Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/js1q95BdIVFdM5eOKV3QyUeuz5c.roa
File: js1q95BdIVFdM5eOKV3QyUeuz5c.roa (raw, json)
Hash identifier: JSJEXmxREo1YG4NfyERfmXSOZTIjgprcHtJpSS8dwsU=
Subject key identifier: 8E:CD:6A:F7:90:5D:21:51:5D:33:97:8E:29:5D:D0:C9:47:AE:CF:97
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B393B39A00DE90AC0960534BAF917A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/js1q95BdIVFdM5eOKV3QyUeuz5c.roa
Signing time: Thu 02 Jan 2025 15:47:47 +0000
ROA not before: Thu 02 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14178
IP address blocks: 45.130.138.0/24 maxlen: 24
45.144.188.0/22 maxlen: 24
45.145.251.0/24 maxlen: 24
136.144.41.0/24 maxlen: 24
185.227.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:93:b3:9a:00:de:90:ac:09:60:53:4b:af:91:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ecd6af7905d21515d33978e295dd0c947aecf97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:5f:ae:8f:84:b9:0a:c7:3d:67:18:1d:56:
49:15:3e:f8:17:fc:3a:1c:98:94:b1:60:df:1e:4c:
10:fa:5e:67:11:fb:54:d9:c4:40:a3:b4:51:20:55:
14:92:b1:72:af:e0:2b:8a:1c:50:4f:97:7b:a2:75:
e7:3d:5d:ff:29:48:31:a5:9d:ff:be:36:53:ae:40:
52:98:9e:d8:78:26:59:60:a8:ff:73:67:bc:03:a6:
88:62:95:19:f7:e3:c7:1d:39:12:84:ec:d6:f1:30:
c4:b3:8f:14:c2:3d:ee:e6:e2:4e:37:d7:ba:56:dd:
9a:d4:70:d0:8b:d0:10:35:95:31:05:67:c8:c8:93:
53:b9:19:66:79:1e:e7:05:ff:54:78:b9:43:14:48:
c2:a6:af:7d:32:56:b2:bd:9d:33:c4:7e:97:ba:de:
d7:18:f9:36:68:fb:05:2a:89:35:8b:00:a1:b2:0c:
a1:13:3f:41:ec:08:ce:f8:7c:ca:ec:12:39:9d:ca:
98:c6:4a:43:43:43:34:8a:83:88:0b:9c:eb:1c:f9:
db:73:8d:f4:cf:8b:1b:dc:be:f1:f1:56:09:74:41:
62:a1:79:a5:a6:34:4d:43:c8:64:c9:a7:bc:f9:44:
43:4d:04:d5:dd:6f:d1:0a:70:2e:72:73:e7:f8:49:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:6A:F7:90:5D:21:51:5D:33:97:8E:29:5D:D0:C9:47:AE:CF:97
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/js1q95BdIVFdM5eOKV3QyUeuz5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.138.0/24
45.144.188.0/22
45.145.251.0/24
136.144.41.0/24
185.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
48:dc:4d:8e:20:7e:a8:89:5d:cc:d8:aa:4f:e0:8d:c2:37:66:
e0:27:d4:0e:d3:c9:cd:e2:da:28:15:9d:bd:cb:f8:78:ac:c7:
7b:56:86:43:2a:80:21:0e:b9:99:9d:9b:3c:65:c2:87:13:0b:
d9:5a:e1:3f:22:3a:08:7d:4f:f2:d4:1c:22:79:dc:02:85:3c:
06:36:ad:29:74:9a:d0:fe:c0:bc:98:e7:95:1f:29:85:97:09:
6b:d3:2d:13:57:cb:04:db:66:b7:89:89:7f:41:fa:5a:2b:9f:
a3:fd:11:3d:b1:23:64:0e:1b:f5:5c:b6:f7:d9:26:f2:9b:1f:
92:f7:36:ff:27:b4:33:90:7a:af:7d:9d:c4:96:21:e0:be:7a:
54:46:a5:e8:cd:f8:90:76:90:4f:b7:96:35:08:b0:2e:0c:1e:
fa:10:b9:7a:1e:15:e7:2b:0e:68:3a:e0:8d:db:54:91:87:02:
aa:5d:a2:09:0c:73:8f:51:63:3a:d8:b5:1e:2b:44:4a:2d:4b:
67:60:df:c1:3d:4b:52:0c:d3:9c:0b:6d:18:49:f6:63:23:b5:
4d:cc:eb:19:42:26:9a:44:8e:a1:d6:00:96:93:51:5e:40:59:
fe:12:3d:1a:f9:a9:e0:06:09:ca:92:35:25:61:c4:3c:53:56:
99:32:db:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQns5OzmgDekKwJYFNLr5F6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNkNmFmNzkwNWQyMTUxNWQzMzk3OGUyOTVkZDBjOTQ3YWVjZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzNfro+EuQrHPWcYHVZJFT74F/w6
HJiUsWDfHkwQ+l5nEftU2cRAo7RRIFUUkrFyr+ArihxQT5d7onXnPV3/KUgxpZ3/
vjZTrkBSmJ7YeCZZYKj/c2e8A6aIYpUZ9+PHHTkShOzW8TDEs48Uwj3u5uJON9e6
Vt2a1HDQi9AQNZUxBWfIyJNTuRlmeR7nBf9UeLlDFEjCpq99MlayvZ0zxH6Xut7X
GPk2aPsFKok1iwChsgyhEz9B7AjO+HzK7BI5ncqYxkpDQ0M0ioOIC5zrHPnbc430
z4sb3L7x8VYJdEFioXmlpjRNQ8hkyae8+URDTQTV3W/RCnAucnPn+EkRqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI7NaveQXSFRXTOXjild0MlHrs+XMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvanMxcTk1QmRJVkZkTTVlT0tWM1F5VWV1ejVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYKKAwQC
LZC8AwQALZH7AwQAiJApAwQAueMjMA0GCSqGSIb3DQEBCwUAA4IBAQBI3E2OIH6o
iV3M2KpP4I3CN2bgJ9QO08nN4tooFZ29y/h4rMd7VoZDKoAhDrmZnZs8ZcKHEwvZ
WuE/IjoIfU/y1BwiedwChTwGNq0pdJrQ/sC8mOeVHymFlwlr0y0TV8sE22a3iYl/
QfpaK5+j/RE9sSNkDhv1XLb32Sbymx+S9zb/J7QzkHqvfZ3EliHgvnpURqXozfiQ
dpBPt5Y1CLAuDB76ELl6HhXnKw5oOuCN21SRhwKqXaIJDHOPUWM62LUeK0RKLUtn
YN/BPUtSDNOcC20YSfZjI7VNzOsZQiaaRI6h1gCWk1FeQFn+Ej0a+angBgnKkjUl
YcQ8U1aZMttN
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:55:08 2025 by rpki-client