Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/8irZy2V_SHs0ikDlT3HoUGHPpBc.roa
File: 8irZy2V_SHs0ikDlT3HoUGHPpBc.roa (raw, json)
Hash identifier: ktGCRrCCmdPPWWR6aei4/ftpTdWVZoIYkk/wJpTtUbs=
Subject key identifier: F2:2A:D9:CB:65:7F:48:7B:34:8A:40:E5:4F:71:E8:50:61:CF:A4:17
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0194228D2A7E0A201080A8200425CE4744A9
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/8irZy2V_SHs0ikDlT3HoUGHPpBc.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8309
IP address blocks: 37.19.128.0/18 maxlen: 18
62.129.0.0/19 maxlen: 19
217.180.128.0/18 maxlen: 18
2a06:19c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:2a:7e:0a:20:10:80:a8:20:04:25:ce:47:44:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f22ad9cb657f487b348a40e54f71e85061cfa417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:22:fc:93:3f:36:5e:d2:f0:6d:69:cc:40:1b:
56:5b:d8:2b:c6:e7:4a:fe:24:75:21:d1:c8:13:5e:
5a:28:18:2a:cc:b3:4d:46:f6:bd:1e:c9:d1:3e:1c:
be:8c:12:9a:df:39:92:25:0b:cd:a3:8a:bc:46:66:
10:1d:94:25:89:0d:b3:1c:08:3b:f1:df:eb:ee:ca:
b2:e5:23:6a:d1:d1:41:19:d5:55:1e:3e:bb:31:0e:
59:cf:45:ca:c6:2a:57:e5:14:a2:09:07:52:5a:ba:
43:3e:66:c3:82:26:b2:91:b6:cc:3e:f4:ef:ba:5d:
5f:68:7c:76:32:ec:ea:6d:a1:fb:b3:1e:50:f2:5c:
23:a1:90:5b:dd:83:ed:39:5c:49:9e:2f:78:1e:38:
28:03:44:54:3e:0f:81:1a:0a:1c:dd:e9:ec:56:9d:
7c:9b:08:ea:5f:4e:3f:66:4b:0d:5f:cc:b0:c3:a4:
2d:c5:e9:88:39:4d:6c:33:93:ae:79:19:96:be:af:
9d:40:0c:80:48:1f:a9:fe:8f:01:09:98:4e:d0:09:
c0:be:43:fc:93:48:5a:a7:cb:3a:ff:12:c8:41:91:
12:81:fd:0f:f0:bd:33:6d:d9:1f:07:2a:1a:df:85:
f5:c0:5e:0d:e7:6a:3d:9c:15:24:f8:bb:38:32:96:
9d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2A:D9:CB:65:7F:48:7B:34:8A:40:E5:4F:71:E8:50:61:CF:A4:17
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/8irZy2V_SHs0ikDlT3HoUGHPpBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.128.0/18
62.129.0.0/19
217.180.128.0/18
IPv6:
2a06:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:91:54:46:0e:81:ff:ee:3b:29:aa:f6:04:8a:12:15:09:95:
e3:a1:a7:f2:cb:33:0a:8d:4c:fb:c6:3d:93:bd:19:b8:3e:ff:
c6:cd:5f:3e:8f:33:80:17:62:92:ba:b7:0d:98:78:8b:ff:22:
0f:35:e2:b1:b2:27:17:bb:73:af:fa:42:4d:6a:92:f2:40:9f:
68:eb:35:5e:7f:ad:ef:d9:53:4d:38:64:c9:0f:0a:50:8a:29:
53:8b:36:0e:d6:55:49:d7:8f:6e:cc:70:d3:e2:8c:fd:41:50:
9c:ab:31:55:fa:ba:e1:41:b0:ef:5a:3a:5b:b3:90:50:19:ea:
12:e3:63:5d:6d:06:b2:5b:35:6a:70:c0:ac:da:b0:58:d3:c2:
cf:ce:92:60:67:81:3e:6d:32:3f:71:25:d6:95:4b:2b:20:cf:
91:7a:47:64:de:50:59:11:fb:4d:dd:17:be:a9:10:d6:6d:12:
cb:c3:62:c3:43:6b:b2:fe:81:bc:f5:66:45:36:b2:8d:8e:d6:
37:f2:f1:b5:6d:7f:19:d6:32:5d:98:34:30:0f:22:9f:6c:ef:
c2:d4:16:75:22:57:cf:75:44:82:86:67:b2:2f:77:30:5a:b6:
49:91:b2:72:8f:ba:30:e7:e4:28:e9:75:84:21:f1:bb:3b:3d:
4a:9c:c1:8d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijSp+CiAQgKggBCXOR0SpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJhZDljYjY1N2Y0ODdiMzQ4YTQwZTU0ZjcxZTg1MDYxY2ZhNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSL8kz82XtLwbWnMQBtWW9grxudK
/iR1IdHIE15aKBgqzLNNRva9HsnRPhy+jBKa3zmSJQvNo4q8RmYQHZQliQ2zHAg7
8d/r7sqy5SNq0dFBGdVVHj67MQ5Zz0XKxipX5RSiCQdSWrpDPmbDgiaykbbMPvTv
ul1faHx2MuzqbaH7sx5Q8lwjoZBb3YPtOVxJni94HjgoA0RUPg+BGgoc3ensVp18
mwjqX04/ZksNX8yww6QtxemIOU1sM5OueRmWvq+dQAyASB+p/o8BCZhO0AnAvkP8
k0hap8s6/xLIQZESgf0P8L0zbdkfByoa34X1wF4N52o9nBUk+Ls4MpadNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPIq2ctlf0h7NIpA5U9x6FBhz6QXMB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvOGlyWnkyVl9TSHMwaWtEbFQzSG9VR0hQcEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGJROAAwQF
PoEAAwQG2bSAMA0EAgACMAcDBQMqBhnAMA0GCSqGSIb3DQEBCwUAA4IBAQAJkVRG
DoH/7jspqvYEihIVCZXjoafyyzMKjUz7xj2TvRm4Pv/GzV8+jzOAF2KSurcNmHiL
/yIPNeKxsicXu3Ov+kJNapLyQJ9o6zVef63v2VNNOGTJDwpQiilTizYO1lVJ149u
zHDT4oz9QVCcqzFV+rrhQbDvWjpbs5BQGeoS42NdbQayWzVqcMCs2rBY08LPzpJg
Z4E+bTI/cSXWlUsrIM+Rekdk3lBZEftN3Re+qRDWbRLLw2LDQ2uy/oG89WZFNrKN
jtY38vG1bX8Z1jJdmDQwDyKfbO/C1BZ1IlfPdUSChmeyL3cwWrZJkbJyj7ow5+Qo
6XWEIfG7Oz1KnMGN
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:18:58 2025 by rpki-client