Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Jwm-Y1gLbkw4UaAdwxRZjNwmTZo.roa
File: Jwm-Y1gLbkw4UaAdwxRZjNwmTZo.roa (raw, json)
Hash identifier: Q969PgNrXLr8Br8ONSHHTQG/i49jEw6PhYCVXnskszU=
Subject key identifier: 27:09:BE:63:58:0B:6E:4C:38:51:A0:1D:C3:14:59:8C:DC:26:4D:9A
Certificate issuer: /CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Certificate serial: 01941F8C0812673442AD5273A9B1E0DC1F93
Authority key identifier: 53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Jwm-Y1gLbkw4UaAdwxRZjNwmTZo.roa
Signing time: Wed 01 Jan 2025 01:47:38 +0000
ROA not before: Wed 01 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199570
IP address blocks: 45.143.44.0/22 maxlen: 22
92.243.83.0/24 maxlen: 24
149.62.33.0/24 maxlen: 24
188.213.232.0/24 maxlen: 24
2a13:ad00::/29 maxlen: 29
2a13:ad00::/37 maxlen: 37
2a13:ad00:800::/37 maxlen: 37
2a13:ad04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:08:12:67:34:42:ad:52:73:a9:b1:e0:dc:1f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Validity
Not Before: Jan 1 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2709be63580b6e4c3851a01dc314598cdc264d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5f:eb:33:34:c5:2a:55:0a:25:de:c0:35:ea:
71:aa:89:f7:14:98:e6:32:a1:39:48:1c:94:85:eb:
8a:86:cd:e8:4c:2b:56:62:ff:e9:6a:ce:bb:84:ad:
e0:94:73:c2:0f:19:62:b2:7f:b7:a7:9a:77:cc:3d:
fd:20:e5:24:72:74:f9:03:d2:52:fc:ff:e2:ad:3c:
3d:9f:6a:86:f9:51:0d:4d:df:51:3e:ce:c3:4b:f8:
8d:f2:47:dd:c6:51:5f:bc:a4:5e:db:e3:04:7b:be:
bf:31:75:06:8d:9a:79:dc:cb:c4:76:7c:4e:2d:d5:
f0:13:de:be:26:b8:ec:e7:a3:ac:f8:ec:4d:d7:a3:
f3:0d:d4:f4:13:af:05:42:3c:94:b9:f6:a5:e6:1c:
4f:ab:75:4c:aa:1a:35:97:b4:fc:81:0d:a5:f2:b3:
65:74:e3:05:3d:03:05:1d:6e:ea:6d:4e:03:8f:64:
11:9d:4b:7d:11:da:13:bd:3c:f1:09:10:6d:4f:20:
5c:de:82:ad:3e:67:39:1e:b9:14:19:0e:f4:22:e7:
6b:6b:0c:61:e7:23:76:f7:19:4a:da:a4:cd:1f:39:
7c:77:a7:1a:ec:65:34:a1:f8:df:69:41:83:57:57:
64:b0:2a:e3:2f:3b:89:c0:c7:d9:9f:66:ea:bf:09:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:09:BE:63:58:0B:6E:4C:38:51:A0:1D:C3:14:59:8C:DC:26:4D:9A
X509v3 Authority Key Identifier:
keyid:53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Jwm-Y1gLbkw4UaAdwxRZjNwmTZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.44.0/22
92.243.83.0/24
149.62.33.0/24
188.213.232.0/24
IPv6:
2a13:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
2a:eb:b0:8a:4b:a0:93:14:3b:60:e7:80:ce:d7:ea:64:29:a0:
9c:82:b8:72:f1:03:6d:6e:2c:5b:2d:4b:7e:f3:b8:c0:8c:f9:
6b:67:75:70:64:53:ff:43:58:0e:b4:8a:15:e5:ca:4f:e1:d1:
21:aa:31:8f:50:72:91:4f:03:e9:2f:e1:7b:64:de:16:31:41:
bd:d2:b1:49:1a:98:5e:c9:31:2d:5d:76:f9:b1:6f:84:e0:8c:
c9:3c:0b:2f:2a:37:2e:5e:b9:6e:6c:05:cc:3e:f4:e8:cf:cd:
09:7d:7c:64:5e:03:37:84:8d:eb:09:6f:fb:c9:7a:99:57:16:
e6:df:e5:3d:d9:ed:52:99:69:a4:80:0e:1f:65:38:ef:f4:29:
a6:5a:54:c0:c5:47:1d:43:5d:ce:b9:48:75:7a:63:c1:a3:c5:
31:3d:57:ea:2f:ff:47:a3:dd:29:0c:9a:ec:e3:cf:6d:69:62:
26:f4:2f:f6:82:30:3c:f0:84:ac:76:cf:e5:49:fb:06:1c:8b:
24:a9:c1:41:e4:0a:87:56:db:a2:39:06:c2:8d:00:5e:06:32:
11:ab:07:10:de:ce:4b:be:e4:11:9a:31:d2:0c:f4:ba:2d:a9:
9a:be:c7:e7:14:4e:d1:bd:4a:e9:e9:f4:1f:d3:3f:49:0f:80:
a3:c1:d7:04
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjAgSZzRCrVJzqbHg3B+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMWQ1NWE4NjlmMTA1YWY2YWJjZGZhMGNhNDA2YWYxZjQ5
YjI0ZjEwHhcNMjUwMTAxMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA5YmU2MzU4MGI2ZTRjMzg1MWEwMWRjMzE0NTk4Y2RjMjY0ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1/rMzTFKlUKJd7ANepxqon3FJjm
MqE5SByUheuKhs3oTCtWYv/pas67hK3glHPCDxlisn+3p5p3zD39IOUkcnT5A9JS
/P/irTw9n2qG+VENTd9RPs7DS/iN8kfdxlFfvKRe2+MEe76/MXUGjZp53MvEdnxO
LdXwE96+Jrjs56Os+OxN16PzDdT0E68FQjyUufal5hxPq3VMqho1l7T8gQ2l8rNl
dOMFPQMFHW7qbU4Dj2QRnUt9EdoTvTzxCRBtTyBc3oKtPmc5HrkUGQ70Iudrawxh
5yN29xlK2qTNHzl8d6ca7GU0ofjfaUGDV1dksCrjLzuJwMfZn2bqvwlpTQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCcJvmNYC25MOFGgHcMUWYzcJk2aMB8GA1UdIwQY
MBaAFFMdVahp8QWvarzfoMpAavH0myTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjIt
NGRjMWVmODkwNDRiLzEvSndtLVkxZ0xia3c0VWFBZHd4UlpqTndtVFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjItNGRjMWVmODkwNDRi
LzEvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLY8sAwQA
XPNTAwQAlT4hAwQAvNXoMA0EAgACMAcDBQMqE60AMA0GCSqGSIb3DQEBCwUAA4IB
AQAq67CKS6CTFDtg54DO1+pkKaCcgrhy8QNtbixbLUt+87jAjPlrZ3VwZFP/Q1gO
tIoV5cpP4dEhqjGPUHKRTwPpL+F7ZN4WMUG90rFJGpheyTEtXXb5sW+E4IzJPAsv
KjcuXrlubAXMPvToz80JfXxkXgM3hI3rCW/7yXqZVxbm3+U92e1SmWmkgA4fZTjv
9CmmWlTAxUcdQ13OuUh1emPBo8UxPVfqL/9Ho90pDJrs489taWIm9C/2gjA88ISs
ds/lSfsGHIskqcFB5AqHVtuiOQbCjQBeBjIRqwcQ3s5LvuQRmjHSDPS6Lamavsfn
FE7RvUrp6fQf0z9JD4CjwdcE
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:02:02 2025 by rpki-client