Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/jHERjwHQQByovrguIT9kNAenUlw.roa
File: jHERjwHQQByovrguIT9kNAenUlw.roa (raw, json)
Hash identifier: fC13Nqgu9Ca7tsn1KpGgJ5T6X5W9BeqrdrYm3SZE1Rs=
Subject key identifier: 8C:71:11:8F:01:D0:40:1C:A8:BE:B8:2E:21:3F:64:34:07:A7:52:5C
Certificate issuer: /CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Certificate serial: 01941FFA85468D631106130F8A04CF423E98
Authority key identifier: B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/jHERjwHQQByovrguIT9kNAenUlw.roa
Signing time: Wed 01 Jan 2025 03:48:19 +0000
ROA not before: Wed 01 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29050
IP address blocks: 5.43.232.0/21 maxlen: 24
46.182.152.0/21 maxlen: 24
185.14.76.0/22 maxlen: 24
213.243.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:85:46:8d:63:11:06:13:0f:8a:04:cf:42:3e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c71118f01d0401ca8beb82e213f643407a7525c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:1f:b8:63:22:8a:40:22:12:59:6b:bf:df:
17:47:51:38:32:d2:2a:cf:c8:80:bd:de:e3:2b:4d:
8a:d4:6a:81:bd:f4:36:0d:92:d6:cc:07:c0:82:9d:
e2:c3:67:b9:d7:78:b1:4b:81:10:5b:43:16:fc:fc:
e6:6a:95:23:cf:a0:c4:27:f0:d9:6b:88:48:0b:33:
54:5d:de:3d:90:9f:ea:19:43:f5:75:82:30:98:00:
74:b3:de:32:76:5b:d5:bc:e9:a1:92:e3:aa:79:cf:
08:d8:67:7e:8b:2a:75:43:12:13:ed:0a:78:33:bc:
d2:bf:68:d4:dd:2e:11:36:7f:ef:90:7e:79:f1:bc:
88:6e:8c:8c:ab:a3:5b:ad:00:54:99:7b:fb:e0:06:
35:24:0f:0d:df:d6:2a:cd:f1:f1:ed:1b:32:df:14:
ba:5b:fa:27:af:69:3c:60:d6:e1:c0:1e:1c:41:67:
9e:bc:e0:3d:3d:0c:5b:93:97:ae:55:d6:2e:b3:56:
1a:9e:43:9e:28:3e:cc:f9:30:ba:01:bf:1d:83:a4:
5f:f8:ad:fb:2e:a9:8d:c9:44:b6:bf:8e:01:27:6e:
52:5d:f5:83:e7:fb:5a:88:81:1b:3c:b0:a8:e3:b6:
b4:52:46:da:cf:f8:16:ab:c8:d1:24:d5:50:64:5c:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:71:11:8F:01:D0:40:1C:A8:BE:B8:2E:21:3F:64:34:07:A7:52:5C
X509v3 Authority Key Identifier:
keyid:B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/jHERjwHQQByovrguIT9kNAenUlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.232.0/21
46.182.152.0/21
185.14.76.0/22
213.243.192.0/18
Signature Algorithm: sha256WithRSAEncryption
87:d5:31:6b:a6:a7:16:9e:1a:ef:c7:86:f0:4b:07:3b:93:30:
7d:bd:82:50:ae:c2:1a:e2:26:f5:c8:75:e5:c6:40:66:e0:97:
04:8d:4c:cf:04:2a:4b:34:76:b5:47:ba:aa:a5:b6:8b:0f:18:
29:8e:e9:09:02:3e:35:26:aa:a3:bc:39:d6:25:07:0a:57:68:
1d:db:5f:23:e7:d5:ab:4c:63:95:3b:79:dc:cc:e3:4d:b7:a3:
53:92:06:d2:5a:d8:8b:4a:73:23:8b:e1:72:88:19:67:69:14:
60:18:c6:49:bc:13:62:99:6b:4e:63:bc:2e:dc:e4:e1:26:ac:
c8:64:2e:f4:d7:fd:de:61:20:70:72:c5:ea:d8:d2:d1:c6:c1:
57:5a:3e:66:8c:6d:a6:9b:46:a3:f3:27:8a:c0:59:38:f8:72:
00:a9:f1:17:d5:ab:02:4d:6d:21:77:bf:99:ac:6e:d2:53:df:
00:72:c7:5c:10:18:72:43:e7:05:07:80:15:3b:ad:9d:c8:88:
b9:f0:20:e4:b2:5b:e4:81:53:9d:fb:5c:6c:13:d6:b9:49:c8:
6c:bc:d5:fe:17:26:ac:95:13:ce:9d:d6:dd:aa:7a:6f:a6:8f:
ec:76:42:64:ef:fe:62:12:b0:09:45:26:f6:30:29:46:63:07:
27:a8:e1:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+oVGjWMRBhMPigTPQj6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODEwZDdjOWJmYzU4YjllMGExZTU5MTY5YzNkZDMyMmRl
OWY3MzcwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzcxMTE4ZjAxZDA0MDFjYThiZWI4MmUyMTNmNjQzNDA3YTc1MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMQfuGMiikAiEllrv98XR1E4MtIq
z8iAvd7jK02K1GqBvfQ2DZLWzAfAgp3iw2e513ixS4EQW0MW/PzmapUjz6DEJ/DZ
a4hICzNUXd49kJ/qGUP1dYIwmAB0s94ydlvVvOmhkuOqec8I2Gd+iyp1QxIT7Qp4
M7zSv2jU3S4RNn/vkH558byIboyMq6NbrQBUmXv74AY1JA8N39YqzfHx7Rsy3xS6
W/onr2k8YNbhwB4cQWeevOA9PQxbk5euVdYus1YankOeKD7M+TC6Ab8dg6Rf+K37
LqmNyUS2v44BJ25SXfWD5/taiIEbPLCo47a0Ukbaz/gWq8jRJNVQZFzJEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIxxEY8B0EAcqL64LiE/ZDQHp1JcMB8GA1UdIwQY
MBaAFLSBDXyb/Fi54KHlkWnD3TIt6fc3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMt
MmE2MzQwMmJlYzY2LzEvakhFUmp3SFFRQnlvdnJndUlUOWtOQWVuVWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMtMmE2MzQwMmJlYzY2
LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSvoAwQD
LraYAwQCuQ5MAwQG1fPAMA0GCSqGSIb3DQEBCwUAA4IBAQCH1TFrpqcWnhrvx4bw
Swc7kzB9vYJQrsIa4ib1yHXlxkBm4JcEjUzPBCpLNHa1R7qqpbaLDxgpjukJAj41
JqqjvDnWJQcKV2gd218j59WrTGOVO3nczONNt6NTkgbSWtiLSnMji+FyiBlnaRRg
GMZJvBNimWtOY7wu3OThJqzIZC701/3eYSBwcsXq2NLRxsFXWj5mjG2mm0aj8yeK
wFk4+HIAqfEX1asCTW0hd7+ZrG7SU98AcsdcEBhyQ+cFB4AVO62dyIi58CDkslvk
gVOd+1xsE9a5SchsvNX+FyaslRPOndbdqnpvpo/sdkJk7/5iErAJRSb2MClGYwcn
qOGL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:01 2025 by rpki-client