Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/JKL9ye3UOtI1o8T1cr1S9hXZ2no.roa
File: JKL9ye3UOtI1o8T1cr1S9hXZ2no.roa (raw, json)
Hash identifier: lqCnv+8U/mZxgsC3R6bKu9b+cHWg6szFuB9C89FECMk=
Subject key identifier: 24:A2:FD:C9:ED:D4:3A:D2:35:A3:C4:F5:72:BD:52:F6:15:D9:DA:7A
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 01949DC5154D96B3B6D0EC5439D99BEE66FF
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/JKL9ye3UOtI1o8T1cr1S9hXZ2no.roa
Signing time: Sat 25 Jan 2025 14:02:06 +0000
ROA not before: Sat 25 Jan 2025 14:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201814
IP address blocks: 185.252.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9d:c5:15:4d:96:b3:b6:d0:ec:54:39:d9:9b:ee:66:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jan 25 14:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24a2fdc9edd43ad235a3c4f572bd52f615d9da7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8c:9c:87:d1:45:8c:a8:8e:8d:ec:69:b0:79:
3a:5a:1d:48:82:f6:ab:4d:0b:34:63:44:02:c3:53:
f0:5b:17:40:20:a6:bd:05:89:15:7d:05:04:52:64:
f3:80:99:1c:62:cc:f1:b3:17:24:31:cb:5d:d2:cd:
bb:2f:bf:23:5a:21:47:61:a3:6d:01:3b:36:60:93:
f5:93:93:3e:4c:e5:ec:20:a7:20:63:df:f9:da:ff:
0a:33:7c:35:4f:37:c0:13:00:ed:d7:3e:36:c1:11:
f8:2b:3c:65:87:22:b2:f0:18:ff:04:48:b5:f3:7a:
7c:ce:0b:90:21:b3:bb:70:d4:0d:62:e5:aa:26:91:
6c:53:67:cb:f5:8c:a5:65:62:c7:d1:16:a1:bd:aa:
21:e8:19:46:95:9c:dd:35:b4:7b:0d:15:82:42:fa:
77:50:f0:41:15:81:6f:11:7d:a6:e1:0f:8b:d0:58:
64:42:21:3c:8e:6e:fa:a9:3b:7a:3d:81:e8:7b:7c:
05:d9:c1:de:29:62:e2:7c:f5:9f:85:30:8e:82:33:
a3:b7:dc:32:44:7b:40:42:c5:fd:5d:ed:4f:70:d0:
8d:b2:32:4b:0e:a5:fb:dd:42:7a:b4:f1:6a:93:56:
87:4a:d7:79:a4:31:bc:b3:7d:22:68:71:fc:da:a7:
7f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A2:FD:C9:ED:D4:3A:D2:35:A3:C4:F5:72:BD:52:F6:15:D9:DA:7A
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/JKL9ye3UOtI1o8T1cr1S9hXZ2no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.132.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e3:29:e4:26:6e:53:2d:1e:51:ea:7d:6b:3d:5c:e2:f2:be:
3d:78:4f:f6:ea:35:fb:4d:8e:49:86:ae:a2:af:33:3f:71:35:
3f:22:fc:3e:d1:8c:d0:14:33:76:8c:0b:80:0b:3e:e3:1b:06:
25:9d:93:db:19:13:0b:19:f7:3f:07:1a:f6:8e:60:04:91:4e:
1f:59:12:85:e9:eb:a4:07:54:41:54:f8:bd:6a:95:d3:67:6f:
d2:66:52:46:34:cf:7d:6d:d4:6d:40:75:13:de:c8:06:4b:89:
2c:ef:7c:13:46:53:03:8c:1a:89:4e:9a:cc:96:16:ce:05:da:
85:35:6b:04:a5:21:7a:7f:87:3b:96:b8:2f:9b:53:3b:e1:5c:
90:ae:57:e7:ab:39:a7:46:82:6c:e3:ea:58:48:e2:aa:d5:50:
ec:4f:5f:1e:4a:c5:3c:31:93:62:4b:35:07:3a:c5:35:46:46:
cb:e3:45:37:cf:e1:7f:b1:a7:85:f9:0a:15:fa:86:e5:d0:40:
80:e9:e6:13:c0:b5:ea:27:ca:38:11:dc:ea:77:eb:b9:21:43:
ca:80:88:c7:59:2c:67:cf:41:60:f9:11:b6:da:7b:95:2c:bf:
be:92:77:d7:5e:04:94:93:35:e9:37:e6:11:20:d8:1e:02:28:
90:dc:41:1e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZSdxRVNlrO20OxUOdmb7mb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjUwMTI1MTQwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGEyZmRjOWVkZDQzYWQyMzVhM2M0ZjU3MmJkNTJmNjE1ZDlkYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64ych9FFjKiOjexpsHk6Wh1Igvar
TQs0Y0QCw1PwWxdAIKa9BYkVfQUEUmTzgJkcYszxsxckMctd0s27L78jWiFHYaNt
ATs2YJP1k5M+TOXsIKcgY9/52v8KM3w1TzfAEwDt1z42wRH4KzxlhyKy8Bj/BEi1
83p8zguQIbO7cNQNYuWqJpFsU2fL9YylZWLH0Rahvaoh6BlGlZzdNbR7DRWCQvp3
UPBBFYFvEX2m4Q+L0FhkQiE8jm76qTt6PYHoe3wF2cHeKWLifPWfhTCOgjOjt9wy
RHtAQsX9Xe1PcNCNsjJLDqX73UJ6tPFqk1aHStd5pDG8s30iaHH82qd/vwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCSi/cnt1DrSNaPE9XK9UvYV2dp6MB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xL0pLTDl5ZTNVT3RJMW84VDFjcjFTOWhYWjJuby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5/IQw
DQYJKoZIhvcNAQELBQADggEBADnjKeQmblMtHlHqfWs9XOLyvj14T/bqNftNjkmG
rqKvMz9xNT8i/D7RjNAUM3aMC4ALPuMbBiWdk9sZEwsZ9z8HGvaOYASRTh9ZEoXp
66QHVEFU+L1qldNnb9JmUkY0z31t1G1AdRPeyAZLiSzvfBNGUwOMGolOmsyWFs4F
2oU1awSlIXp/hzuWuC+bUzvhXJCuV+erOadGgmzj6lhI4qrVUOxPXx5KxTwxk2JL
NQc6xTVGRsvjRTfP4X+xp4X5ChX6huXQQIDp5hPAteonyjgR3Op367khQ8qAiMdZ
LGfPQWD5Ebbae5Usv76Sd9deBJSTNek35hEg2B4CKJDcQR4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:28:33 2025 by rpki-client