Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/jlOcIMtwDZMSOghN5unIu5YgL8g.roa
File: jlOcIMtwDZMSOghN5unIu5YgL8g.roa (raw, json)
Hash identifier: tVPtE+nX/8/3Q++k/ZBc6Lf2E5loPE1nlFFzJO0Km0I=
Subject key identifier: 8E:53:9C:20:CB:70:0D:93:12:3A:08:4D:E6:E9:C8:BB:96:20:2F:C8
Certificate issuer: /CN=c4842f8262febd23d013d40a314d88e254b2a542
Certificate serial: 0194258EA36493107684744ADCF78FAD6DF0
Authority key identifier: C4:84:2F:82:62:FE:BD:23:D0:13:D4:0A:31:4D:88:E2:54:B2:A5:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xIQvgmL-vSPQE9QKMU2I4lSypUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/jlOcIMtwDZMSOghN5unIu5YgL8g.roa
Signing time: Thu 02 Jan 2025 05:48:12 +0000
ROA not before: Thu 02 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215658
IP address blocks: 91.239.24.0/24 maxlen: 24
2a07:ad80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/xIQvgmL-vSPQE9QKMU2I4lSypUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/xIQvgmL-vSPQE9QKMU2I4lSypUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xIQvgmL-vSPQE9QKMU2I4lSypUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:a3:64:93:10:76:84:74:4a:dc:f7:8f:ad:6d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4842f8262febd23d013d40a314d88e254b2a542
Validity
Not Before: Jan 2 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e539c20cb700d93123a084de6e9c8bb96202fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:50:d0:10:ed:2f:7a:07:f4:c5:67:a6:a4:0d:
23:f2:64:0c:ae:62:ff:f8:a3:b2:96:4d:50:4f:97:
70:67:6f:52:2c:2f:c4:9c:87:71:03:54:83:50:ae:
8a:a0:ef:e6:05:f4:ea:b5:0b:99:c9:fd:aa:47:5a:
bd:60:4e:f6:1b:6d:18:d5:da:67:93:39:8f:f0:3f:
88:39:96:08:a4:44:bb:d9:a0:00:92:ad:74:4c:cc:
cd:81:33:b9:6f:17:16:49:de:b1:92:b4:bf:e7:5c:
9c:21:29:f2:db:22:d8:6b:a1:fc:20:44:c3:f8:fe:
15:4c:86:3b:b7:ff:72:97:dc:04:eb:86:35:a7:c9:
21:47:1b:05:69:1d:ac:d0:4e:b9:14:91:39:67:9a:
b9:ff:a7:06:1e:b2:cc:09:01:b3:5c:45:00:c5:35:
6e:a9:e5:5a:c4:0b:68:6c:02:aa:13:0e:b7:e3:9a:
8c:e7:35:8c:b9:40:21:8d:fc:e8:a0:2e:ca:4f:10:
2e:d1:e9:92:17:82:76:35:f8:9e:33:35:48:c8:24:
43:f4:d0:72:c9:10:a7:f0:2b:55:ef:91:89:5c:dc:
2e:f9:05:84:85:e8:99:42:eb:67:80:65:0c:c8:da:
6e:6f:0e:97:73:7d:aa:76:e0:fa:04:f4:c9:94:4d:
66:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:53:9C:20:CB:70:0D:93:12:3A:08:4D:E6:E9:C8:BB:96:20:2F:C8
X509v3 Authority Key Identifier:
keyid:C4:84:2F:82:62:FE:BD:23:D0:13:D4:0A:31:4D:88:E2:54:B2:A5:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIQvgmL-vSPQE9QKMU2I4lSypUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/jlOcIMtwDZMSOghN5unIu5YgL8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c70fd3-dfc0-45fb-860f-fdd6741fcca3/1/xIQvgmL-vSPQE9QKMU2I4lSypUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.24.0/24
IPv6:
2a07:ad80::/29
Signature Algorithm: sha256WithRSAEncryption
31:4c:6b:33:8a:5e:f6:69:36:ce:c9:eb:71:c1:4d:50:e9:82:
13:d7:c9:ce:e5:18:91:e7:5e:d0:de:aa:6a:da:de:6b:bd:a3:
af:41:24:ef:20:84:32:a9:f7:6e:3a:a3:61:7c:4b:40:ef:06:
6b:ba:da:9c:aa:ab:b9:60:2d:ab:3c:9b:ca:49:cd:b6:a3:1c:
52:5c:f4:fa:31:08:1e:61:30:e3:f1:c2:f1:a3:07:de:cf:c8:
ab:0d:99:14:1b:3c:bc:13:b0:e8:bf:5e:c8:29:f2:c4:ad:cb:
f3:e8:eb:60:1b:59:14:2d:87:39:99:c3:2a:70:fb:13:57:09:
15:13:11:6a:5a:3b:de:25:95:0b:93:1f:f3:ab:d6:9a:7a:e1:
5b:f4:ba:fe:62:64:f9:34:b0:ad:5e:e6:f5:e7:59:1b:32:2b:
84:97:79:f0:30:36:97:b0:5f:d2:6d:94:45:ed:a1:17:cb:c2:
e6:66:c7:d3:9d:9d:7d:e4:bf:72:30:7e:0c:bb:84:8e:97:64:
52:b0:09:e1:e2:0e:46:5f:6b:39:06:2e:7f:f3:1f:6f:0d:a2:
8a:c9:d1:9d:65:5e:3c:d1:c4:60:0d:f0:55:11:92:e5:c0:66:
0b:93:9d:9c:eb:b9:e3:a7:48:de:1e:9a:14:5a:72:07:fb:00:
b6:45:3d:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljqNkkxB2hHRK3PePrW3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ODQyZjgyNjJmZWJkMjNkMDEzZDQwYTMxNGQ4OGUyNTRi
MmE1NDIwHhcNMjUwMTAyMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUzOWMyMGNiNzAwZDkzMTIzYTA4NGRlNmU5YzhiYjk2MjAyZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1DQEO0vegf0xWempA0j8mQMrmL/
+KOylk1QT5dwZ29SLC/EnIdxA1SDUK6KoO/mBfTqtQuZyf2qR1q9YE72G20Y1dpn
kzmP8D+IOZYIpES72aAAkq10TMzNgTO5bxcWSd6xkrS/51ycISny2yLYa6H8IETD
+P4VTIY7t/9yl9wE64Y1p8khRxsFaR2s0E65FJE5Z5q5/6cGHrLMCQGzXEUAxTVu
qeVaxAtobAKqEw6345qM5zWMuUAhjfzooC7KTxAu0emSF4J2NfieMzVIyCRD9NBy
yRCn8CtV75GJXNwu+QWEheiZQutngGUMyNpubw6Xc32qduD6BPTJlE1mIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI5TnCDLcA2TEjoITebpyLuWIC/IMB8GA1UdIwQY
MBaAFMSEL4Ji/r0j0BPUCjFNiOJUsqVCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveElRdmdtTC12U1BRRTlRS01VMkk0bFN5cFVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNzBmZDMtZGZjMC00NWZiLTg2MGYt
ZmRkNjc0MWZjY2EzLzEvamxPY0lNdHdEWk1TT2doTjV1bkl1NVlnTDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNzBmZDMtZGZjMC00NWZiLTg2MGYtZmRkNjc0MWZjY2Ez
LzEveElRdmdtTC12U1BRRTlRS01VMkk0bFN5cFVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+8YMA0E
AgACMAcDBQMqB62AMA0GCSqGSIb3DQEBCwUAA4IBAQAxTGszil72aTbOyetxwU1Q
6YIT18nO5RiR517Q3qpq2t5rvaOvQSTvIIQyqfduOqNhfEtA7wZrutqcqqu5YC2r
PJvKSc22oxxSXPT6MQgeYTDj8cLxowfez8irDZkUGzy8E7Dov17IKfLErcvz6Otg
G1kULYc5mcMqcPsTVwkVExFqWjveJZULkx/zq9aaeuFb9Lr+YmT5NLCtXub151kb
MiuEl3nwMDaXsF/SbZRF7aEXy8LmZsfTnZ195L9yMH4Mu4SOl2RSsAnh4g5GX2s5
Bi5/8x9vDaKKydGdZV480cRgDfBVEZLlwGYLk52c67njp0jeHpoUWnIH+wC2RT27
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:23 2025 by rpki-client