Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/jt0l6f1HzdztQ5-9M9PF01o4QMM.roa
File: jt0l6f1HzdztQ5-9M9PF01o4QMM.roa (raw, json)
Hash identifier: bW5QIzkXWNE6wUtrANSwkopBsOcaGI07YMCfYlmNYuc=
Subject key identifier: 8E:DD:25:E9:FD:47:CD:DC:ED:43:9F:BD:33:D3:C5:D3:5A:38:40:C3
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 0196AC6434F3EFFC79B8F420676B0FE9C8C3
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/jt0l6f1HzdztQ5-9M9PF01o4QMM.roa
Signing time: Wed 07 May 2025 20:16:10 +0000
ROA not before: Wed 07 May 2025 20:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 147.28.138.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.75.40.0/23 maxlen: 23
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:64:34:f3:ef:fc:79:b8:f4:20:67:6b:0f:e9:c8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: May 7 20:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8edd25e9fd47cddced439fbd33d3c5d35a3840c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:b3:80:cf:c0:0d:eb:0b:6f:bb:9c:43:62:
61:5f:e4:fb:e4:51:8e:ea:56:86:7f:58:2e:44:90:
62:68:b1:9e:7a:4a:a1:1f:f2:8c:10:ba:30:c5:12:
12:2f:c0:ec:df:96:d0:76:e1:f1:8c:73:9f:8e:11:
ec:c2:54:44:e5:b8:a7:6a:0d:8c:af:b2:b5:5f:46:
8f:30:50:53:e1:c2:44:e0:75:f0:c1:4f:40:08:57:
d3:74:76:3a:d2:f0:a0:16:be:ad:3c:4a:da:62:6a:
01:20:e7:37:06:ed:0f:85:21:3f:1e:8c:ee:b8:d8:
84:e3:c0:5c:02:66:bd:b3:50:d6:72:d4:52:23:60:
80:79:a1:58:bf:e6:f6:a9:32:8a:85:bf:8b:e1:22:
aa:44:2f:09:97:f9:cd:e8:07:18:76:a4:ce:51:bb:
df:de:04:4a:ec:c0:88:53:40:c5:72:37:97:0c:e9:
46:d9:f2:88:c3:d0:12:d7:88:9d:3a:9a:64:fe:df:
15:e5:f8:e1:f5:f2:66:18:10:b9:5c:1e:9e:57:99:
f2:ae:e9:d5:e0:3b:72:07:2a:1e:ee:71:15:71:60:
0e:18:f2:08:b6:bd:c8:6c:cd:cc:c2:8a:2b:08:07:
f7:26:dc:dd:68:46:95:f1:ae:de:5a:8a:7b:73:06:
b4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DD:25:E9:FD:47:CD:DC:ED:43:9F:BD:33:D3:C5:D3:5A:38:40:C3
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/jt0l6f1HzdztQ5-9M9PF01o4QMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.138.0/23
147.28.164.0/23
147.28.176.0/23
147.75.40.0/23
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
54:d5:43:2c:a4:44:c5:f3:02:7e:20:9b:b8:12:b3:59:f9:d2:
2d:6d:f0:1f:56:69:69:a4:ac:69:16:b6:3b:15:cf:c3:fc:eb:
d8:0c:b9:fe:6d:51:ae:44:9f:8d:f8:8d:a3:f7:4d:2a:59:ac:
4f:77:15:45:d0:67:8d:68:8e:e7:28:21:45:80:14:84:32:51:
0b:e7:fa:9c:39:20:62:1b:2e:a4:f8:7d:24:d5:6d:b7:0c:9c:
63:a6:df:af:68:78:70:9a:35:3a:5b:c5:1c:55:4d:c2:4e:34:
37:a6:7f:83:f4:59:af:04:f6:86:5b:fd:c1:82:96:8e:f3:98:
ae:c6:66:28:44:52:bf:0d:5f:8b:6a:30:d7:23:6f:84:d7:ce:
ef:25:da:9b:40:08:8b:6d:99:b9:11:ed:0d:7d:e8:07:b3:7a:
63:67:61:df:04:62:46:53:a1:24:70:e3:62:ee:ad:22:79:2d:
82:17:4e:15:0a:3a:91:2e:b1:18:f2:ec:f2:37:21:0c:d7:08:
75:6c:5a:26:38:37:8c:aa:50:0b:a1:75:88:07:39:a6:54:a9:
a3:0b:9f:d4:cd:30:cd:5b:ea:15:ad:93:a2:9f:25:bf:3c:bb:
6c:47:91:6c:bb:a2:1b:b0:08:ca:ea:d5:25:39:92:af:68:09:
ba:9e:71:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZasZDTz7/x5uPQgZ2sP6cjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwNTA3MjAxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWRkMjVlOWZkNDdjZGRjZWQ0MzlmYmQzM2QzYzVkMzVhMzg0MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaqzgM/ADesLb7ucQ2JhX+T75FGO
6laGf1guRJBiaLGeekqhH/KMELowxRISL8Ds35bQduHxjHOfjhHswlRE5binag2M
r7K1X0aPMFBT4cJE4HXwwU9ACFfTdHY60vCgFr6tPEraYmoBIOc3Bu0PhSE/Hozu
uNiE48BcAma9s1DWctRSI2CAeaFYv+b2qTKKhb+L4SKqRC8Jl/nN6AcYdqTOUbvf
3gRK7MCIU0DFcjeXDOlG2fKIw9AS14idOppk/t8V5fjh9fJmGBC5XB6eV5nyrunV
4DtyByoe7nEVcWAOGPIItr3IbM3MwoorCAf3JtzdaEaV8a7eWop7cwa0RwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI7dJen9R83c7UOfvTPTxdNaOEDDMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvanQwbDZmMUh6ZHp0UTUtOU05UEYwMW80UU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBkxyKAwQB
kxykAwQBkxywAwQBk0soAwQBk0vOMA0GCSqGSIb3DQEBCwUAA4IBAQBU1UMspETF
8wJ+IJu4ErNZ+dItbfAfVmlppKxpFrY7Fc/D/OvYDLn+bVGuRJ+N+I2j900qWaxP
dxVF0GeNaI7nKCFFgBSEMlEL5/qcOSBiGy6k+H0k1W23DJxjpt+vaHhwmjU6W8Uc
VU3CTjQ3pn+D9FmvBPaGW/3BgpaO85iuxmYoRFK/DV+LajDXI2+E187vJdqbQAiL
bZm5Ee0NfegHs3pjZ2HfBGJGU6EkcONi7q0ieS2CF04VCjqRLrEY8uzyNyEM1wh1
bFomODeMqlALoXWIBzmmVKmjC5/UzTDNW+oVrZOinyW/PLtsR5Fsu6IbsAjK6tUl
OZKvaAm6nnGv
-----END CERTIFICATE-----
Generated at Sun May 11 19:12:28 2025 by rpki-client