Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/jHM5InJQV_3L354P4EcDRlzLqQg.roa
File: jHM5InJQV_3L354P4EcDRlzLqQg.roa (raw, json)
Hash identifier: YagEFBVsay86X4xOyFCoWFnHQNGB7P3cKZT9Ojcer8U=
Subject key identifier: 8C:73:39:22:72:50:57:FD:CB:DF:9E:0F:E0:47:03:46:5C:CB:A9:08
Certificate issuer: /CN=a633725cd5dd91cf190ab3a99526e898357856ef
Certificate serial: 019427478BD588B5BCBF3ADFE44DA034ADFF
Authority key identifier: A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/jHM5InJQV_3L354P4EcDRlzLqQg.roa
Signing time: Thu 02 Jan 2025 13:49:47 +0000
ROA not before: Thu 02 Jan 2025 13:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15495
IP address blocks: 91.213.221.0/24 maxlen: 24
128.246.0.0/16 maxlen: 24
141.6.0.0/16 maxlen: 24
193.23.152.0/22 maxlen: 24
195.234.178.0/24 maxlen: 24
2a03:5680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:8b:d5:88:b5:bc:bf:3a:df:e4:4d:a0:34:ad:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a633725cd5dd91cf190ab3a99526e898357856ef
Validity
Not Before: Jan 2 13:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c733922725057fdcbdf9e0fe04703465ccba908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:4a:76:e3:a9:14:a4:8e:77:36:dc:50:4b:
50:1e:50:37:27:22:31:35:dc:6d:9d:09:33:aa:33:
00:ee:81:21:dc:29:78:f8:2d:94:ed:0e:02:19:70:
4c:d1:13:90:b8:d5:75:ea:35:58:f9:d1:d8:58:fc:
e3:4f:44:7d:e6:91:3f:40:07:af:c2:94:06:d2:6e:
35:50:24:58:72:69:19:30:c9:10:41:18:4d:5f:f8:
05:3a:54:68:ea:a3:67:7e:c8:bb:d5:32:fd:fe:81:
0c:9e:7f:c3:88:b0:f1:aa:db:fb:1e:c5:23:5b:43:
9c:29:30:4a:ec:2c:fe:cc:5f:7d:7e:44:d8:a5:7e:
b5:16:03:67:27:7e:a3:96:54:de:78:b5:92:93:35:
8e:65:65:65:8a:13:0b:12:e2:d0:7a:a2:22:5a:b7:
e1:40:fe:6e:ab:a1:7a:59:39:e3:ff:92:4f:54:80:
3c:b9:1a:fc:79:39:13:55:4e:dd:ea:d1:f9:6e:5c:
eb:ee:79:32:74:d1:5a:ca:2f:be:79:0b:41:59:66:
ba:ac:4c:e4:ae:07:40:7e:b3:99:9d:32:c9:31:86:
05:15:4b:ca:07:c9:f9:31:31:59:a0:ef:f2:92:58:
a1:75:48:66:71:93:7e:76:85:14:3b:ef:60:fa:31:
4d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:73:39:22:72:50:57:FD:CB:DF:9E:0F:E0:47:03:46:5C:CB:A9:08
X509v3 Authority Key Identifier:
keyid:A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/jHM5InJQV_3L354P4EcDRlzLqQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.221.0/24
128.246.0.0/16
141.6.0.0/16
193.23.152.0/22
195.234.178.0/24
IPv6:
2a03:5680::/32
Signature Algorithm: sha256WithRSAEncryption
8c:ac:ea:22:e1:52:ff:6d:27:94:3a:6e:87:33:b8:c4:04:51:
68:ba:d7:8a:f7:40:3b:95:c3:0e:52:e6:18:86:1a:13:87:c2:
a6:f2:39:68:e2:ba:93:9f:20:7c:45:bd:7e:1c:b4:fd:a4:6c:
3f:c4:ea:1b:ed:28:5e:5e:ad:db:ce:6d:7c:8b:40:82:f2:25:
fe:7e:38:73:f9:f6:d3:a6:8e:3c:84:19:89:75:1c:f0:f3:ca:
ec:35:24:fb:c3:e3:f1:ae:8b:9f:83:95:a5:f9:24:59:67:07:
1c:e5:8a:71:50:bf:d0:0e:87:40:e7:8f:b1:d2:80:61:9d:82:
4d:58:2b:11:0b:1b:2b:7f:b3:c4:04:67:5f:d7:ff:6a:6d:6f:
41:89:71:d8:a9:04:41:70:a2:5a:62:12:84:11:08:39:b1:a3:
52:cd:26:47:0c:34:76:4e:17:0e:b8:d5:96:f8:bb:6c:51:b9:
8a:44:58:ec:b3:78:0d:d4:64:2e:bb:7c:b2:2b:28:3e:16:76:
f9:87:f5:15:52:33:27:28:c8:54:35:55:a6:fb:d9:d8:de:e9:
5f:f4:f0:dc:17:5d:14:95:fa:22:b6:ce:14:df:fa:8a:8c:3f:
e4:84:0b:12:b9:cc:db:56:7b:f0:db:cc:1b:69:cb:b6:31:04:
3e:6b:5f:3f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQnR4vViLW8vzrf5E2gNK3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzM3MjVjZDVkZDkxY2YxOTBhYjNhOTk1MjZlODk4MzU3
ODU2ZWYwHhcNMjUwMTAyMTM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzczMzkyMjcyNTA1N2ZkY2JkZjllMGZlMDQ3MDM0NjVjY2JhOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k9KduOpFKSOdzbcUEtQHlA3JyIx
NdxtnQkzqjMA7oEh3Cl4+C2U7Q4CGXBM0ROQuNV16jVY+dHYWPzjT0R95pE/QAev
wpQG0m41UCRYcmkZMMkQQRhNX/gFOlRo6qNnfsi71TL9/oEMnn/DiLDxqtv7HsUj
W0OcKTBK7Cz+zF99fkTYpX61FgNnJ36jllTeeLWSkzWOZWVlihMLEuLQeqIiWrfh
QP5uq6F6WTnj/5JPVIA8uRr8eTkTVU7d6tH5blzr7nkydNFayi++eQtBWWa6rEzk
rgdAfrOZnTLJMYYFFUvKB8n5MTFZoO/yklihdUhmcZN+doUUO+9g+jFNfwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIxzOSJyUFf9y9+eD+BHA0Zcy6kIMB8GA1UdIwQY
MBaAFKYzclzV3ZHPGQqzqZUm6Jg1eFbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAt
YzBiODEzYjRlYzdlLzEvakhNNUluSlFWXzNMMzU0UDRFY0RSbHpMcVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAtYzBiODEzYjRlYzdl
LzEvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcAwQAW9XdAwMA
gPYDAwCNBgMEAsEXmAMEAMPqsjANBAIAAjAHAwUAKgNWgDANBgkqhkiG9w0BAQsF
AAOCAQEAjKzqIuFS/20nlDpuhzO4xARRaLrXivdAO5XDDlLmGIYaE4fCpvI5aOK6
k58gfEW9fhy0/aRsP8TqG+0oXl6t285tfItAgvIl/n44c/n206aOPIQZiXUc8PPK
7DUk+8Pj8a6Ln4OVpfkkWWcHHOWKcVC/0A6HQOePsdKAYZ2CTVgrEQsbK3+zxARn
X9f/am1vQYlx2KkEQXCiWmIShBEIObGjUs0mRww0dk4XDrjVlvi7bFG5ikRY7LN4
DdRkLrt8sisoPhZ2+Yf1FVIzJyjIVDVVpvvZ2N7pX/Tw3BddFJX6IrbOFN/6iow/
5IQLErnM21Z78NvMG2nLtjEEPmtfPw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:00:53 2025 by rpki-client