Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/jX1iMEMhj6_WdXTUBq0GlWaaV20.roa
File: jX1iMEMhj6_WdXTUBq0GlWaaV20.roa (raw, json)
Hash identifier: 8QCHzWOckFZKqXALiiMy/qW6wfPGm8V2LBqLIdFNZH8=
Subject key identifier: 8D:7D:62:30:43:21:8F:AF:D6:75:74:D4:06:AD:06:95:66:9A:57:6D
Certificate issuer: /CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Certificate serial: 019422FB6DAE1C2564C035BFEB001F607B30
Authority key identifier: C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/jX1iMEMhj6_WdXTUBq0GlWaaV20.roa
Signing time: Wed 01 Jan 2025 17:48:10 +0000
ROA not before: Wed 01 Jan 2025 17:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197014
IP address blocks: 185.36.216.0/22 maxlen: 24
194.247.26.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6d:ae:1c:25:64:c0:35:bf:eb:00:1f:60:7b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Validity
Not Before: Jan 1 17:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d7d623043218fafd67574d406ad0695669a576d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ba:d4:58:ab:57:09:b9:d2:53:02:bd:21:a3:
aa:14:92:6a:3f:d9:7a:dc:40:fd:fe:d6:00:7d:6b:
18:6c:9e:22:ef:18:77:c2:16:28:47:72:53:64:80:
6a:c4:50:38:82:a7:7d:a3:88:fb:1a:9d:aa:b1:03:
0f:52:35:3d:22:67:8c:89:4c:98:8f:93:9a:c4:60:
bc:56:db:39:45:34:0e:7e:77:2a:d6:98:df:76:d5:
c8:c7:78:2b:57:c4:06:e5:ae:6e:17:b4:d8:60:f7:
68:d8:44:b3:b7:e0:b6:51:cf:1f:de:9a:c9:60:13:
5f:22:15:f9:3c:39:27:8e:e8:15:33:ad:85:c2:71:
8b:88:43:49:d4:cf:f2:e9:ed:7a:3e:13:db:54:a1:
7d:45:54:57:e5:ce:7c:65:95:fe:a0:80:b1:9e:2b:
4e:7d:6b:8a:88:ba:eb:c2:0a:48:89:9d:de:9c:d9:
74:ae:fa:22:b7:77:53:56:9c:6a:b7:26:01:f2:70:
f4:b9:9f:6a:5a:de:cf:61:73:ee:f3:9e:5c:ce:db:
79:3b:7e:4f:aa:ca:f8:eb:c5:46:98:f8:c7:70:8e:
ce:29:56:33:0e:66:f8:cd:79:53:e8:1b:fe:d4:84:
2a:bf:b5:38:d2:87:d3:2a:a0:a7:5d:ed:d4:10:50:
49:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7D:62:30:43:21:8F:AF:D6:75:74:D4:06:AD:06:95:66:9A:57:6D
X509v3 Authority Key Identifier:
keyid:C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/jX1iMEMhj6_WdXTUBq0GlWaaV20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.216.0/22
194.247.26.0/23
Signature Algorithm: sha256WithRSAEncryption
51:9b:04:25:81:8e:16:b7:fd:b8:a2:43:fb:c1:7a:b6:02:0a:
0d:e4:3e:e5:97:89:78:69:91:35:53:0b:7c:b3:1e:bb:2d:29:
79:ba:c8:ee:a2:aa:f6:67:3b:50:d4:61:af:a7:52:a0:50:12:
09:3c:5b:2a:9a:1a:41:e5:3e:26:24:d6:eb:47:21:41:ca:63:
bc:65:da:1d:bd:57:d2:08:99:e7:66:14:3a:0f:2b:df:1e:90:
fa:01:e3:d2:3b:36:20:1a:05:21:4a:22:7c:cd:02:05:a3:8c:
e6:a3:2f:78:69:89:5f:6b:9b:1f:61:ae:e1:2d:bc:46:34:60:
cd:42:8e:5f:1d:0a:fb:ae:e2:c4:ea:71:0c:0a:92:e6:74:9b:
46:3f:ff:2a:a8:87:60:0a:d8:3d:1e:76:93:fc:e5:a6:3c:2f:
b4:d0:26:5f:48:fc:dd:3c:ec:f7:67:ab:57:55:49:36:11:50:
8d:cc:13:46:d3:c2:18:38:ef:59:ec:e1:c7:63:2b:93:2a:21:
9c:55:08:73:ad:46:80:11:2f:12:94:ce:81:22:b6:99:66:83:
a8:8b:42:d2:cb:b1:59:f5:28:35:d7:a7:1c:88:bc:92:86:93:
b5:7e:29:15:49:2a:40:71:06:0a:e9:36:29:40:df:a2:95:bd:
2c:19:73:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+22uHCVkwDW/6wAfYHswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDcwYWU0MThlZWRkZDZiMzlkYWU5ZTdhMTc3YTE5Yzc3
OTljNDEwHhcNMjUwMTAxMTc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdkNjIzMDQzMjE4ZmFmZDY3NTc0ZDQwNmFkMDY5NTY2OWE1NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorrUWKtXCbnSUwK9IaOqFJJqP9l6
3ED9/tYAfWsYbJ4i7xh3whYoR3JTZIBqxFA4gqd9o4j7Gp2qsQMPUjU9ImeMiUyY
j5OaxGC8Vts5RTQOfncq1pjfdtXIx3grV8QG5a5uF7TYYPdo2ESzt+C2Uc8f3prJ
YBNfIhX5PDknjugVM62FwnGLiENJ1M/y6e16PhPbVKF9RVRX5c58ZZX+oICxnitO
fWuKiLrrwgpIiZ3enNl0rvoit3dTVpxqtyYB8nD0uZ9qWt7PYXPu855cztt5O35P
qsr468VGmPjHcI7OKVYzDmb4zXlT6Bv+1IQqv7U40ofTKqCnXe3UEFBJFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI19YjBDIY+v1nV01AatBpVmmldtMB8GA1UdIwQY
MBaAFMlHCuQY7t3Ws52unnoXehnHeZxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMt
YjA5MTIxNWQ1ZTRkLzEvalgxaU1FTWhqNl9XZFhUVUJxMEdsV2FhVjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMtYjA5MTIxNWQ1ZTRk
LzEveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSTYAwQB
wvcaMA0GCSqGSIb3DQEBCwUAA4IBAQBRmwQlgY4Wt/24okP7wXq2AgoN5D7ll4l4
aZE1Uwt8sx67LSl5usjuoqr2ZztQ1GGvp1KgUBIJPFsqmhpB5T4mJNbrRyFBymO8
ZdodvVfSCJnnZhQ6DyvfHpD6AePSOzYgGgUhSiJ8zQIFo4zmoy94aYlfa5sfYa7h
LbxGNGDNQo5fHQr7ruLE6nEMCpLmdJtGP/8qqIdgCtg9HnaT/OWmPC+00CZfSPzd
POz3Z6tXVUk2EVCNzBNG08IYOO9Z7OHHYyuTKiGcVQhzrUaAES8SlM6BIraZZoOo
i0LSy7FZ9Sg116cciLyShpO1fikVSSpAcQYK6TYpQN+ilb0sGXMJ
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:49 2025 by rpki-client