Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/JtbkknZoz-ZpYkGR5Faik_dT6m8.roa
File: JtbkknZoz-ZpYkGR5Faik_dT6m8.roa (raw, json)
Hash identifier: CKgz0QGH5sNSVcZST2h0jpMtQH08uuEFFd8ZyzC9G3o=
Subject key identifier: 26:D6:E4:92:76:68:CF:E6:69:62:41:91:E4:56:A2:93:F7:53:EA:6F
Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial: 0196009421195D62926737AB935A3BE80358
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/JtbkknZoz-ZpYkGR5Faik_dT6m8.roa
Signing time: Fri 04 Apr 2025 11:33:49 +0000
ROA not before: Fri 04 Apr 2025 11:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61438
IP address blocks: 45.84.144.0/22 maxlen: 22
146.19.235.0/24 maxlen: 24
194.93.76.0/23 maxlen: 24
2a04:d200::/29 maxlen: 29
2a04:d200::/32 maxlen: 32
2a04:d201::/32 maxlen: 32
2a04:d207::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:94:21:19:5d:62:92:67:37:ab:93:5a:3b:e8:03:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Validity
Not Before: Apr 4 11:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26d6e4927668cfe669624191e456a293f753ea6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:40:c2:dd:d4:3a:f7:d0:43:c1:88:8e:07:76:
6a:d6:4f:78:08:1d:56:73:cc:e3:ff:f9:3b:03:32:
0e:55:75:db:7d:c4:6d:d8:9c:e6:eb:34:0b:0c:e9:
a7:1b:6c:f1:51:af:35:2b:fe:fc:6d:45:21:25:13:
a4:3e:f5:85:d2:5a:04:d9:2b:7b:f5:e5:19:19:41:
89:46:3b:60:e3:f2:8f:12:bc:15:f1:55:55:b3:c8:
d7:d6:75:ea:09:e7:79:9a:0e:f0:c3:1d:22:88:35:
f0:f1:a5:6a:70:f7:3b:d2:4f:2b:ab:96:9d:cf:23:
e2:39:85:6b:11:7f:1d:89:45:d4:a5:f5:e7:cb:30:
e2:d3:10:11:2b:38:5c:f4:26:7c:3b:6d:8b:5b:8a:
a6:e1:26:96:88:87:f7:6e:e4:c7:6e:49:b6:a4:b4:
dc:d0:ee:cc:08:87:fc:f0:f5:8a:0b:1f:11:29:9c:
6a:60:0c:aa:cb:cc:1f:b9:98:65:2e:2b:7d:74:ce:
4a:73:c0:76:ab:c0:46:ee:ee:0a:18:dd:1f:07:d0:
d0:9f:29:63:69:25:3a:47:f4:61:ef:5c:b7:d3:5f:
69:15:de:b1:76:96:d7:2b:d7:83:26:12:bc:70:91:
88:20:f1:5a:6a:01:6d:f8:23:1f:a2:14:53:8a:e3:
28:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D6:E4:92:76:68:CF:E6:69:62:41:91:E4:56:A2:93:F7:53:EA:6F
X509v3 Authority Key Identifier:
keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/JtbkknZoz-ZpYkGR5Faik_dT6m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.144.0/22
146.19.235.0/24
194.93.76.0/23
IPv6:
2a04:d200::/29
Signature Algorithm: sha256WithRSAEncryption
bd:44:4e:3e:0f:cb:bb:c5:1f:9c:12:29:b3:55:ac:61:f1:67:
c6:2b:76:4d:98:a5:42:48:6f:63:9b:54:a0:48:c1:b8:bb:12:
06:e4:82:f0:39:40:f9:a3:7e:17:b7:0f:61:32:0d:07:31:22:
78:47:28:b7:29:f2:54:f7:af:48:c3:fc:a8:b6:e1:8c:74:3d:
04:d5:be:23:75:c8:5f:72:92:31:06:6d:32:bd:8b:fa:2b:e5:
27:32:bb:15:c0:bd:72:13:78:e7:12:a8:92:5b:d2:cb:31:86:
1f:ab:2c:34:33:fc:a4:ee:1b:3e:8f:aa:e7:ae:8a:71:a1:f5:
9e:8f:41:58:c6:b2:22:34:30:5b:ca:66:ec:1f:53:b2:46:d5:
49:9e:4f:8b:97:84:54:f9:c8:a3:54:24:03:ef:44:ef:58:ce:
e7:aa:70:50:9b:17:6d:fd:d0:a9:0d:9e:e7:ed:e8:bc:fc:9f:
a7:6d:1a:bd:99:8a:0e:82:3f:ab:a9:a5:c6:b5:6e:4b:e6:3c:
8d:13:16:e5:e8:2e:44:f6:3c:85:cc:13:03:5a:a5:10:ae:0f:
f7:3b:29:0e:25:3b:47:99:95:40:95:c8:f0:d8:96:d3:b0:d3:
9a:f6:6b:e9:f7:da:22:18:ca:7c:cf:fb:58:f2:22:ef:61:6e:
70:85:5b:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZYAlCEZXWKSZzerk1o76ANYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl
MjBkNTYwHhcNMjUwNDA0MTEzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ2ZTQ5Mjc2NjhjZmU2Njk2MjQxOTFlNDU2YTI5M2Y3NTNlYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEDC3dQ699BDwYiOB3Zq1k94CB1W
c8zj//k7AzIOVXXbfcRt2Jzm6zQLDOmnG2zxUa81K/78bUUhJROkPvWF0loE2St7
9eUZGUGJRjtg4/KPErwV8VVVs8jX1nXqCed5mg7wwx0iiDXw8aVqcPc70k8rq5ad
zyPiOYVrEX8diUXUpfXnyzDi0xARKzhc9CZ8O22LW4qm4SaWiIf3buTHbkm2pLTc
0O7MCIf88PWKCx8RKZxqYAyqy8wfuZhlLit9dM5Kc8B2q8BG7u4KGN0fB9DQnylj
aSU6R/Rh71y3019pFd6xdpbXK9eDJhK8cJGIIPFaagFt+CMfohRTiuMoHQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCbW5JJ2aM/maWJBkeRWopP3U+pvMB8GA1UdIwQY
MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt
NDMxMThlNDk2ZDQwLzEvSnRia2tuWm96LVpwWWtHUjVGYWlrX2RUNm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw
LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVSQAwQA
khPrAwQBwl1MMA0EAgACMAcDBQMqBNIAMA0GCSqGSIb3DQEBCwUAA4IBAQC9RE4+
D8u7xR+cEimzVaxh8WfGK3ZNmKVCSG9jm1SgSMG4uxIG5ILwOUD5o34Xtw9hMg0H
MSJ4Ryi3KfJU969Iw/yotuGMdD0E1b4jdchfcpIxBm0yvYv6K+UnMrsVwL1yE3jn
EqiSW9LLMYYfqyw0M/yk7hs+j6rnropxofWej0FYxrIiNDBbymbsH1OyRtVJnk+L
l4RU+cijVCQD70TvWM7nqnBQmxdt/dCpDZ7n7ei8/J+nbRq9mYoOgj+rqaXGtW5L
5jyNExbl6C5E9jyFzBMDWqUQrg/3OykOJTtHmZVAlcjw2JbTsNOa9mvp99oiGMp8
z/tY8iLvYW5whVtM
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:45:13 2025 by rpki-client