Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa
File: Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa (raw, json)
Hash identifier: cgzJBvOGYHM0ug0D/FFBZa1jcNvWqnCErJy8L2Lko1U=
Subject key identifier: 26:3D:47:1D:9D:CC:D8:85:AA:11:5A:F6:04:C3:E9:E3:2A:43:C1:C2
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 019424B36F644EB9118AD5BF8E19E794B55C
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa
Signing time: Thu 02 Jan 2025 01:48:46 +0000
ROA not before: Thu 02 Jan 2025 01:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24904
IP address blocks: 45.87.180.0/22 maxlen: 24
45.128.40.0/22 maxlen: 24
94.103.120.0/22 maxlen: 24
185.97.101.0/24 maxlen: 24
185.97.102.0/24 maxlen: 24
185.97.103.0/24 maxlen: 24
185.210.108.0/22 maxlen: 24
185.212.212.0/22 maxlen: 24
194.110.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 16:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:6f:64:4e:b9:11:8a:d5:bf:8e:19:e7:94:b5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Jan 2 01:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=263d471d9dccd885aa115af604c3e9e32a43c1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:16:3a:c1:df:09:22:55:57:59:bb:94:90:
b7:7a:68:5a:fa:28:5f:7a:2b:90:04:80:d8:69:5e:
34:57:f1:d9:8b:c7:27:61:59:f5:d6:83:bc:bf:a1:
0b:dd:22:2b:83:80:d6:9c:87:87:4d:e5:b2:24:aa:
97:08:0a:17:e8:33:d9:71:60:06:46:cc:4c:cd:da:
11:61:fb:f7:1f:c1:43:82:e3:ad:b5:7b:d7:c9:eb:
a4:e6:a6:76:2e:4d:ed:ed:4e:a7:dc:c0:d7:d6:19:
54:68:75:81:05:b9:70:a9:21:5d:9e:91:a8:6b:2a:
d8:0a:98:bb:a0:c3:76:c6:a5:4a:14:c5:08:0b:bc:
d5:da:fd:28:65:1d:75:67:36:83:62:a7:0a:1e:59:
57:d7:26:8d:5e:4e:8b:a4:b7:f4:51:f9:23:d3:87:
8c:8d:41:a5:13:da:e4:14:7f:d7:83:23:7d:d4:31:
cb:2a:bf:4c:2f:02:86:93:4a:ee:bf:9b:90:df:2a:
29:63:f9:6d:6f:f0:2b:77:27:49:e5:b0:eb:8f:7e:
02:f6:b5:86:24:0d:00:0d:0c:2b:f7:e8:be:71:e4:
9c:15:eb:37:49:e0:fb:d1:a6:08:5c:c9:d7:82:74:
34:6a:5e:aa:31:00:c7:85:68:0a:1b:04:6a:63:cf:
f6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3D:47:1D:9D:CC:D8:85:AA:11:5A:F6:04:C3:E9:E3:2A:43:C1:C2
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.180.0/22
45.128.40.0/22
94.103.120.0/22
185.97.101.0-185.97.103.255
185.210.108.0/22
185.212.212.0/22
194.110.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:40:b3:34:78:e7:21:17:cc:80:17:e7:26:a2:d9:d0:aa:71:
e2:b3:c7:83:ec:c1:8c:4e:2c:ea:e9:ec:37:14:0b:06:39:42:
e5:bd:2f:4b:a9:9f:5b:1e:08:f3:3e:77:e2:07:6e:d9:26:74:
37:fe:d4:bf:ac:19:de:d6:6f:e8:a5:32:1d:e6:9f:cc:a1:b4:
21:c5:2b:04:89:1e:3d:00:78:b6:c7:b6:be:85:c7:80:f1:e6:
f7:da:09:8d:c0:55:b6:23:a2:1d:58:ae:02:00:dd:4a:9a:66:
83:39:f2:01:e3:76:ff:67:97:3d:e4:7d:b1:a5:6f:25:c8:fc:
86:c5:0c:66:39:7b:4e:73:7e:5c:74:61:15:3e:f9:c2:38:a2:
a2:f5:0a:a7:a8:8c:a8:ee:aa:a8:a6:ff:48:c8:13:e3:92:60:
26:b9:b7:8b:74:e2:de:dc:f1:af:58:38:08:19:46:10:16:31:
c6:0c:7f:89:63:00:d0:c3:00:b5:2a:9a:da:0e:2c:8a:66:1c:
86:2a:2f:53:23:47:03:f8:cd:b6:51:e1:cb:a2:5d:40:ec:85:
92:12:17:23:63:14:ad:49:f9:47:64:c6:fc:d9:88:af:65:08:
35:96:46:60:da:1d:34:8b:a8:5c:d7:9f:c7:4a:cd:ff:c0:c1:
83:34:75:02
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQks29kTrkRitW/jhnnlLVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjUwMTAyMDE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNkNDcxZDlkY2NkODg1YWExMTVhZjYwNGMzZTllMzJhNDNjMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7EWOsHfCSJVV1m7lJC3emha+ihf
eiuQBIDYaV40V/HZi8cnYVn11oO8v6EL3SIrg4DWnIeHTeWyJKqXCAoX6DPZcWAG
RsxMzdoRYfv3H8FDguOttXvXyeuk5qZ2Lk3t7U6n3MDX1hlUaHWBBblwqSFdnpGo
ayrYCpi7oMN2xqVKFMUIC7zV2v0oZR11ZzaDYqcKHllX1yaNXk6LpLf0Ufkj04eM
jUGlE9rkFH/XgyN91DHLKr9MLwKGk0ruv5uQ3yopY/ltb/ArdydJ5bDrj34C9rWG
JA0ADQwr9+i+ceScFes3SeD70aYIXMnXgnQ0al6qMQDHhWgKGwRqY8/2UQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCY9Rx2dzNiFqhFa9gTD6eMqQ8HCMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvSmoxSEhaM00ySVdxRVZyMkJNUHA0eXBEd2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVe0AwQC
LYAoAwQCXmd4MAwDBAC5YWUDBAO5YWADBAK50mwDBAK51NQDBALCbngwDQYJKoZI
hvcNAQELBQADggEBAExAszR45yEXzIAX5yai2dCqceKzx4PswYxOLOrp7DcUCwY5
QuW9L0upn1seCPM+d+IHbtkmdDf+1L+sGd7Wb+ilMh3mn8yhtCHFKwSJHj0AeLbH
tr6Fx4Dx5vfaCY3AVbYjoh1YrgIA3UqaZoM58gHjdv9nlz3kfbGlbyXI/IbFDGY5
e05zflx0YRU++cI4oqL1CqeojKjuqqim/0jIE+OSYCa5t4t04t7c8a9YOAgZRhAW
McYMf4ljANDDALUqmtoOLIpmHIYqL1MjRwP4zbZR4cuiXUDshZISFyNjFK1J+Udk
xvzZiK9lCDWWRmDaHTSLqFzXn8dKzf/AwYM0dQI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:20:01 2025 by rpki-client