Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/L7hjIkY3zoZbF7otJPkyYp1-3GQ.roa
File: L7hjIkY3zoZbF7otJPkyYp1-3GQ.roa (raw, json)
Hash identifier: KFKmyw3tb9aiPbS7iVWhwyX+8k/yoTNSo8uFnLcyUwc=
Subject key identifier: 2F:B8:63:22:46:37:CE:86:5B:17:BA:2D:24:F9:32:62:9D:7E:DC:64
Certificate issuer: /CN=25a89539520004270d34253bdc16d87784156e1a
Certificate serial: 01941FFA22040943D7F5A52969C28EFBBA57
Authority key identifier: 25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/L7hjIkY3zoZbF7otJPkyYp1-3GQ.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8893
IP address blocks: 80.252.96.0/20 maxlen: 24
212.48.96.0/19 maxlen: 24
212.53.128.0/17 maxlen: 24
212.72.160.0/19 maxlen: 24
2a00:1f78::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:22:04:09:43:d7:f5:a5:29:69:c2:8e:fb:ba:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a89539520004270d34253bdc16d87784156e1a
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fb863224637ce865b17ba2d24f932629d7edc64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:a4:9c:6a:69:0c:87:45:46:df:be:b1:8c:
4a:60:9d:c2:06:1e:a9:18:2b:dc:bd:5f:0e:bb:4b:
90:ee:39:54:23:5b:58:5f:81:a4:2a:42:68:2a:ff:
95:7d:a2:c6:02:7b:b6:88:54:4c:65:42:29:e2:d2:
c0:ac:fe:79:3d:f2:3c:b4:e9:7b:3d:f8:69:e4:16:
aa:01:d3:f4:01:19:a7:62:50:40:b2:8b:ad:ce:fa:
29:9f:4e:23:b0:97:c0:7a:1e:8c:b8:b2:b6:a2:ee:
90:f9:e9:7a:50:20:06:fd:8e:16:8c:be:c6:cc:cd:
d4:9e:27:96:4c:d4:39:88:c4:8b:46:de:99:0b:56:
c6:27:1d:b6:1f:86:76:e9:c3:c9:3a:27:f7:d2:6a:
32:fd:75:b4:3b:7a:41:47:5f:a5:63:65:af:be:c8:
c6:c7:7b:37:6c:39:c8:4a:f3:9f:05:44:dc:bd:2b:
c5:f3:5f:59:00:07:03:0d:51:ab:12:cf:f3:f2:67:
ca:16:82:51:a6:9b:64:b3:a5:dc:28:1f:56:b1:9f:
48:c1:30:4d:02:ec:49:1d:1d:0d:12:74:d4:e8:76:
ad:d0:86:46:29:d4:9f:1a:61:36:2e:b6:df:99:7d:
c1:64:88:09:a5:5b:85:d2:41:2e:6f:b8:25:0f:55:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B8:63:22:46:37:CE:86:5B:17:BA:2D:24:F9:32:62:9D:7E:DC:64
X509v3 Authority Key Identifier:
keyid:25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/L7hjIkY3zoZbF7otJPkyYp1-3GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.96.0/20
212.48.96.0/19
212.53.128.0/17
212.72.160.0/19
IPv6:
2a00:1f78::/29
Signature Algorithm: sha256WithRSAEncryption
1b:bf:77:51:db:b6:7b:39:a7:65:92:06:1b:03:5b:87:35:4a:
ef:68:ed:7c:16:1b:eb:f2:ed:d5:b8:96:ad:27:34:c3:2e:af:
a5:06:f1:9b:68:c2:70:84:65:da:44:98:2d:37:54:c6:77:e9:
57:75:e7:75:3f:98:e0:cf:26:f6:f2:7d:2e:42:4e:17:14:82:
ef:fb:69:31:ef:62:32:d9:d7:a7:fb:6b:2b:68:45:40:d3:46:
0c:7a:b9:6b:d5:55:53:e3:c7:1d:6a:e3:1a:31:47:2c:f3:1a:
fb:38:6c:e3:84:7e:8f:3d:68:3f:ed:8e:aa:63:b3:c7:c9:69:
a4:2a:17:cf:5f:fb:da:f4:82:84:8e:60:4c:24:18:53:23:c9:
6d:af:6e:71:a0:9e:79:04:a5:cd:36:f4:39:02:c6:e3:ac:47:
61:71:de:38:4e:ab:06:85:fb:0a:c8:d5:04:a2:3f:42:80:84:
7b:21:92:ae:91:34:7f:df:63:9d:46:4f:0f:9e:1c:ea:34:2f:
fa:ec:f6:d9:35:0b:d0:e1:59:7f:3d:b7:99:bb:50:82:98:2c:
8a:ee:bb:c9:cf:fe:34:ff:11:2a:f6:28:e0:c7:75:fb:eb:dd:
4e:4b:8b:49:94:7b:5c:ad:b6:3d:cc:a0:52:a2:9d:3e:d1:ff:
0e:b9:6d:75
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+iIECUPX9aUpacKO+7pXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTg5NTM5NTIwMDA0MjcwZDM0MjUzYmRjMTZkODc3ODQx
NTZlMWEwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI4NjMyMjQ2MzdjZTg2NWIxN2JhMmQyNGY5MzI2MjlkN2VkYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFmknGppDIdFRt++sYxKYJ3CBh6p
GCvcvV8Ou0uQ7jlUI1tYX4GkKkJoKv+VfaLGAnu2iFRMZUIp4tLArP55PfI8tOl7
Pfhp5BaqAdP0ARmnYlBAsoutzvopn04jsJfAeh6MuLK2ou6Q+el6UCAG/Y4WjL7G
zM3UnieWTNQ5iMSLRt6ZC1bGJx22H4Z26cPJOif30moy/XW0O3pBR1+lY2WvvsjG
x3s3bDnISvOfBUTcvSvF819ZAAcDDVGrEs/z8mfKFoJRpptks6XcKB9WsZ9IwTBN
AuxJHR0NEnTU6Hat0IZGKdSfGmE2LrbfmX3BZIgJpVuF0kEub7glD1UdIwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC+4YyJGN86GWxe6LST5MmKdftxkMB8GA1UdIwQY
MBaAFCWolTlSAAQnDTQlO9wW2HeEFW4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgt
ZDAwNTI2YjkxNjA1LzEvTDdoaklrWTN6b1piRjdvdEpQa3lZcDEtM0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgtZDAwNTI2YjkxNjA1
LzEvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPxgAwQF
1DBgAwQH1DWAAwQF1EigMA0EAgACMAcDBQMqAB94MA0GCSqGSIb3DQEBCwUAA4IB
AQAbv3dR27Z7OadlkgYbA1uHNUrvaO18Fhvr8u3VuJatJzTDLq+lBvGbaMJwhGXa
RJgtN1TGd+lXded1P5jgzyb28n0uQk4XFILv+2kx72Iy2den+2sraEVA00YMerlr
1VVT48cdauMaMUcs8xr7OGzjhH6PPWg/7Y6qY7PHyWmkKhfPX/va9IKEjmBMJBhT
I8ltr25xoJ55BKXNNvQ5AsbjrEdhcd44TqsGhfsKyNUEoj9CgIR7IZKukTR/32Od
Rk8PnhzqNC/67PbZNQvQ4Vl/PbeZu1CCmCyK7rvJz/40/xEq9ijgx3X7691OS4tJ
lHtcrbY9zKBSop0+0f8OuW11
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:30:36 2025 by rpki-client