Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/JVknch6YZZVKoQtj5e3RXowAaKo.roa
File: JVknch6YZZVKoQtj5e3RXowAaKo.roa (raw, json)
Hash identifier: 0evMSGPWXwkbSZxIuzVj+D6VQiAtq0P8zjXnrm8+ExM=
Subject key identifier: 25:59:27:72:1E:98:65:95:4A:A1:0B:63:E5:ED:D1:5E:8C:00:68:AA
Certificate issuer: /CN=d78a4914d96009b6822d168a0ed53e936d3a41f8
Certificate serial: 019421B1A98666B4088DFF174F13FEF71714
Authority key identifier: D7:8A:49:14:D9:60:09:B6:82:2D:16:8A:0E:D5:3E:93:6D:3A:41:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14pJFNlgCbaCLRaKDtU-k206Qfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/JVknch6YZZVKoQtj5e3RXowAaKo.roa
Signing time: Wed 01 Jan 2025 11:47:58 +0000
ROA not before: Wed 01 Jan 2025 11:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198785
IP address blocks: 185.46.32.0/22 maxlen: 22
185.98.14.0/24 maxlen: 24
185.98.15.0/24 maxlen: 24
2a04:a7c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/14pJFNlgCbaCLRaKDtU-k206Qfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/14pJFNlgCbaCLRaKDtU-k206Qfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/14pJFNlgCbaCLRaKDtU-k206Qfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a9:86:66:b4:08:8d:ff:17:4f:13:fe:f7:17:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d78a4914d96009b6822d168a0ed53e936d3a41f8
Validity
Not Before: Jan 1 11:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=255927721e9865954aa10b63e5edd15e8c0068aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:40:73:61:6c:96:a5:5a:9f:1b:59:78:38:
1f:b8:50:7c:62:d7:13:03:8d:8f:61:f0:70:c6:9a:
01:6a:76:ee:2c:9e:dd:26:28:6e:a7:db:42:7d:43:
71:bc:6b:67:99:a1:ab:2e:53:71:9f:78:9f:e9:80:
0b:01:06:eb:44:e5:22:f4:84:8f:44:1f:0c:83:90:
ea:80:65:20:c5:ca:93:bd:6c:83:6d:73:51:a6:7b:
e1:8f:66:b6:85:f0:29:9f:12:11:1b:bb:bf:f4:8e:
58:b6:0c:2c:b5:25:17:ff:87:12:59:10:5e:25:01:
01:2e:de:3a:f9:a5:d1:fb:03:b7:06:c2:f8:ba:38:
75:73:69:0b:55:6e:cd:18:eb:47:41:29:1d:96:d0:
7c:bb:a4:4d:4c:4e:d1:b4:f4:26:20:69:fe:a4:e0:
26:ae:ad:09:34:46:0e:98:77:c8:fb:24:70:90:55:
e4:44:d2:66:2d:ad:b3:af:4d:cc:c4:cc:05:99:e1:
a2:19:4c:0a:6b:1b:00:7f:2c:a3:38:79:ab:a8:65:
76:76:3e:85:cc:3a:62:ae:75:67:0f:b3:ec:e7:c8:
29:d8:d9:f5:66:24:f2:52:1e:34:81:72:87:90:21:
0c:18:81:ca:ef:46:6c:0e:b4:fb:2b:fe:9a:03:cc:
e9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:59:27:72:1E:98:65:95:4A:A1:0B:63:E5:ED:D1:5E:8C:00:68:AA
X509v3 Authority Key Identifier:
keyid:D7:8A:49:14:D9:60:09:B6:82:2D:16:8A:0E:D5:3E:93:6D:3A:41:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14pJFNlgCbaCLRaKDtU-k206Qfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/JVknch6YZZVKoQtj5e3RXowAaKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/14pJFNlgCbaCLRaKDtU-k206Qfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.32.0/22
185.98.14.0/23
IPv6:
2a04:a7c0::/32
Signature Algorithm: sha256WithRSAEncryption
23:ef:af:e1:62:e3:ad:a2:3f:b9:b5:91:0f:1e:e2:d7:c1:c4:
65:45:6f:ca:7b:e5:8d:d9:96:02:4f:b8:12:ed:f2:fc:b7:ba:
95:79:dc:36:fa:19:69:48:cd:0e:72:3e:69:ea:28:57:8e:7c:
09:2a:56:37:4d:1d:68:5a:25:33:a5:a0:89:c4:a0:e3:4c:08:
a5:be:0d:da:d8:80:4f:34:79:9d:91:1a:65:68:9b:18:7d:52:
7a:0b:ac:21:4a:74:24:23:47:18:75:51:e1:a4:60:73:c6:c6:
44:9b:84:02:1d:04:f3:c1:3d:89:6e:0b:65:6a:db:8c:cf:b5:
2f:53:e3:5d:02:17:91:9d:51:e6:bf:e7:4b:88:e5:44:46:de:
4d:0e:20:6c:96:7b:42:8f:4b:62:70:29:8d:9d:4c:81:e3:cc:
43:d0:77:82:83:1d:43:f2:21:5a:1d:d1:b7:41:53:b0:e4:ad:
7a:56:da:74:4e:3b:9c:ac:f8:fa:fd:37:f7:50:69:24:17:60:
72:8f:b6:17:8c:fd:d6:36:ad:73:57:24:f1:e5:60:e5:b3:8d:
0a:9e:e2:55:9f:34:97:54:0b:9a:c9:44:b8:a4:a1:2f:7e:55:
a6:d3:19:82:6b:00:94:6d:b7:15:01:85:44:7d:28:61:56:ce:
f8:85:e0:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsamGZrQIjf8XTxP+9xcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OGE0OTE0ZDk2MDA5YjY4MjJkMTY4YTBlZDUzZTkzNmQz
YTQxZjgwHhcNMjUwMTAxMTE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTU5Mjc3MjFlOTg2NTk1NGFhMTBiNjNlNWVkZDE1ZThjMDA2OGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs81Ac2FslqVanxtZeDgfuFB8YtcT
A42PYfBwxpoBanbuLJ7dJihup9tCfUNxvGtnmaGrLlNxn3if6YALAQbrROUi9ISP
RB8Mg5DqgGUgxcqTvWyDbXNRpnvhj2a2hfApnxIRG7u/9I5YtgwstSUX/4cSWRBe
JQEBLt46+aXR+wO3BsL4ujh1c2kLVW7NGOtHQSkdltB8u6RNTE7RtPQmIGn+pOAm
rq0JNEYOmHfI+yRwkFXkRNJmLa2zr03MxMwFmeGiGUwKaxsAfyyjOHmrqGV2dj6F
zDpirnVnD7Ps58gp2Nn1ZiTyUh40gXKHkCEMGIHK70ZsDrT7K/6aA8zpYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCVZJ3IemGWVSqELY+Xt0V6MAGiqMB8GA1UdIwQY
MBaAFNeKSRTZYAm2gi0Wig7VPpNtOkH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRwSkZObGdDYmFDTFJhS0R0VS1rMjA2UWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi83Y2Y0M2QtOGM4NS00ODE3LWJkNzUt
MjMwZmRhNjZhYmNiLzEvSlZrbmNoNllaWlZLb1F0ajVlM1JYb3dBYUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi83Y2Y0M2QtOGM4NS00ODE3LWJkNzUtMjMwZmRhNjZhYmNi
LzEvMTRwSkZObGdDYmFDTFJhS0R0VS1rMjA2UWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuS4gAwQB
uWIOMA0EAgACMAcDBQAqBKfAMA0GCSqGSIb3DQEBCwUAA4IBAQAj76/hYuOtoj+5
tZEPHuLXwcRlRW/Ke+WN2ZYCT7gS7fL8t7qVedw2+hlpSM0Ocj5p6ihXjnwJKlY3
TR1oWiUzpaCJxKDjTAilvg3a2IBPNHmdkRplaJsYfVJ6C6whSnQkI0cYdVHhpGBz
xsZEm4QCHQTzwT2JbgtlatuMz7UvU+NdAheRnVHmv+dLiOVERt5NDiBslntCj0ti
cCmNnUyB48xD0HeCgx1D8iFaHdG3QVOw5K16Vtp0TjucrPj6/Tf3UGkkF2Byj7YX
jP3WNq1zVyTx5WDls40KnuJVnzSXVAuayUS4pKEvflWm0xmCawCUbbcVAYVEfShh
Vs74heCt
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:36:12 2025 by rpki-client