Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/jwmg81-ORqOZPp9Rh2D6s4HVTYQ.roa
File: jwmg81-ORqOZPp9Rh2D6s4HVTYQ.roa (raw, json)
Hash identifier: Uluu1ohil2uH9NagTZ/BKMHEBskA/iElgGUpNpib8O4=
Subject key identifier: 8F:09:A0:F3:5F:8E:46:A3:99:3E:9F:51:87:60:FA:B3:81:D5:4D:84
Certificate issuer: /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial: 01942067E73D617792546900E98D2DB73991
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/jwmg81-ORqOZPp9Rh2D6s4HVTYQ.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205133
IP address blocks: 46.227.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 04:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e7:3d:61:77:92:54:69:00:e9:8d:2d:b7:39:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f09a0f35f8e46a3993e9f518760fab381d54d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:44:5c:9e:47:f6:a0:33:8c:15:8e:b9:39:e6:
9a:15:29:ea:37:d0:5a:ab:14:99:ad:a7:f2:67:8f:
0f:76:6c:be:91:82:58:55:71:cf:18:38:1f:b6:df:
5f:06:64:b8:53:18:16:3d:e5:de:b9:61:1d:47:c4:
c5:53:92:7e:3f:8e:71:54:f3:50:99:94:46:db:f2:
ef:ac:b0:6e:e0:da:5c:81:f9:9e:0a:d6:94:95:c5:
76:c9:4c:35:f5:63:b0:e4:3d:8e:61:d5:a6:8c:92:
45:b5:93:e8:39:8d:86:fc:9d:ee:9d:5e:81:5a:52:
2b:74:83:10:0b:eb:f7:2f:ad:db:5a:cd:af:73:a5:
dc:fc:1e:13:cf:ee:48:7a:d6:cc:62:c7:86:c2:cb:
4e:7c:a4:f0:5e:ad:25:78:3a:99:08:ba:5a:be:32:
fb:36:ba:63:1a:15:08:ce:19:83:6e:a5:e6:ab:cf:
d9:66:19:ba:11:6f:ce:6b:9e:77:7a:0b:d0:e8:5d:
8b:07:4a:f0:1e:0e:f4:32:df:d7:1f:28:03:43:2c:
e7:2f:94:32:35:64:b9:aa:ca:a0:bd:71:9d:23:4a:
26:3c:dc:b5:6a:32:89:f7:40:ec:d7:28:1a:d9:d7:
2f:ab:7f:91:1d:52:09:bd:ab:0e:ca:82:ae:ab:05:
33:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:09:A0:F3:5F:8E:46:A3:99:3E:9F:51:87:60:FA:B3:81:D5:4D:84
X509v3 Authority Key Identifier:
keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/jwmg81-ORqOZPp9Rh2D6s4HVTYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
60:8d:e4:0d:d7:e5:46:22:da:7c:63:60:58:20:7e:48:a4:8a:
44:34:f1:65:44:07:cb:12:87:92:1e:61:72:e0:21:54:8c:cf:
64:d8:0a:68:4d:59:dd:f7:7a:97:ca:67:e3:a9:33:38:73:53:
bd:75:db:09:4f:42:17:0e:ee:fd:89:b3:21:83:7c:1c:5a:62:
7f:60:c5:07:a4:03:25:16:05:c1:3f:ef:9d:5c:b1:e6:83:1c:
74:41:41:87:0d:ae:8e:af:98:37:a9:dc:6c:c4:3f:35:38:74:
97:6a:d0:ed:b6:47:33:86:27:b8:4c:8c:4f:95:a6:8c:e7:42:
4f:08:f4:a7:b6:ef:e8:2c:b0:68:37:7e:d6:c8:12:5a:b3:04:
0f:bd:07:f4:77:a0:ae:f6:6d:52:c6:0c:a1:4f:2d:c2:ba:4a:
db:10:30:ef:39:a1:b2:4f:4c:f3:85:d0:dc:95:8b:e6:45:06:
90:69:4e:b7:ac:53:f4:c3:0d:bc:8b:4d:ae:4f:7c:44:f3:b6:
e5:04:fe:73:d8:5e:8e:90:8c:4e:fb:41:d4:61:7d:68:a3:dd:
9b:f5:03:16:53:b8:55:ea:9e:74:58:a8:eb:5a:31:38:22:b0:
3e:13:fa:56:3c:c0:28:f2:ec:22:e0:b3:94:e3:95:2e:79:76:
52:72:a9:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+c9YXeSVGkA6Y0ttzmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA5YTBmMzVmOGU0NmEzOTkzZTlmNTE4NzYwZmFiMzgxZDU0ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ERcnkf2oDOMFY65OeaaFSnqN9Ba
qxSZrafyZ48Pdmy+kYJYVXHPGDgftt9fBmS4UxgWPeXeuWEdR8TFU5J+P45xVPNQ
mZRG2/LvrLBu4NpcgfmeCtaUlcV2yUw19WOw5D2OYdWmjJJFtZPoOY2G/J3unV6B
WlIrdIMQC+v3L63bWs2vc6Xc/B4Tz+5IetbMYseGwstOfKTwXq0leDqZCLpavjL7
NrpjGhUIzhmDbqXmq8/ZZhm6EW/Oa553egvQ6F2LB0rwHg70Mt/XHygDQyznL5Qy
NWS5qsqgvXGdI0omPNy1ajKJ90Ds1yga2dcvq3+RHVIJvasOyoKuqwUzMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8JoPNfjkajmT6fUYdg+rOB1U2EMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvandtZzgxLU9ScU9aUHA5UmgyRDZzNEhWVFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuMjMA0G
CSqGSIb3DQEBCwUAA4IBAQBgjeQN1+VGItp8Y2BYIH5IpIpENPFlRAfLEoeSHmFy
4CFUjM9k2ApoTVnd93qXymfjqTM4c1O9ddsJT0IXDu79ibMhg3wcWmJ/YMUHpAMl
FgXBP++dXLHmgxx0QUGHDa6Or5g3qdxsxD81OHSXatDttkczhie4TIxPlaaM50JP
CPSntu/oLLBoN37WyBJaswQPvQf0d6Cu9m1SxgyhTy3CukrbEDDvOaGyT0zzhdDc
lYvmRQaQaU63rFP0ww28i02uT3xE87blBP5z2F6OkIxO+0HUYX1oo92b9QMWU7hV
6p50WKjrWjE4IrA+E/pWPMAo8uwi4LOU45UueXZScqnw
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:53:40 2025 by rpki-client