Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/jyPlSfMwE97ShJiNEree4W-YnKc.roa
File: jyPlSfMwE97ShJiNEree4W-YnKc.roa (raw, json)
Hash identifier: RPRkI69AUdx22PSRgMKu/d39p+trzoeOCprFB1jyo6s=
Subject key identifier: 8F:23:E5:49:F3:30:13:DE:D2:84:98:8D:12:B7:9E:E1:6F:98:9C:A7
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 019420D5A3ABEFEED4759322C931588BF77F
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/jyPlSfMwE97ShJiNEree4W-YnKc.roa
Signing time: Wed 01 Jan 2025 07:47:39 +0000
ROA not before: Wed 01 Jan 2025 07:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 195.42.144.0/23 maxlen: 32
2001:7f8:43::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a3:ab:ef:ee:d4:75:93:22:c9:31:58:8b:f7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 1 07:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f23e549f33013ded284988d12b79ee16f989ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:25:1e:9e:04:7e:13:bd:c8:3d:61:60:52:
57:3f:9d:36:21:9b:b8:7b:fe:f8:53:cb:79:c6:17:
53:b6:5e:e7:77:f1:79:ef:be:4a:2c:d9:25:d1:7b:
56:25:bc:3c:79:a0:1f:41:c6:55:eb:a8:a4:3d:50:
25:5e:47:77:bd:c8:0a:c4:dc:77:bc:3a:de:1c:13:
83:10:4c:3e:5d:e5:46:51:9b:f4:82:01:8c:b4:de:
41:c7:a9:85:61:92:77:06:65:3b:78:e2:6f:81:e7:
a1:0b:b4:85:b6:04:74:ab:13:b8:db:49:d6:83:ca:
80:8c:d9:05:85:a1:fe:36:53:46:ee:93:1a:8b:19:
67:2c:d8:64:5c:6e:5f:a5:b1:62:28:a6:12:8f:0f:
c2:e2:0f:85:63:ef:de:95:a5:4c:e1:c4:a7:9f:e9:
ce:b8:f0:3d:70:87:40:44:ca:d6:18:39:a5:68:2a:
72:db:df:85:83:e9:03:48:58:b2:76:55:49:42:e5:
6d:28:6d:5d:44:be:be:2b:f2:11:86:c6:64:a0:47:
91:f8:a7:f5:a1:31:3f:b9:c0:85:52:a7:93:8d:6f:
25:6d:91:45:9c:68:91:8f:29:bc:be:d1:f6:1d:e0:
97:fd:06:4f:bf:f4:6e:7c:d2:05:fb:a1:16:be:35:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:23:E5:49:F3:30:13:DE:D2:84:98:8D:12:B7:9E:E1:6F:98:9C:A7
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/jyPlSfMwE97ShJiNEree4W-YnKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.144.0/23
IPv6:
2001:7f8:43::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f6:d3:d0:56:2c:aa:aa:cc:dc:80:51:4d:b8:64:f1:63:29:
58:df:87:1d:42:b8:fa:de:1d:cf:2c:a6:6e:77:b6:a1:bf:21:
d5:c6:d5:9b:92:db:e5:b0:b3:6c:75:ab:0d:2b:35:85:eb:75:
32:40:53:1b:68:8e:49:91:2c:1c:82:c2:87:ee:8d:3c:0e:f5:
9d:8c:57:2a:a8:0a:7e:d0:37:f1:03:2c:34:19:c0:a4:f1:15:
05:59:a5:78:7a:db:4b:a8:c6:1b:3a:64:c9:25:31:af:91:ad:
73:f9:fb:a3:33:6b:42:f3:ef:c0:dc:d3:4e:0d:74:4e:67:a2:
fe:a6:f6:84:5c:9f:e8:67:56:07:a2:04:dd:8e:12:3d:3e:91:
33:cb:f0:78:d5:e1:f9:c9:df:ee:bf:00:ea:f3:ad:cb:b6:eb:
68:1d:60:98:f9:74:3c:b7:ab:5c:f0:c0:14:98:81:3b:19:9b:
7a:66:54:06:8f:05:71:c3:88:b0:a5:81:7e:fc:8c:cd:89:df:
1e:31:95:24:ab:56:1f:9f:44:70:d7:52:4e:23:5a:03:6a:a7:
92:8a:a2:62:13:26:7e:70:e7:8c:74:a1:de:58:ca:67:9c:1e:
18:ce:1b:b7:6d:bc:39:37:bd:16:c7:59:2c:f3:ab:f1:a5:b4:
9e:19:f4:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1aOr7+7UdZMiyTFYi/d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjUwMTAxMDc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjIzZTU0OWYzMzAxM2RlZDI4NDk4OGQxMmI3OWVlMTZmOTg5Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOIlHp4EfhO9yD1hYFJXP502IZu4
e/74U8t5xhdTtl7nd/F5775KLNkl0XtWJbw8eaAfQcZV66ikPVAlXkd3vcgKxNx3
vDreHBODEEw+XeVGUZv0ggGMtN5Bx6mFYZJ3BmU7eOJvgeehC7SFtgR0qxO420nW
g8qAjNkFhaH+NlNG7pMaixlnLNhkXG5fpbFiKKYSjw/C4g+FY+/elaVM4cSnn+nO
uPA9cIdARMrWGDmlaCpy29+Fg+kDSFiydlVJQuVtKG1dRL6+K/IRhsZkoEeR+Kf1
oTE/ucCFUqeTjW8lbZFFnGiRjym8vtH2HeCX/QZPv/RufNIF+6EWvjVqewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI8j5UnzMBPe0oSYjRK3nuFvmJynMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvanlQbFNmTXdFOTdTaEppTkVyZWU0Vy1ZbktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwyqQMA8E
AgACMAkDBwAgAQf4AEMwDQYJKoZIhvcNAQELBQADggEBAI/209BWLKqqzNyAUU24
ZPFjKVjfhx1CuPreHc8spm53tqG/IdXG1ZuS2+Wws2x1qw0rNYXrdTJAUxtojkmR
LByCwofujTwO9Z2MVyqoCn7QN/EDLDQZwKTxFQVZpXh620uoxhs6ZMklMa+RrXP5
+6Mza0Lz78Dc004NdE5nov6m9oRcn+hnVgeiBN2OEj0+kTPL8HjV4fnJ3+6/AOrz
rcu262gdYJj5dDy3q1zwwBSYgTsZm3pmVAaPBXHDiLClgX78jM2J3x4xlSSrVh+f
RHDXUk4jWgNqp5KKomITJn5w54x0od5YymecHhjOG7dtvDk3vRbHWSzzq/GltJ4Z
9H8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:43 2025 by rpki-client