Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/jk-_IfFTaD-MzFizpWx0AA1TkH4.roa
File: jk-_IfFTaD-MzFizpWx0AA1TkH4.roa (raw, json)
Hash identifier: wezPiSGoo0rul4hPDHDdcRTaZb8xQPAVvKZ9GBZZNU8=
Subject key identifier: 8E:4F:BF:21:F1:53:68:3F:8C:CC:58:B3:A5:6C:74:00:0D:53:90:7E
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 019420D64C084FD41FC117D9E33DDF31E817
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/jk-_IfFTaD-MzFizpWx0AA1TkH4.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60130
IP address blocks: 185.56.184.0/22 maxlen: 24
2a02:5560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4c:08:4f:d4:1f:c1:17:d9:e3:3d:df:31:e8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e4fbf21f153683f8ccc58b3a56c74000d53907e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:94:7d:3e:08:6b:c9:b8:65:1b:78:72:59:
2e:c9:1e:f7:44:cf:27:eb:ef:2f:57:9e:ac:a5:b9:
19:a1:03:bc:31:a0:3a:0c:ff:02:e6:7c:ea:a8:81:
ed:2a:a1:6c:d7:56:6d:5c:df:e4:90:23:c4:c2:8b:
63:a3:aa:e8:82:e0:25:b0:4c:b0:a7:e0:a3:d6:b6:
51:ac:69:68:f4:61:ea:9f:53:2d:a0:63:0b:55:0f:
f0:8f:8d:fa:b1:27:bf:31:0f:3c:1b:bc:94:8b:c4:
c1:fc:37:78:e3:6a:5a:a6:0b:0b:2d:cc:ab:74:f1:
7a:7c:2e:40:41:96:13:aa:a3:17:32:fa:22:b7:d6:
2c:c2:7f:90:8d:5b:45:f7:f2:7e:b2:2a:0d:b5:f0:
2b:58:a5:70:ae:e0:ca:6a:3a:33:75:27:bc:e2:5b:
c3:37:db:b6:a6:fc:ba:39:0e:5b:93:c3:a1:0e:04:
ca:9c:9d:a3:56:05:52:b9:eb:7d:55:6b:dc:de:a4:
31:b1:ec:ca:65:61:4e:06:74:16:e5:45:29:63:33:
68:18:fe:b4:dd:74:0f:1d:73:f7:b5:31:43:99:84:
c3:74:76:df:47:e5:3c:fa:05:40:00:16:24:c0:e1:
50:04:66:10:a8:2b:07:d7:12:1d:da:18:6d:8e:d4:
78:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4F:BF:21:F1:53:68:3F:8C:CC:58:B3:A5:6C:74:00:0D:53:90:7E
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/jk-_IfFTaD-MzFizpWx0AA1TkH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.184.0/22
IPv6:
2a02:5560::/32
Signature Algorithm: sha256WithRSAEncryption
9f:da:a9:7a:60:fb:b8:b4:c1:3d:79:b2:7d:f1:18:8d:e7:28:
be:25:bf:ef:12:86:58:d9:3b:73:e2:02:dd:dd:01:1b:cb:6d:
08:25:fa:2f:18:e1:2b:3e:68:b5:13:a7:57:75:7a:d0:d7:e6:
d7:43:3b:d4:c6:94:9f:39:0a:60:89:7f:86:29:93:ac:48:63:
63:ae:f2:0f:d5:0a:39:b2:2f:b8:ed:6c:19:8d:28:1b:24:31:
71:07:cc:c2:8b:4d:25:62:90:36:1a:e8:68:4a:96:d5:b0:99:
c8:ff:fc:93:5c:14:60:87:ed:e3:8a:13:86:b5:0e:0c:79:ee:
25:82:84:1e:30:05:5c:4c:e0:cd:4f:29:18:a6:6c:b1:43:b4:
c4:64:5c:37:32:86:39:34:55:0f:18:dc:90:b6:81:99:5c:38:
3f:a2:24:68:5c:cd:8e:c6:30:39:a5:89:1a:bd:df:ff:79:14:
56:25:b8:d9:ef:fd:11:51:fa:fe:e1:3c:f0:b3:72:a0:4b:85:
32:ca:06:94:90:32:5d:9c:fe:4b:93:43:40:22:5f:6c:15:41:
04:18:3e:09:14:f2:b7:34:36:d1:9b:59:38:40:ce:53:10:03:
de:77:46:d0:71:7e:94:a8:bd:a5:54:fa:77:19:fc:e0:42:ef:
44:89:2c:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1kwIT9QfwRfZ4z3fMegXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRmYmYyMWYxNTM2ODNmOGNjYzU4YjNhNTZjNzQwMDBkNTM5MDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr+UfT4Ia8m4ZRt4clkuyR73RM8n
6+8vV56spbkZoQO8MaA6DP8C5nzqqIHtKqFs11ZtXN/kkCPEwotjo6roguAlsEyw
p+Cj1rZRrGlo9GHqn1MtoGMLVQ/wj436sSe/MQ88G7yUi8TB/Dd442papgsLLcyr
dPF6fC5AQZYTqqMXMvoit9Yswn+QjVtF9/J+sioNtfArWKVwruDKajozdSe84lvD
N9u2pvy6OQ5bk8OhDgTKnJ2jVgVSuet9VWvc3qQxsezKZWFOBnQW5UUpYzNoGP60
3XQPHXP3tTFDmYTDdHbfR+U8+gVAABYkwOFQBGYQqCsH1xId2hhtjtR4LwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI5PvyHxU2g/jMxYs6VsdAANU5B+MB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvamstX0lmRlRhRC1NekZpenBXeDBBQTFUa0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTi4MA0E
AgACMAcDBQAqAlVgMA0GCSqGSIb3DQEBCwUAA4IBAQCf2ql6YPu4tME9ebJ98RiN
5yi+Jb/vEoZY2Ttz4gLd3QEby20IJfovGOErPmi1E6dXdXrQ1+bXQzvUxpSfOQpg
iX+GKZOsSGNjrvIP1Qo5si+47WwZjSgbJDFxB8zCi00lYpA2GuhoSpbVsJnI//yT
XBRgh+3jihOGtQ4Mee4lgoQeMAVcTODNTykYpmyxQ7TEZFw3MoY5NFUPGNyQtoGZ
XDg/oiRoXM2OxjA5pYkavd//eRRWJbjZ7/0RUfr+4Tzws3KgS4UyygaUkDJdnP5L
k0NAIl9sFUEEGD4JFPK3NDbRm1k4QM5TEAPed0bQcX6UqL2lVPp3GfzgQu9EiSzD
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:40 2025 by rpki-client