Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/jPPJRlQHOW3Bdo3Xffl1cKS8yYI.roa
File: jPPJRlQHOW3Bdo3Xffl1cKS8yYI.roa (raw, json)
Hash identifier: +QHKisnDpujXyoJyM4AGTUHFPfJzBO245kYgUJWvE8Q=
Subject key identifier: 8C:F3:C9:46:54:07:39:6D:C1:76:8D:D7:7D:F9:75:70:A4:BC:C9:82
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 01945A1B6382D6A4DFF71770F4E513E2F4F0
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/jPPJRlQHOW3Bdo3Xffl1cKS8yYI.roa
Signing time: Sun 12 Jan 2025 10:42:11 +0000
ROA not before: Sun 12 Jan 2025 10:42:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39386
IP address blocks: 37.224.192.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
84.235.56.0/23 maxlen: 23
84.235.95.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
84.235.122.0/23 maxlen: 23
178.86.50.0/24 maxlen: 24
193.19.244.0/24 maxlen: 24
212.118.154.0/24 maxlen: 24
2001:16a0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:1b:63:82:d6:a4:df:f7:17:70:f4:e5:13:e2:f4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Jan 12 10:42:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cf3c9465407396dc1768dd77df97570a4bcc982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:5f:1b:9a:33:eb:b2:f3:96:55:c8:de:2b:
97:97:a5:19:d6:fe:e9:f0:d7:76:d9:67:c4:67:49:
ac:e7:e7:79:1a:cb:d3:b2:d2:90:24:58:d2:3d:63:
51:b7:9f:d8:e8:b1:a3:40:a5:b1:d0:b5:f3:94:00:
b9:68:1f:11:50:26:3e:7e:0d:93:9f:e9:6a:25:e8:
3e:4c:4b:fa:84:52:3e:38:a3:0b:c5:36:ab:b1:52:
a5:32:9d:e7:0e:48:2e:68:9d:3d:90:a4:d0:15:89:
cb:55:a9:66:53:04:5c:4f:19:07:f5:ea:bc:84:cf:
e3:6e:88:d5:3c:b9:33:42:44:5a:82:8f:c2:27:c8:
93:f6:33:4d:d5:8d:65:11:d2:ef:76:90:15:f0:0b:
3a:50:ea:a1:be:30:77:3e:a1:e7:d5:50:34:41:a5:
06:a2:67:23:6a:23:dd:fc:4e:e2:e2:b3:47:7c:45:
07:9a:57:d5:4f:bb:fd:e9:a7:94:4e:73:50:7b:9d:
1e:ce:62:9c:9c:df:70:ca:39:5f:e6:c0:1f:ab:f0:
ac:b8:56:41:f5:10:5f:30:5b:e3:d4:fc:8e:ed:f5:
e7:be:c6:b2:4d:0c:c3:79:43:f5:b8:ef:b4:c3:3b:
fc:d1:a2:e3:62:47:99:48:ec:92:f7:02:09:f6:a0:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F3:C9:46:54:07:39:6D:C1:76:8D:D7:7D:F9:75:70:A4:BC:C9:82
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/jPPJRlQHOW3Bdo3Xffl1cKS8yYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
212.118.154.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
20:11:6f:4b:91:1b:28:1b:e9:0c:b7:b7:4c:20:1f:2f:6f:1b:
a4:f8:36:b7:47:9d:4b:0d:42:da:14:69:9c:75:24:97:ff:a6:
3a:b9:5b:79:b0:53:ad:7f:8b:80:80:1b:26:96:f1:96:08:f9:
43:37:40:94:47:d8:bb:3b:6d:ad:2f:8a:92:25:91:6f:33:0e:
d3:dc:2f:ac:09:08:87:51:53:10:f9:ff:e7:b3:45:2d:c8:81:
da:ed:2b:42:96:07:df:78:89:64:04:3c:fe:fb:a3:95:79:ce:
8b:20:e8:4d:b0:bf:d6:ba:d3:f2:82:6b:a7:1f:23:aa:8a:fb:
00:a2:63:c4:9b:c7:cd:40:5f:e1:3b:71:88:16:ff:e9:e3:e1:
b1:bc:45:01:6e:c4:d6:5d:72:a5:90:01:35:dd:7a:b3:a2:7a:
6f:bc:a1:43:61:af:84:17:55:85:56:98:e5:1b:8c:e5:34:63:
d9:54:32:1e:cb:c5:d6:5e:92:b4:ea:4f:62:c6:40:6c:d0:14:
10:3e:fd:ff:26:34:37:25:87:83:b1:bf:53:df:66:06:d0:53:
8d:69:95:90:ca:93:1c:eb:23:59:e2:58:1d:f0:77:f8:98:bc:
59:8b:61:6d:af:90:79:a0:33:25:b8:d6:c0:a4:ce:55:fb:8d:
1f:ed:3b:78
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZRaG2OC1qTf9xdw9OUT4vTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjUwMTEyMTA0MjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YzYzk0NjU0MDczOTZkYzE3NjhkZDc3ZGY5NzU3MGE0YmNjOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+lfG5oz67LzllXI3iuXl6UZ1v7p
8Nd22WfEZ0ms5+d5GsvTstKQJFjSPWNRt5/Y6LGjQKWx0LXzlAC5aB8RUCY+fg2T
n+lqJeg+TEv6hFI+OKMLxTarsVKlMp3nDkguaJ09kKTQFYnLValmUwRcTxkH9eq8
hM/jbojVPLkzQkRago/CJ8iT9jNN1Y1lEdLvdpAV8As6UOqhvjB3PqHn1VA0QaUG
omcjaiPd/E7i4rNHfEUHmlfVT7v96aeUTnNQe50ezmKcnN9wyjlf5sAfq/CsuFZB
9RBfMFvj1PyO7fXnvsayTQzDeUP1uO+0wzv80aLjYkeZSOyS9wIJ9qCIgwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIzzyUZUBzltwXaN1335dXCkvMmCMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvalBQSlJsUUhPVzNCZG8zWGZmbDFjS1M4eVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0AwQA1HaaMA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEB
CwUAA4IBAQAgEW9LkRsoG+kMt7dMIB8vbxuk+Da3R51LDULaFGmcdSSX/6Y6uVt5
sFOtf4uAgBsmlvGWCPlDN0CUR9i7O22tL4qSJZFvMw7T3C+sCQiHUVMQ+f/ns0Ut
yIHa7StClgffeIlkBDz++6OVec6LIOhNsL/WutPygmunHyOqivsAomPEm8fNQF/h
O3GIFv/p4+GxvEUBbsTWXXKlkAE13XqzonpvvKFDYa+EF1WFVpjlG4zlNGPZVDIe
y8XWXpK06k9ixkBs0BQQPv3/JjQ3JYeDsb9T32YG0FONaZWQypMc6yNZ4lgd8Hf4
mLxZi2Ftr5B5oDMluNbApM5V+40f7Tt4
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:06:23 2025 by rpki-client