Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/JBec802FdcKabjY28XiR5H1LtHE.roa
File: JBec802FdcKabjY28XiR5H1LtHE.roa (raw, json)
Hash identifier: K48XffcS0X6Fp6KuIpuhXGlT+fph47E9cUUhQv9Lq8o=
Subject key identifier: 24:17:9C:F3:4D:85:75:C2:9A:6E:36:36:F1:78:91:E4:7D:4B:B4:71
Certificate issuer: /CN=65a9066d5b6ac3019c2037f579d11bae1a5eea73
Certificate serial: 0194221F987CCF2084A4C95BAA75370A10D1
Authority key identifier: 65:A9:06:6D:5B:6A:C3:01:9C:20:37:F5:79:D1:1B:AE:1A:5E:EA:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/JBec802FdcKabjY28XiR5H1LtHE.roa
Signing time: Wed 01 Jan 2025 13:48:03 +0000
ROA not before: Wed 01 Jan 2025 13:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24812
IP address blocks: 91.225.4.0/22 maxlen: 22
176.105.192.0/22 maxlen: 22
176.105.193.0/24 maxlen: 24
176.105.194.0/23 maxlen: 23
176.105.194.0/24 maxlen: 24
176.105.196.0/24 maxlen: 24
176.105.197.0/24 maxlen: 24
176.105.198.0/24 maxlen: 24
176.105.199.0/24 maxlen: 24
176.105.200.0/22 maxlen: 22
176.105.200.0/23 maxlen: 23
176.105.204.0/23 maxlen: 23
176.105.204.0/24 maxlen: 24
176.105.206.0/23 maxlen: 23
176.105.208.0/22 maxlen: 22
176.105.208.0/24 maxlen: 24
176.105.209.0/24 maxlen: 24
176.105.210.0/23 maxlen: 23
176.105.212.0/22 maxlen: 22
176.105.212.0/23 maxlen: 23
176.105.216.0/23 maxlen: 23
176.105.218.0/23 maxlen: 23
176.105.218.0/24 maxlen: 24
176.105.220.0/24 maxlen: 24
176.105.221.0/24 maxlen: 24
176.105.222.0/24 maxlen: 24
176.105.223.0/24 maxlen: 24
178.159.208.0/20 maxlen: 20
178.159.216.0/24 maxlen: 24
178.159.217.0/24 maxlen: 24
178.159.218.0/24 maxlen: 24
178.159.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:98:7c:cf:20:84:a4:c9:5b:aa:75:37:0a:10:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a9066d5b6ac3019c2037f579d11bae1a5eea73
Validity
Not Before: Jan 1 13:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24179cf34d8575c29a6e3636f17891e47d4bb471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:57:e5:da:85:30:16:aa:b6:ab:6e:19:66:
99:46:46:d3:ab:4e:29:3b:1d:14:e0:3f:98:a1:d9:
fe:73:45:bf:1b:95:cb:bc:f6:7b:a4:12:e3:ea:7a:
20:61:3b:26:49:3b:b1:a0:ca:f4:c9:d2:56:d9:cb:
0e:05:69:30:60:eb:f0:19:57:7a:0a:4c:15:55:04:
94:53:cf:01:b6:b2:b3:04:05:ce:68:5d:e0:10:65:
11:37:bb:d4:0e:51:d6:7c:06:53:6a:45:31:92:32:
27:14:ca:45:d0:1a:3d:12:44:fa:22:40:7e:06:63:
0d:29:58:7f:a5:99:ee:ca:4a:63:54:cd:0d:87:b9:
73:d0:ea:bb:19:9f:31:fc:71:81:31:56:e5:d4:94:
83:23:6a:73:35:16:f3:c3:5b:21:34:59:b7:11:c1:
d5:63:42:76:44:c0:fb:fe:ed:f6:34:3d:9f:92:4b:
22:a1:60:a7:f6:e9:fc:0b:97:38:b7:15:dc:5c:53:
85:77:62:b5:9b:db:31:85:1a:4f:7d:f6:82:8d:75:
ed:58:3b:3f:2d:50:47:76:7a:67:02:13:73:95:ba:
2e:56:fa:a9:23:25:98:91:d5:1d:ca:11:f1:26:d0:
e8:ea:23:17:9f:c7:69:f4:9b:26:62:b5:42:16:92:
bb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:17:9C:F3:4D:85:75:C2:9A:6E:36:36:F1:78:91:E4:7D:4B:B4:71
X509v3 Authority Key Identifier:
keyid:65:A9:06:6D:5B:6A:C3:01:9C:20:37:F5:79:D1:1B:AE:1A:5E:EA:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZakGbVtqwwGcIDf1edEbrhpe6nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/JBec802FdcKabjY28XiR5H1LtHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4f9f29-a03e-4c45-82cd-18f343488286/1/ZakGbVtqwwGcIDf1edEbrhpe6nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.4.0/22
176.105.192.0/19
178.159.208.0/20
Signature Algorithm: sha256WithRSAEncryption
25:a8:b8:15:74:97:43:03:b3:00:fb:76:77:d9:0d:f9:e2:8b:
31:59:8e:82:82:5d:ff:7e:24:75:ee:8e:0b:c5:f5:f9:92:9d:
ec:5b:bd:36:32:33:84:0b:c9:bc:cc:b4:28:db:52:1a:9a:8e:
cb:e2:3a:a4:ab:8a:6b:1f:34:77:3a:a0:ac:96:b3:12:02:34:
55:15:e3:8c:d7:dd:b5:f1:ab:9e:34:bd:ce:29:88:c6:74:fb:
14:3c:c2:1e:55:2d:7a:55:02:28:6d:45:80:ec:d5:5e:60:bd:
7d:6d:98:67:65:a7:84:53:fd:e2:21:10:4f:0d:df:67:47:e1:
18:ef:eb:2a:7a:61:c3:f6:33:05:de:9f:e7:71:56:bb:de:8b:
02:25:2a:b0:f3:3b:d2:25:87:1f:99:ad:14:05:bc:db:08:9c:
a2:8b:8a:b6:e1:35:48:3b:fb:71:52:71:3f:a3:04:00:75:4f:
66:ac:9f:6a:1f:88:83:c0:e9:e2:6f:94:23:53:10:c1:98:f7:
fe:98:b9:46:f6:06:32:63:eb:7f:a9:19:b5:fc:2c:68:ad:95:
42:47:e6:25:20:35:f7:5c:9f:c7:7f:91:85:af:a0:21:2d:5b:
fa:8a:9d:72:3d:3f:3c:ff:b9:af:df:95:d1:2c:2d:a1:ea:10:
da:75:ab:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH5h8zyCEpMlbqnU3ChDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTkwNjZkNWI2YWMzMDE5YzIwMzdmNTc5ZDExYmFlMWE1
ZWVhNzMwHhcNMjUwMTAxMTM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDE3OWNmMzRkODU3NWMyOWE2ZTM2MzZmMTc4OTFlNDdkNGJiNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZJX5dqFMBaqtqtuGWaZRkbTq04p
Ox0U4D+Yodn+c0W/G5XLvPZ7pBLj6nogYTsmSTuxoMr0ydJW2csOBWkwYOvwGVd6
CkwVVQSUU88BtrKzBAXOaF3gEGURN7vUDlHWfAZTakUxkjInFMpF0Bo9EkT6IkB+
BmMNKVh/pZnuykpjVM0Nh7lz0Oq7GZ8x/HGBMVbl1JSDI2pzNRbzw1shNFm3EcHV
Y0J2RMD7/u32ND2fkksioWCn9un8C5c4txXcXFOFd2K1m9sxhRpPffaCjXXtWDs/
LVBHdnpnAhNzlbouVvqpIyWYkdUdyhHxJtDo6iMXn8dp9JsmYrVCFpK7hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCQXnPNNhXXCmm42NvF4keR9S7RxMB8GA1UdIwQY
MBaAFGWpBm1basMBnCA39XnRG64aXupzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFrR2JWdHF3d0djSURmMWVkRWJyaHBlNm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80ZjlmMjktYTAzZS00YzQ1LTgyY2Qt
MThmMzQzNDg4Mjg2LzEvSkJlYzgwMkZkY0thYmpZMjhYaVI1SDFMdEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC80ZjlmMjktYTAzZS00YzQ1LTgyY2QtMThmMzQzNDg4Mjg2
LzEvWmFrR2JWdHF3d0djSURmMWVkRWJyaHBlNm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+EEAwQF
sGnAAwQEsp/QMA0GCSqGSIb3DQEBCwUAA4IBAQAlqLgVdJdDA7MA+3Z32Q354osx
WY6Cgl3/fiR17o4LxfX5kp3sW702MjOEC8m8zLQo21Iamo7L4jqkq4prHzR3OqCs
lrMSAjRVFeOM19218aueNL3OKYjGdPsUPMIeVS16VQIobUWA7NVeYL19bZhnZaeE
U/3iIRBPDd9nR+EY7+sqemHD9jMF3p/ncVa73osCJSqw8zvSJYcfma0UBbzbCJyi
i4q24TVIO/txUnE/owQAdU9mrJ9qH4iDwOnib5QjUxDBmPf+mLlG9gYyY+t/qRm1
/CxorZVCR+YlIDX3XJ/Hf5GFr6AhLVv6ip1yPT88/7mv35XRLC2h6hDadas/
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:48:42 2025 by rpki-client