Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CJ2ClG_JdfjMlY4Z6z_RGPwGBQA.roa
File: CJ2ClG_JdfjMlY4Z6z_RGPwGBQA.roa (raw, json)
Hash identifier: hDhd3vstthEFV1qbikUvxMAn4J2gEu+fzCJOKi1wsv4=
Subject key identifier: 08:9D:82:94:6F:C9:75:F8:CC:95:8E:19:EB:3F:D1:18:FC:06:05:00
Certificate issuer: /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial: 01942444BCA500CC16D6B7CA280C0D316CDD
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CJ2ClG_JdfjMlY4Z6z_RGPwGBQA.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205220
IP address blocks: 185.167.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bc:a5:00:cc:16:d6:b7:ca:28:0c:0d:31:6c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=089d82946fc975f8cc958e19eb3fd118fc060500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:db:c4:50:8d:70:a9:14:b0:fb:cc:56:2c:
80:33:65:77:2b:9a:d0:d4:86:bd:a7:79:b6:2e:18:
66:44:6f:12:e0:6b:3c:44:56:87:18:1b:2c:e6:20:
66:cb:be:d8:3f:81:59:6f:ce:29:d5:cb:50:b7:85:
ac:02:03:36:05:bc:b8:ab:9e:2a:b8:9b:2b:74:2c:
a4:fe:d1:f9:70:24:0c:8f:c5:05:12:74:3e:2b:4e:
ac:60:bf:9e:d4:ca:ca:39:a6:40:2c:29:3a:5f:fc:
17:f2:19:67:b8:f4:cc:73:dd:e8:61:6b:01:4b:e7:
6d:07:e3:61:d5:87:79:91:8e:04:bc:ae:39:e1:2d:
47:a5:ce:54:66:14:26:f7:de:80:a2:a4:12:cf:aa:
60:de:bc:91:6d:b3:52:e0:96:d3:67:6b:81:8d:9f:
5a:91:29:98:fa:fe:54:9c:0f:b3:4c:22:05:2e:56:
8a:e3:20:48:b7:58:83:92:07:83:29:ec:88:36:56:
88:c3:4c:ed:b9:59:70:a8:88:13:14:b6:77:5e:e6:
5c:74:04:92:32:30:e3:92:30:a6:42:a6:0a:71:e6:
c7:ef:50:6a:e6:87:54:39:ff:e1:04:f8:e3:f3:be:
dc:6e:95:66:8a:71:03:f5:86:8a:d2:43:34:fe:64:
36:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9D:82:94:6F:C9:75:F8:CC:95:8E:19:EB:3F:D1:18:FC:06:05:00
X509v3 Authority Key Identifier:
keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CJ2ClG_JdfjMlY4Z6z_RGPwGBQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.233.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4b:9b:03:b3:1d:88:6c:0d:97:29:5b:a6:37:06:88:6c:89:
45:8a:70:c0:95:7e:bc:6b:d3:41:07:84:01:66:d9:42:5d:dc:
d8:0a:6e:67:8f:67:28:c5:1f:cd:50:e8:25:da:56:d6:49:f7:
d2:4c:a7:16:21:6d:50:53:a3:d0:65:e8:50:71:dc:b2:a9:88:
c8:e5:f4:5a:70:a0:0b:91:05:22:4d:4d:1d:be:23:e8:d6:df:
bf:08:1e:df:1f:30:2a:fe:e6:cd:c3:a9:73:eb:d4:c9:e2:07:
76:1a:fb:41:97:09:c4:b0:69:6e:39:d0:83:79:42:72:cf:28:
e5:96:15:12:37:4d:1e:a9:86:41:f2:00:44:94:92:32:9e:8f:
00:9b:10:9c:a9:cb:38:4c:76:9e:53:bb:10:86:ee:2b:04:b0:
4d:43:6b:83:62:78:a6:8d:5c:27:60:48:0a:c7:da:b6:6d:b6:
f6:fe:35:d4:1c:8d:6a:77:7d:72:ee:fa:cd:7f:94:5c:33:3a:
31:e1:6f:c2:b0:bc:21:69:ec:69:83:eb:9e:44:03:09:51:c7:
f9:0e:84:17:a3:5f:cd:cc:29:ba:90:15:3d:a5:85:91:9e:2b:
1b:83:c8:7e:d9:08:0d:ba:fe:45:c8:d8:e5:18:06:fa:4a:b3:
ad:58:81:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLylAMwW1rfKKAwNMWzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGIxNTE5MzgxNmZkMTVkY2ZkMDQ3ZGI0ZWVjYTY3Mjkx
MmJiNjAwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlkODI5NDZmYzk3NWY4Y2M5NThlMTllYjNmZDExOGZjMDYwNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xzbxFCNcKkUsPvMViyAM2V3K5rQ
1Ia9p3m2LhhmRG8S4Gs8RFaHGBss5iBmy77YP4FZb84p1ctQt4WsAgM2Bby4q54q
uJsrdCyk/tH5cCQMj8UFEnQ+K06sYL+e1MrKOaZALCk6X/wX8hlnuPTMc93oYWsB
S+dtB+Nh1Yd5kY4EvK454S1Hpc5UZhQm996AoqQSz6pg3ryRbbNS4JbTZ2uBjZ9a
kSmY+v5UnA+zTCIFLlaK4yBIt1iDkgeDKeyINlaIw0ztuVlwqIgTFLZ3XuZcdASS
MjDjkjCmQqYKcebH71Bq5odUOf/hBPjj877cbpVminED9YaK0kM0/mQ29wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAidgpRvyXX4zJWOGes/0Rj8BgUAMB8GA1UdIwQY
MBaAFG8LFRk4Fv0V3P0EfbTuymcpErtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYt
OWNmODQzZjA1NjcwLzEvQ0oyQ2xHX0pkZmpNbFk0WjZ6X1JHUHdHQlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85NTg4NDEtZjZiMC00MjQ5LTgwNDYtOWNmODQzZjA1Njcw
LzEvYndzVkdUZ1dfUlhjX1FSOXRPN0taeWtTdTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuafpMA0G
CSqGSIb3DQEBCwUAA4IBAQATS5sDsx2IbA2XKVumNwaIbIlFinDAlX68a9NBB4QB
ZtlCXdzYCm5nj2coxR/NUOgl2lbWSffSTKcWIW1QU6PQZehQcdyyqYjI5fRacKAL
kQUiTU0dviPo1t+/CB7fHzAq/ubNw6lz69TJ4gd2GvtBlwnEsGluOdCDeUJyzyjl
lhUSN00eqYZB8gBElJIyno8AmxCcqcs4THaeU7sQhu4rBLBNQ2uDYnimjVwnYEgK
x9q2bbb2/jXUHI1qd31y7vrNf5RcMzox4W/CsLwhaexpg+ueRAMJUcf5DoQXo1/N
zCm6kBU9pYWRnisbg8h+2QgNuv5FyNjlGAb6SrOtWIEs
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:43:58 2025 by rpki-client