0WGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLXIMAwQC
LZFoAwQCLfpAAwQBW4RyAwQCZzXYAwQCZ/C0AwQAuegtAwQAwRy2AwQAwRy/AwQA
wRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQAPc24QZh1udfCjc0EKknPsIv9A
bZi7W1ql+Sl5Lyl+8cNlNW1mJLbMjjp+85Fjpne7OhRIOLyd1LKJ1Ac1iwye4uz0
Nz49PiAwWe9bU16outYZwd3AqTlUL0Yz37n67n4WZmuOaCUcDubwCQAeC+WoMRBk
I+AYPa2WqpOyLjMv7eQThhYyhgq08A4IbTDIsed6amxZ25I/gJP9+U931Fk3J/Al
85I2sOEwgS0kHcJMNcuKVDWsGwhGAZ1/vh8C9GwfiT/W/i8rGIJPM7LxesdVB+qS
ocmu8PVtGGVJpOW8k+7c0L9soaV0wp7och+Vpg3na6WVW7tDqJVnfTeV7eoS
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:49:15 2025 by rpki-client