Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/JNFYYPi5M46N7HWysvZAoIiQkYQ.roa
File: JNFYYPi5M46N7HWysvZAoIiQkYQ.roa (raw, json)
Hash identifier: 4FX/U+mKmibgMicQQFx15cVtRoPongw+FzcAthP3n5w=
Subject key identifier: 24:D1:58:60:F8:B9:33:8E:8D:EC:75:B2:B2:F6:40:A0:88:90:91:84
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0194221F9B7061EF6E29AA2ED53A9E10D5F7
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/JNFYYPi5M46N7HWysvZAoIiQkYQ.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47215
IP address blocks: 5.11.48.0/21 maxlen: 24
93.190.64.0/21 maxlen: 24
95.130.248.0/21 maxlen: 24
95.130.253.0/24 maxlen: 24
109.75.176.0/20 maxlen: 24
141.101.32.0/21 maxlen: 24
185.32.116.0/22 maxlen: 24
185.65.88.0/22 maxlen: 24
185.143.164.0/22 maxlen: 24
2a00:12c0::/29 maxlen: 48
2a00:12c0::/32 maxlen: 48
2a04:4cc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9b:70:61:ef:6e:29:aa:2e:d5:3a:9e:10:d5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24d15860f8b9338e8dec75b2b2f640a088909184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cb:a9:03:17:69:16:0f:c9:f9:ac:eb:39:c2:
81:9e:28:24:57:f3:6c:9c:75:32:e3:2f:b8:6c:00:
7c:4b:5e:35:5b:0a:b7:b9:8d:07:98:cd:a2:42:c8:
c6:42:c5:03:f0:2c:e0:5f:7d:24:aa:64:06:7d:44:
e8:91:e7:1c:e8:00:3a:83:b8:a4:d1:7a:45:cc:45:
b3:d9:66:97:e7:fd:dd:ce:f9:f5:c5:99:42:24:30:
75:f1:d7:3e:63:50:38:6f:70:39:3f:e6:15:e3:89:
f5:67:28:7d:ea:7c:fa:19:31:cf:f1:56:a9:58:70:
22:da:0c:8c:eb:47:38:11:ce:f1:f6:a7:8e:9a:84:
57:39:bc:a6:54:dd:be:21:77:c5:fc:24:47:ed:e0:
ed:ca:6b:b9:3c:a6:4b:39:aa:b5:83:3f:df:b0:1d:
1e:0d:fe:69:2d:3c:64:c6:11:42:0a:ef:a7:a6:79:
9a:b1:ad:7d:b4:ea:f5:e9:b2:a0:d4:af:09:ae:df:
42:d6:3f:00:cc:da:07:7b:e2:57:fc:b9:bb:10:40:
90:a6:9d:4a:72:2e:0d:10:47:12:92:e8:44:d7:d2:
c7:ca:b9:0b:1e:ff:82:5b:26:75:5e:83:73:78:34:
eb:0f:6e:b1:a5:b8:c3:3a:c2:ec:8f:e7:5c:22:fe:
31:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D1:58:60:F8:B9:33:8E:8D:EC:75:B2:B2:F6:40:A0:88:90:91:84
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/JNFYYPi5M46N7HWysvZAoIiQkYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.48.0/21
93.190.64.0/21
95.130.248.0/21
109.75.176.0/20
141.101.32.0/21
185.32.116.0/22
185.65.88.0/22
185.143.164.0/22
IPv6:
2a00:12c0::/29
2a04:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
07:6f:e3:3a:e3:1d:20:5e:6b:31:8e:5e:ae:b8:8b:94:9c:cd:
80:5f:60:87:a2:74:04:08:da:d5:3a:b4:e2:af:5c:91:84:3d:
4a:27:e7:a5:c3:3c:f4:38:4c:e8:e8:fe:e6:a5:6f:47:9a:7f:
ca:e5:58:dc:5a:1a:55:bb:4b:dd:5c:51:b1:d0:5f:2d:b6:11:
ef:e6:0a:f0:d9:bf:c5:57:0f:73:73:94:3e:a9:b2:48:98:16:
66:eb:80:fc:80:32:e2:ed:3f:0d:87:f1:f6:0b:35:b4:76:63:
85:c7:a2:ce:7e:29:11:b1:2a:44:3d:89:e5:30:af:82:6b:70:
83:f1:42:d2:72:11:c3:e6:ad:27:fe:cd:39:c0:a6:46:52:08:
38:4b:15:12:3e:7e:ca:ee:5c:c9:5d:da:cc:2a:de:af:81:01:
0c:5a:8a:1b:11:c9:23:19:d3:be:b7:c6:25:f5:3f:34:0c:61:
2f:52:36:2d:f4:ad:72:77:99:69:07:d9:d5:2f:b1:79:5d:57:
e6:42:3a:f5:fc:7e:9e:56:ca:4a:89:d6:20:79:97:c4:98:9d:
6b:6c:ba:fb:e4:1b:48:bd:e9:1b:d9:6c:c1:6e:d6:ef:4d:5e:
35:d9:12:8e:3b:75:a1:75:2d:55:2a:a6:64:21:9b:6a:61:a4:
a6:23:cd:68
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQiH5twYe9uKaou1TqeENX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQxNTg2MGY4YjkzMzhlOGRlYzc1YjJiMmY2NDBhMDg4OTA5MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcupAxdpFg/J+azrOcKBnigkV/Ns
nHUy4y+4bAB8S141Wwq3uY0HmM2iQsjGQsUD8CzgX30kqmQGfUTokecc6AA6g7ik
0XpFzEWz2WaX5/3dzvn1xZlCJDB18dc+Y1A4b3A5P+YV44n1Zyh96nz6GTHP8Vap
WHAi2gyM60c4Ec7x9qeOmoRXObymVN2+IXfF/CRH7eDtymu5PKZLOaq1gz/fsB0e
Df5pLTxkxhFCCu+npnmasa19tOr16bKg1K8Jrt9C1j8AzNoHe+JX/Lm7EECQpp1K
ci4NEEcSkuhE19LHyrkLHv+CWyZ1XoNzeDTrD26xpbjDOsLsj+dcIv4xzQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCTRWGD4uTOOjex1srL2QKCIkJGEMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvSk5GWVlQaTVNNDZON0hXeXN2WkFvSWlRa1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBQswAwQD
Xb5AAwQDX4L4AwQEbUuwAwQDjWUgAwQCuSB0AwQCuUFYAwQCuY+kMBQEAgACMA4D
BQMqABLAAwUDKgRMwDANBgkqhkiG9w0BAQsFAAOCAQEAB2/jOuMdIF5rMY5erriL
lJzNgF9gh6J0BAja1Tq04q9ckYQ9SifnpcM89DhM6Oj+5qVvR5p/yuVY3FoaVbtL
3VxRsdBfLbYR7+YK8Nm/xVcPc3OUPqmySJgWZuuA/IAy4u0/DYfx9gs1tHZjhcei
zn4pEbEqRD2J5TCvgmtwg/FC0nIRw+atJ/7NOcCmRlIIOEsVEj5+yu5cyV3azCre
r4EBDFqKGxHJIxnTvrfGJfU/NAxhL1I2LfStcneZaQfZ1S+xeV1X5kI69fx+nlbK
SonWIHmXxJida2y6++QbSL3pG9lswW7W701eNdkSjjt1oXUtVSqmZCGbamGkpiPN
aA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:39:34 2025 by rpki-client