Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JgbQOde8dBoJm081qWbMUAe-4ck.roa
File: JgbQOde8dBoJm081qWbMUAe-4ck.roa (raw, json)
Hash identifier: cPb9R2Jy8VhYx4mnUxTDnSqP1F9DRsJ4eRz8x4iEUpo=
Subject key identifier: 26:06:D0:39:D7:BC:74:1A:09:9B:4F:35:A9:66:CC:50:07:BE:E1:C9
Certificate issuer: /CN=26671e52f7e97a2ea53f5ecabd6b94bc8c075a6a
Certificate serial: 01942444E47340A892D1239CD277DC7279BE
Authority key identifier: 26:67:1E:52:F7:E9:7A:2E:A5:3F:5E:CA:BD:6B:94:BC:8C:07:5A:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmceUvfpei6lP17KvWuUvIwHWmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JgbQOde8dBoJm081qWbMUAe-4ck.roa
Signing time: Wed 01 Jan 2025 23:48:02 +0000
ROA not before: Wed 01 Jan 2025 23:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35654
IP address blocks: 80.72.66.0/24 maxlen: 24
80.72.68.0/24 maxlen: 24
80.72.69.0/24 maxlen: 24
80.72.75.0/24 maxlen: 24
80.72.77.0/24 maxlen: 24
80.72.80.0/24 maxlen: 24
80.72.82.0/24 maxlen: 24
80.72.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JmceUvfpei6lP17KvWuUvIwHWmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JmceUvfpei6lP17KvWuUvIwHWmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmceUvfpei6lP17KvWuUvIwHWmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e4:73:40:a8:92:d1:23:9c:d2:77:dc:72:79:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26671e52f7e97a2ea53f5ecabd6b94bc8c075a6a
Validity
Not Before: Jan 1 23:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2606d039d7bc741a099b4f35a966cc5007bee1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:eb:73:8a:6f:bf:50:55:19:4e:52:fa:96:
a3:37:e7:33:d3:22:53:b3:84:73:07:42:1a:36:a0:
46:b7:49:98:e6:1c:96:04:47:7c:b4:c6:5e:ba:be:
0d:06:6a:f4:b4:87:8f:09:41:34:72:77:40:05:68:
2a:9a:7f:ed:55:f5:93:d4:7a:78:6a:50:d6:f8:4d:
6e:69:f3:64:87:6b:46:5e:ae:71:7b:ab:0e:d8:5e:
70:56:1a:68:82:56:75:5f:98:8f:81:57:ce:65:cf:
68:34:69:35:31:90:9c:ad:f4:a1:d0:e6:f9:21:55:
58:29:c0:a2:58:5f:52:32:7f:33:3e:4d:f6:c9:02:
08:97:9b:ed:82:9d:97:d8:c2:bc:15:3b:41:e3:3c:
ab:e7:df:61:f7:5d:24:3c:0e:d2:c3:d5:a2:45:3b:
a0:af:e6:21:ae:22:d1:b6:63:74:ac:26:cd:77:b5:
98:07:23:48:91:fc:f7:18:22:cd:00:0b:b4:a9:8b:
b7:72:23:c1:7b:28:4d:9e:8e:e6:b6:56:71:ae:77:
d5:eb:ed:4c:ac:ff:f7:c7:48:ae:27:c7:a6:75:70:
43:b3:9e:bb:cd:82:4b:7d:d1:eb:18:35:69:94:75:
cb:6b:13:09:75:c9:87:64:2e:90:3f:ae:4b:17:59:
75:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:06:D0:39:D7:BC:74:1A:09:9B:4F:35:A9:66:CC:50:07:BE:E1:C9
X509v3 Authority Key Identifier:
keyid:26:67:1E:52:F7:E9:7A:2E:A5:3F:5E:CA:BD:6B:94:BC:8C:07:5A:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmceUvfpei6lP17KvWuUvIwHWmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JgbQOde8dBoJm081qWbMUAe-4ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fab8bb-0547-4f33-accf-25198e0ed687/1/JmceUvfpei6lP17KvWuUvIwHWmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.66.0/24
80.72.68.0/23
80.72.75.0/24
80.72.77.0/24
80.72.80.0/24
80.72.82.0/24
80.72.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e6:ad:fa:2d:37:df:27:c1:d7:f5:aa:b3:cc:4b:e9:c4:c1:
eb:8f:7b:d3:ed:e7:50:87:03:79:89:75:5b:d2:9d:63:67:20:
5b:2c:75:7d:a6:55:4d:fc:79:f5:ec:ac:a0:a6:d7:24:f8:be:
7c:39:1f:0e:fe:08:c3:59:65:6a:9f:e1:68:84:29:ae:0b:71:
98:7c:25:12:70:3f:d7:95:71:e8:e4:21:ce:bb:0e:7e:9e:78:
d0:ec:8e:f5:69:02:e6:59:80:08:ee:47:82:a8:54:1f:fc:2a:
67:5f:0a:58:f0:aa:b4:f4:1f:5b:75:ca:6d:b5:e8:b9:92:c1:
9e:be:32:1e:1a:69:89:f3:6e:f3:e7:aa:ef:8b:26:38:b4:2f:
c8:cf:95:db:cd:10:50:8c:d9:bc:84:89:a5:5e:5d:71:41:cd:
b5:e1:0e:fe:0b:99:98:08:de:db:d0:6d:86:3b:a2:63:85:fe:
1c:9d:f6:58:b0:a3:5e:97:fe:33:dc:ad:4f:6a:11:bf:0f:8a:
19:57:e4:29:80:60:c5:56:a6:63:6e:eb:45:d0:7b:0d:40:bc:
e3:b4:f8:a9:92:ef:b6:ed:20:db:18:4c:61:aa:f8:72:dd:a2:
12:93:0e:c3:d3:2e:55:19:fe:d3:05:e3:5d:66:f8:c2:90:33:
9d:27:aa:9a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQkRORzQKiS0SOc0nfccnm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjcxZTUyZjdlOTdhMmVhNTNmNWVjYWJkNmI5NGJjOGMw
NzVhNmEwHhcNMjUwMTAxMjM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA2ZDAzOWQ3YmM3NDFhMDk5YjRmMzVhOTY2Y2M1MDA3YmVlMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP3rc4pvv1BVGU5S+pajN+cz0yJT
s4RzB0IaNqBGt0mY5hyWBEd8tMZeur4NBmr0tIePCUE0cndABWgqmn/tVfWT1Hp4
alDW+E1uafNkh2tGXq5xe6sO2F5wVhpoglZ1X5iPgVfOZc9oNGk1MZCcrfSh0Ob5
IVVYKcCiWF9SMn8zPk32yQIIl5vtgp2X2MK8FTtB4zyr599h910kPA7Sw9WiRTug
r+YhriLRtmN0rCbNd7WYByNIkfz3GCLNAAu0qYu3ciPBeyhNno7mtlZxrnfV6+1M
rP/3x0iuJ8emdXBDs567zYJLfdHrGDVplHXLaxMJdcmHZC6QP65LF1l1nQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCYG0DnXvHQaCZtPNalmzFAHvuHJMB8GA1UdIwQY
MBaAFCZnHlL36XoupT9eyr1rlLyMB1pqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1jZVV2ZnBlaTZsUDE3S3ZXdVV2SXdIV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mYWI4YmItMDU0Ny00ZjMzLWFjY2Yt
MjUxOThlMGVkNjg3LzEvSmdiUU9kZThkQm9KbTA4MXFXYk1VQWUtNGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mYWI4YmItMDU0Ny00ZjMzLWFjY2YtMjUxOThlMGVkNjg3
LzEvSm1jZVV2ZnBlaTZsUDE3S3ZXdVV2SXdIV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUEhCAwQB
UEhEAwQAUEhLAwQAUEhNAwQAUEhQAwQAUEhSAwQAUEhfMA0GCSqGSIb3DQEBCwUA
A4IBAQCk5q36LTffJ8HX9aqzzEvpxMHrj3vT7edQhwN5iXVb0p1jZyBbLHV9plVN
/Hn17Kygptck+L58OR8O/gjDWWVqn+FohCmuC3GYfCUScD/XlXHo5CHOuw5+nnjQ
7I71aQLmWYAI7keCqFQf/CpnXwpY8Kq09B9bdcpttei5ksGevjIeGmmJ827z56rv
iyY4tC/Iz5XbzRBQjNm8hImlXl1xQc214Q7+C5mYCN7b0G2GO6Jjhf4cnfZYsKNe
l/4z3K1PahG/D4oZV+QpgGDFVqZjbutF0HsNQLzjtPipku+27SDbGExhqvhy3aIS
kw7D0y5VGf7TBeNdZvjCkDOdJ6qa
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:05:18 2025 by rpki-client