Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/jEYee-uOwLf9rNeDWIsHdJ75KKw.roa
File: jEYee-uOwLf9rNeDWIsHdJ75KKw.roa (raw, json)
Hash identifier: /wehpCViK0XYDMQCz1eNAOOXNcexzwchRQ7CIA4o1RM=
Subject key identifier: 8C:46:1E:7B:EB:8E:C0:B7:FD:AC:D7:83:58:8B:07:74:9E:F9:28:AC
Certificate issuer: /CN=96b377644e414101db6dead0eb5821063f588e8c
Certificate serial: 019423D6A9B2A8D0BFB014236EB26FF6ADBD
Authority key identifier: 96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/jEYee-uOwLf9rNeDWIsHdJ75KKw.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48152
IP address blocks: 94.231.213.0/24 maxlen: 24
2a10:3200::/32 maxlen: 48
2a10:3201::/32 maxlen: 48
2a10:3202::/32 maxlen: 48
2a10:3203::/32 maxlen: 48
2a10:3204::/32 maxlen: 48
2a10:3205::/32 maxlen: 48
2a10:3206::/32 maxlen: 48
2a10:3207::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a9:b2:a8:d0:bf:b0:14:23:6e:b2:6f:f6:ad:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b377644e414101db6dead0eb5821063f588e8c
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c461e7beb8ec0b7fdacd783588b07749ef928ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ab:c7:f7:f4:59:0e:ab:71:26:c7:44:c8:cc:
28:64:91:8f:49:d3:1d:71:23:6a:cb:bb:4c:59:bb:
e9:be:f4:ef:ae:32:ef:32:cc:cd:aa:23:8e:f4:d6:
ae:09:4a:86:ab:ea:33:99:b8:c8:9a:e5:3b:4a:69:
ef:75:c1:b3:be:f1:5d:d8:f8:7c:6d:e1:a3:8d:09:
a9:a8:b2:66:06:61:c7:a4:9e:db:25:24:c2:f9:63:
15:8f:1e:70:85:32:e3:45:8b:28:81:24:4b:3d:6f:
f9:10:7a:d7:da:97:c7:a8:82:50:65:a2:23:ff:9c:
be:29:80:bc:e4:1a:89:7a:cb:8f:82:ab:62:5a:6f:
a2:c1:38:4a:f6:3f:c8:c4:6d:ee:f9:56:bc:0b:80:
65:48:93:7d:3f:59:07:64:49:c8:a1:62:1a:87:91:
46:9b:bf:e1:f2:3e:fe:82:c8:62:2a:a9:cf:a7:7e:
22:51:7e:26:84:41:e2:73:55:8a:47:1d:96:2d:21:
92:3b:b0:6c:da:c1:21:6a:9a:c1:cc:40:a8:aa:71:
ee:44:54:59:5a:61:25:8a:68:1c:b7:5b:80:64:16:
9d:4b:e7:19:0e:12:fc:82:ea:f0:ec:c8:7f:37:c1:
30:28:2e:84:1f:3b:43:62:40:38:f7:79:e0:9a:a2:
10:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:46:1E:7B:EB:8E:C0:B7:FD:AC:D7:83:58:8B:07:74:9E:F9:28:AC
X509v3 Authority Key Identifier:
keyid:96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/jEYee-uOwLf9rNeDWIsHdJ75KKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.213.0/24
IPv6:
2a10:3200::/29
Signature Algorithm: sha256WithRSAEncryption
b0:a0:96:a7:d9:8b:c2:43:7c:8a:39:55:c5:e9:ef:17:24:3d:
05:6b:5f:bc:72:95:c6:d1:60:c7:49:88:be:e5:2e:fb:55:24:
5e:6c:5e:ff:a8:28:23:75:fc:d4:32:2c:5d:db:4f:d2:00:45:
eb:6d:32:72:57:87:1b:bd:8e:4e:5e:56:75:01:82:6c:f6:b1:
8b:ca:d3:39:6d:25:23:ba:27:ad:05:31:81:16:ee:da:34:c0:
2d:96:19:f3:53:5a:30:b3:09:ed:d0:c8:3d:0f:c6:0d:5d:33:
28:85:eb:2b:28:58:db:d3:2e:b7:b4:d1:9e:ca:cb:8f:30:f8:
22:00:3b:64:bd:6a:52:85:41:83:d0:aa:56:11:ff:1c:9b:49:
b4:92:50:f8:92:ee:c0:a6:49:98:47:27:94:4d:81:14:0f:bf:
58:3e:b0:bd:af:d9:d4:df:7a:7a:b0:8a:f9:7a:18:a1:b9:2e:
9a:6f:ff:a1:7b:51:22:b7:58:ec:41:88:20:e0:cf:c8:d9:83:
90:e5:91:6c:a3:35:19:46:a1:8f:34:60:eb:fd:6b:45:fc:b8:
88:33:87:6c:87:9b:bf:47:3e:55:17:6a:7a:86:ed:47:ac:fd:
80:80:c2:c3:e8:ff:ed:60:c1:e3:03:e5:f7:e6:1a:df:cc:1b:
fd:e5:6a:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1qmyqNC/sBQjbrJv9q29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjM3NzY0NGU0MTQxMDFkYjZkZWFkMGViNTgyMTA2M2Y1
ODhlOGMwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQ2MWU3YmViOGVjMGI3ZmRhY2Q3ODM1ODhiMDc3NDllZjkyOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwavH9/RZDqtxJsdEyMwoZJGPSdMd
cSNqy7tMWbvpvvTvrjLvMszNqiOO9NauCUqGq+ozmbjImuU7SmnvdcGzvvFd2Ph8
beGjjQmpqLJmBmHHpJ7bJSTC+WMVjx5whTLjRYsogSRLPW/5EHrX2pfHqIJQZaIj
/5y+KYC85BqJesuPgqtiWm+iwThK9j/IxG3u+Va8C4BlSJN9P1kHZEnIoWIah5FG
m7/h8j7+gshiKqnPp34iUX4mhEHic1WKRx2WLSGSO7Bs2sEhaprBzECoqnHuRFRZ
WmElimgct1uAZBadS+cZDhL8gurw7Mh/N8EwKC6EHztDYkA493ngmqIQRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIxGHnvrjsC3/azXg1iLB3Se+SisMB8GA1UdIwQY
MBaAFJazd2ROQUEB223q0OtYIQY/WI6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEt
MjhlNmM1YmEyZWFlLzEvakVZZWUtdU93TGY5ck5lRFdJc0hkSjc1S0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEtMjhlNmM1YmEyZWFl
LzEvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXufVMA0E
AgACMAcDBQMqEDIAMA0GCSqGSIb3DQEBCwUAA4IBAQCwoJan2YvCQ3yKOVXF6e8X
JD0Fa1+8cpXG0WDHSYi+5S77VSRebF7/qCgjdfzUMixd20/SAEXrbTJyV4cbvY5O
XlZ1AYJs9rGLytM5bSUjuietBTGBFu7aNMAtlhnzU1owswnt0Mg9D8YNXTMohesr
KFjb0y63tNGeysuPMPgiADtkvWpShUGD0KpWEf8cm0m0klD4ku7ApkmYRyeUTYEU
D79YPrC9r9nU33p6sIr5ehihuS6ab/+he1Eit1jsQYgg4M/I2YOQ5ZFsozUZRqGP
NGDr/WtF/LiIM4dsh5u/Rz5VF2p6hu1HrP2AgMLD6P/tYMHjA+X35hrfzBv95Wql
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:35:03 2025 by rpki-client