Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/JSU_Gc7eqTUqpDFkA2FIvbeqiUE.roa
File: JSU_Gc7eqTUqpDFkA2FIvbeqiUE.roa (raw, json)
Hash identifier: SjI9SwLiNWQSlSCpLAULn3MZkkJhenDEWQ7CDz2aZ/E=
Subject key identifier: 25:25:3F:19:CE:DE:A9:35:2A:A4:31:64:03:61:48:BD:B7:AA:89:41
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01942067E537C62E1ACB8B66CD42CF1ECCF6
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/JSU_Gc7eqTUqpDFkA2FIvbeqiUE.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.132.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e5:37:c6:2e:1a:cb:8b:66:cd:42:cf:1e:cc:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25253f19cedea9352aa43164036148bdb7aa8941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:65:7b:97:e6:6b:13:b4:6b:c3:37:78:62:
f6:a9:0f:30:11:3b:eb:d4:b1:ed:4e:83:ef:99:6c:
e4:0a:fe:50:79:44:6d:f0:69:10:4d:1a:48:1c:a3:
42:79:82:74:f5:ae:bf:4b:c9:26:c9:cf:35:94:49:
5b:41:3a:cb:b2:ec:2c:31:cf:fe:26:b4:e6:84:d0:
d6:83:3b:67:b2:80:87:94:ec:78:b7:cb:f0:9e:83:
b9:04:02:5d:20:5b:3f:68:e8:05:ba:82:a4:93:dd:
01:77:cd:83:f0:a7:94:6b:a5:a8:63:c6:67:64:6d:
b1:f6:55:4a:b5:15:62:8b:a9:ff:85:77:96:7b:44:
a7:e8:9a:58:08:62:8c:01:07:96:84:be:ce:2a:68:
e9:dd:d9:ea:1f:ba:ad:29:1c:0a:c5:e8:b0:02:a9:
eb:cd:37:6d:1b:24:7b:07:53:55:ba:ed:21:16:78:
83:f1:0b:1b:0e:79:38:47:7c:63:72:ab:2f:19:ee:
b6:38:27:a7:b6:73:e0:f7:24:6b:36:54:07:df:a9:
4a:1e:9e:bd:5b:d5:90:32:9d:9a:0c:64:76:00:b6:
96:b9:88:5c:95:e9:83:53:51:48:c5:ca:31:5b:43:
7e:55:d7:d3:bc:14:2d:ce:5a:57:f0:91:06:68:d9:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:25:3F:19:CE:DE:A9:35:2A:A4:31:64:03:61:48:BD:B7:AA:89:41
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/JSU_Gc7eqTUqpDFkA2FIvbeqiUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.132.0/24
45.144.242.0/23
91.220.202.0/23
185.126.227.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4e:2f:78:32:db:86:c3:5e:82:96:f7:fb:09:a0:c0:39:3d:
8d:39:44:ec:5d:9d:d3:1c:d7:ad:b6:0d:a3:ef:9d:ec:0b:af:
7d:ad:32:d0:d6:68:3b:e4:ed:42:e0:3a:9a:65:91:ea:22:f6:
ae:38:22:be:d3:95:50:93:29:1d:e0:4b:ac:dc:4e:e5:b5:52:
74:93:bd:86:c8:99:23:07:40:76:c1:47:83:9b:d9:ef:b5:19:
f3:12:4b:cb:57:2f:83:30:06:75:62:7c:cc:87:2b:17:26:5a:
58:55:20:05:22:9e:a7:23:89:9d:cb:1f:62:c6:31:ee:18:70:
73:36:be:f4:69:db:6d:ea:e8:d6:5d:0a:3d:f0:54:99:52:c4:
ec:03:76:d7:02:a4:5c:61:a4:90:02:d5:03:06:0b:a2:5e:a4:
43:68:ba:3a:51:72:9b:d2:f7:29:38:8a:b8:2e:7f:78:0c:e3:
13:fd:e3:e2:59:bd:e1:33:a4:da:35:ef:55:5c:0c:82:ba:26:
46:1c:4d:46:18:a6:47:5c:f9:54:5c:2d:ae:dc:33:ef:91:fe:
0f:30:5a:a3:55:65:60:17:4f:e1:af:59:d2:6f:9d:4f:c7:21:
dc:15:45:97:c2:d1:e6:5f:c9:e9:c8:26:d8:0b:0e:25:13:c6:
36:ec:29:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgZ+U3xi4ay4tmzULPHsz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI1M2YxOWNlZGVhOTM1MmFhNDMxNjQwMzYxNDhiZGI3YWE4OTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdlle5fmaxO0a8M3eGL2qQ8wETvr
1LHtToPvmWzkCv5QeURt8GkQTRpIHKNCeYJ09a6/S8kmyc81lElbQTrLsuwsMc/+
JrTmhNDWgztnsoCHlOx4t8vwnoO5BAJdIFs/aOgFuoKkk90Bd82D8KeUa6WoY8Zn
ZG2x9lVKtRVii6n/hXeWe0Sn6JpYCGKMAQeWhL7OKmjp3dnqH7qtKRwKxeiwAqnr
zTdtGyR7B1NVuu0hFniD8QsbDnk4R3xjcqsvGe62OCentnPg9yRrNlQH36lKHp69
W9WQMp2aDGR2ALaWuYhclemDU1FIxcoxW0N+VdfTvBQtzlpX8JEGaNlggQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUlPxnO3qk1KqQxZANhSL23qolBMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvSlNVX0djN2VxVFVxcERGa0EyRkl2YmVxaVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALUKEAwQB
LZDyAwQBW9zKAwQAuX7jMA0GCSqGSIb3DQEBCwUAA4IBAQAITi94MtuGw16Clvf7
CaDAOT2NOUTsXZ3THNettg2j753sC699rTLQ1mg75O1C4DqaZZHqIvauOCK+05VQ
kykd4Eus3E7ltVJ0k72GyJkjB0B2wUeDm9nvtRnzEkvLVy+DMAZ1YnzMhysXJlpY
VSAFIp6nI4mdyx9ixjHuGHBzNr70adtt6ujWXQo98FSZUsTsA3bXAqRcYaSQAtUD
BguiXqRDaLo6UXKb0vcpOIq4Ln94DOMT/ePiWb3hM6TaNe9VXAyCuiZGHE1GGKZH
XPlUXC2u3DPvkf4PMFqjVWVgF0/hr1nSb51PxyHcFUWXwtHmX8npyCbYCw4lE8Y2
7ClP
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:58:36 2025 by rpki-client