Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/JIEsiChTD9veiUWmlJ3B4QQpFuc.roa
File: JIEsiChTD9veiUWmlJ3B4QQpFuc.roa (raw, json)
Hash identifier: G8sz8HlJFis3zSSNKaXy4CKewTagYcW3tdUbj5SB5rw=
Subject key identifier: 24:81:2C:88:28:53:0F:DB:DE:89:45:A6:94:9D:C1:E1:04:29:16:E7
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 0194282537F94FE34BAF5020BF1B0CB34A81
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/JIEsiChTD9veiUWmlJ3B4QQpFuc.roa
Signing time: Thu 02 Jan 2025 17:51:55 +0000
ROA not before: Thu 02 Jan 2025 17:51:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49964
IP address blocks: 109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.99.48.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.45.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:37:f9:4f:e3:4b:af:50:20:bf:1b:0c:b3:4a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 2 17:51:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24812c8828530fdbde8945a6949dc1e1042916e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:a9:52:59:a7:78:fa:f0:ee:33:ec:15:44:
6a:a7:a7:a8:c0:6f:3a:6c:26:3c:26:0a:16:df:53:
6e:cb:d3:bc:3f:99:61:cc:9b:36:08:b4:03:8f:7c:
0e:74:9a:ad:34:d9:a6:07:3c:e0:cc:4a:54:5e:f4:
e1:08:48:0c:a8:dd:5d:96:c0:6d:7c:18:c8:c0:11:
1b:5f:93:1d:96:bd:51:d4:05:c3:4f:50:b8:96:14:
84:b6:ef:63:8d:8a:ef:1c:60:2d:55:0a:9d:bb:77:
0f:fd:2f:52:72:be:6c:38:e0:ec:f5:0d:6e:2c:12:
51:a0:21:2e:38:f5:e8:73:1a:8b:64:ca:1b:73:d1:
f8:21:84:93:43:7e:5c:89:08:a1:66:b3:87:09:05:
e7:09:b0:cb:f4:cc:d5:2b:82:a1:62:fe:fb:45:f0:
59:25:d3:8e:c9:d8:42:01:f4:82:13:ab:61:dd:a5:
d6:f6:f3:a0:96:a0:63:dc:c6:c0:e7:79:96:84:b9:
17:9d:80:35:a3:e3:ff:46:13:f1:76:e6:63:2e:3e:
6f:8e:be:48:50:92:85:29:0b:6c:7e:fa:67:4e:e7:
0a:b7:3c:df:72:ee:65:28:22:b3:84:b7:2a:a9:a7:
00:ca:2e:62:0c:ef:4f:55:ca:94:bb:ec:7d:91:83:
e8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:81:2C:88:28:53:0F:DB:DE:89:45:A6:94:9D:C1:E1:04:29:16:E7
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/JIEsiChTD9veiUWmlJ3B4QQpFuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0/24
185.192.44.0/23
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:9f:1f:42:d0:e5:a8:ff:a8:3f:c4:e5:50:38:d0:59:f2:17:
af:eb:0a:62:d2:c1:92:e2:0d:97:71:a4:5a:66:2e:7a:f0:15:
3b:71:3b:50:76:b2:e5:c6:68:06:f3:b3:21:a1:77:8e:cc:f8:
5c:08:62:ac:53:bd:7c:af:89:54:fe:71:8d:01:6d:8b:16:41:
df:54:3d:22:55:19:eb:93:44:ea:e4:8e:a8:cf:68:4a:a7:14:
a0:18:2d:d3:4d:18:30:79:6e:9d:3a:d6:f1:30:b8:c5:26:52:
a4:45:20:91:98:76:d6:93:ca:d3:74:93:93:26:ee:18:90:3f:
39:87:77:cf:98:b4:ba:7c:f6:c5:fc:25:97:bd:02:a3:10:49:
0f:76:d8:fc:b0:ac:c7:96:26:8c:a5:38:4e:3c:be:01:25:1f:
b5:71:0b:84:d3:a9:03:b1:ef:c7:6f:78:76:c0:81:d7:47:f3:
39:c4:a7:10:62:ee:63:30:5f:8f:05:ea:b6:83:e1:37:b8:04:
cd:d4:aa:be:5e:ca:43:e0:ea:1b:b5:e3:63:04:11:8d:93:1d:
48:e8:5a:3c:e9:72:9d:d6:fe:64:fd:91:70:a6:f0:45:76:41:
32:f1:ea:98:73:64:0a:c7:23:b9:05:05:ef:4d:95:4c:2e:22:
8a:33:b9:cd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJTf5T+NLr1AgvxsMs0qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjUwMTAyMTc1MTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDgxMmM4ODI4NTMwZmRiZGU4OTQ1YTY5NDlkYzFlMTA0MjkxNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX2pUlmnePrw7jPsFURqp6eowG86
bCY8JgoW31Nuy9O8P5lhzJs2CLQDj3wOdJqtNNmmBzzgzEpUXvThCEgMqN1dlsBt
fBjIwBEbX5Mdlr1R1AXDT1C4lhSEtu9jjYrvHGAtVQqdu3cP/S9Scr5sOODs9Q1u
LBJRoCEuOPXocxqLZMobc9H4IYSTQ35ciQihZrOHCQXnCbDL9MzVK4KhYv77RfBZ
JdOOydhCAfSCE6th3aXW9vOglqBj3MbA53mWhLkXnYA1o+P/RhPxduZjLj5vjr5I
UJKFKQtsfvpnTucKtzzfcu5lKCKzhLcqqacAyi5iDO9PVcqUu+x9kYPoXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCSBLIgoUw/b3olFppSdweEEKRbnMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvSklFc2lDaFREOXZlaVVXbWxKM0I0UVFwRnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbUXaAwQA
gH+0AwQAuWMwAwQBucAsAwQAwWmFAwQAwYplMA0GCSqGSIb3DQEBCwUAA4IBAQCb
nx9C0OWo/6g/xOVQONBZ8hev6wpi0sGS4g2XcaRaZi568BU7cTtQdrLlxmgG87Mh
oXeOzPhcCGKsU718r4lU/nGNAW2LFkHfVD0iVRnrk0Tq5I6oz2hKpxSgGC3TTRgw
eW6dOtbxMLjFJlKkRSCRmHbWk8rTdJOTJu4YkD85h3fPmLS6fPbF/CWXvQKjEEkP
dtj8sKzHliaMpThOPL4BJR+1cQuE06kDse/Hb3h2wIHXR/M5xKcQYu5jMF+PBeq2
g+E3uATN1Kq+XspD4OobteNjBBGNkx1I6Fo86XKd1v5k/ZFwpvBFdkEy8eqYc2QK
xyO5BQXvTZVMLiKKM7nN
-----END CERTIFICATE-----
Generated at Mon Apr 14 08:26:20 2025 by rpki-client