Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/jdKmvZ_WGiUDxDAHKJg_Wed6rVo.roa
File: jdKmvZ_WGiUDxDAHKJg_Wed6rVo.roa (raw, json)
Hash identifier: CRiOfMtNCT5H0OJU8c1YHET8V3YfGy03z8wKH951O6Y=
Subject key identifier: 8D:D2:A6:BD:9F:D6:1A:25:03:C4:30:07:28:98:3F:59:E7:7A:AD:5A
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 019427B5850BA43E2F22A51807C0D705EFC1
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/jdKmvZ_WGiUDxDAHKJg_Wed6rVo.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7393
IP address blocks: 5.172.176.0/24 maxlen: 24
62.204.59.0/24 maxlen: 24
80.71.151.0/24 maxlen: 24
89.107.8.0/24 maxlen: 24
91.247.191.0/24 maxlen: 24
146.19.121.0/24 maxlen: 24
185.235.224.0/24 maxlen: 24
185.249.55.0/24 maxlen: 24
188.244.127.0/24 maxlen: 24
193.3.171.0/24 maxlen: 24
193.163.23.0/24 maxlen: 24
193.201.13.0/24 maxlen: 24
195.225.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:85:0b:a4:3e:2f:22:a5:18:07:c0:d7:05:ef:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dd2a6bd9fd61a2503c4300728983f59e77aad5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:88:11:9e:a4:e2:3f:3c:33:05:a4:6e:b8:41:
22:b7:45:c3:d2:dd:94:21:d2:f8:19:25:3a:00:fa:
1d:83:44:cc:f9:51:1c:c3:b3:06:05:83:bb:a1:4e:
4d:c8:a4:e0:c8:ab:75:37:53:2a:aa:72:b9:ff:b6:
59:50:d9:64:41:aa:81:5c:cd:17:93:34:92:62:f8:
29:ef:d4:1a:8b:3d:ff:d4:52:44:25:dc:4a:5b:c8:
21:73:20:87:10:57:73:ca:8f:bf:13:90:12:06:3e:
7d:70:93:13:3a:60:f9:c9:4d:1e:fc:28:0f:c5:c5:
39:27:31:3a:da:1f:e7:41:44:33:4a:17:17:fc:92:
d0:bb:64:f1:7f:44:10:86:0e:0c:4a:9d:dd:a9:d3:
c1:61:10:40:cf:82:ca:f6:3a:be:b1:f5:4f:7a:4d:
e0:c2:c6:1c:ae:37:37:e7:d0:3c:1b:47:49:53:9c:
00:11:bb:b2:4f:7c:32:46:da:b6:c1:4c:95:0e:1b:
a5:80:2e:32:12:2f:0a:b6:13:78:11:fe:c9:19:0d:
fb:dc:45:ec:8c:32:4a:ff:4b:2e:db:4a:04:ba:ca:
5c:c2:ed:0f:be:0f:c0:d2:05:92:36:f3:0d:02:bc:
ee:04:a7:55:e8:69:26:52:93:30:2f:be:35:53:93:
13:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D2:A6:BD:9F:D6:1A:25:03:C4:30:07:28:98:3F:59:E7:7A:AD:5A
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/jdKmvZ_WGiUDxDAHKJg_Wed6rVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.176.0/24
62.204.59.0/24
80.71.151.0/24
89.107.8.0/24
91.247.191.0/24
146.19.121.0/24
185.235.224.0/24
185.249.55.0/24
188.244.127.0/24
193.3.171.0/24
193.163.23.0/24
193.201.13.0/24
195.225.97.0/24
Signature Algorithm: sha256WithRSAEncryption
89:8b:5f:a2:22:72:97:32:42:0b:d2:38:c5:b1:70:e6:fb:5d:
b2:ad:47:31:88:d5:2a:97:d7:51:35:73:7d:2c:46:b5:f6:09:
e3:d3:99:bd:a9:92:3a:e9:cb:0d:43:6d:40:ec:54:ed:34:2b:
c9:de:bb:3a:97:8e:8c:7e:ec:96:62:ac:ee:ec:7a:bb:b3:b8:
3d:ce:71:05:4d:1f:cb:ec:32:1e:29:3e:df:37:ae:ba:88:c3:
28:9a:57:3a:ce:2d:78:be:86:36:8e:81:3a:23:b5:5e:e6:5b:
b4:e2:15:0d:7d:49:e9:07:e2:ed:9d:ef:74:4a:ad:1f:1e:13:
1c:d1:ab:fe:ac:da:53:6e:ef:30:49:05:b7:5b:b3:76:e4:09:
72:47:8b:a8:0d:fe:41:ea:a6:e9:9f:67:23:7d:bb:e3:ea:3a:
9b:b6:15:e9:50:de:b6:e4:74:d7:ce:f6:fd:9e:d9:45:8a:f9:
84:02:ea:43:63:fd:ef:d7:d5:e9:82:22:28:c8:8e:88:3a:42:
6c:4b:d4:dd:06:00:76:e3:f8:98:9d:06:43:5b:90:5c:6e:c3:
1b:cc:d5:f7:1c:df:a2:ac:5d:5f:4a:84:39:5c:5d:da:87:37:
49:e4:06:36:4a:ae:82:1b:0d:59:e6:a4:4b:5f:0f:bb:1e:ef:
ff:e8:2d:57
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQntYULpD4vIqUYB8DXBe/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQyYTZiZDlmZDYxYTI1MDNjNDMwMDcyODk4M2Y1OWU3N2FhZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYgRnqTiPzwzBaRuuEEit0XD0t2U
IdL4GSU6APodg0TM+VEcw7MGBYO7oU5NyKTgyKt1N1MqqnK5/7ZZUNlkQaqBXM0X
kzSSYvgp79Qaiz3/1FJEJdxKW8ghcyCHEFdzyo+/E5ASBj59cJMTOmD5yU0e/CgP
xcU5JzE62h/nQUQzShcX/JLQu2Txf0QQhg4MSp3dqdPBYRBAz4LK9jq+sfVPek3g
wsYcrjc359A8G0dJU5wAEbuyT3wyRtq2wUyVDhulgC4yEi8KthN4Ef7JGQ373EXs
jDJK/0su20oEuspcwu0Pvg/A0gWSNvMNArzuBKdV6GkmUpMwL741U5MT+wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFI3Spr2f1holA8QwByiYP1nneq1aMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvamRLbXZaX1dHaVVEeERBSEtKZ19XZWQ2clZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABaywAwQA
Psw7AwQAUEeXAwQAWWsIAwQAW/e/AwQAkhN5AwQAuevgAwQAufk3AwQAvPR/AwQA
wQOrAwQAwaMXAwQAwckNAwQAw+FhMA0GCSqGSIb3DQEBCwUAA4IBAQCJi1+iInKX
MkIL0jjFsXDm+12yrUcxiNUql9dRNXN9LEa19gnj05m9qZI66csNQ21A7FTtNCvJ
3rs6l46MfuyWYqzu7Hq7s7g9znEFTR/L7DIeKT7fN666iMMomlc6zi14voY2joE6
I7Ve5lu04hUNfUnpB+Ltne90Sq0fHhMc0av+rNpTbu8wSQW3W7N25AlyR4uoDf5B
6qbpn2cjfbvj6jqbthXpUN625HTXzvb9ntlFivmEAupDY/3v19XpgiIoyI6IOkJs
S9TdBgB24/iYnQZDW5BcbsMbzNX3HN+irF1fSoQ5XF3ahzdJ5AY2Sq6CGw1Z5qRL
Xw+7Hu//6C1X
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:50:22 2025 by rpki-client