Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/U2a4Mi5anG6MoVx-kSkOlCHuZ9U.roa
File: U2a4Mi5anG6MoVx-kSkOlCHuZ9U.roa (raw, json)
Hash identifier: WzVg8UcZ00h0mbpXiGBDaneFB3IZyzn0LFRbQNJ9OXc=
Subject key identifier: 53:66:B8:32:2E:5A:9C:6E:8C:A1:5C:7E:91:29:0E:94:21:EE:67:D5
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019553B98D27BDCEDACA8C1011A9164D5496
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/U2a4Mi5anG6MoVx-kSkOlCHuZ9U.roa
Signing time: Sat 01 Mar 2025 22:00:23 +0000
ROA not before: Sat 01 Mar 2025 22:00:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200091
IP address blocks: 185.169.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:53:b9:8d:27:bd:ce:da:ca:8c:10:11:a9:16:4d:54:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Mar 1 22:00:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5366b8322e5a9c6e8ca15c7e91290e9421ee67d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1e:01:25:3b:b5:7a:df:3f:12:c7:60:12:80:
e4:5c:9f:9f:ee:5c:ac:d1:03:71:2c:54:70:6c:73:
73:fc:ce:81:81:37:46:39:48:55:30:a4:c9:1e:1b:
5e:2c:4d:62:f5:72:2d:4e:4f:01:6f:27:a3:fd:c8:
90:f0:18:6d:27:4f:20:da:f1:62:81:d2:d2:55:5f:
6f:df:2c:bd:b8:ed:06:8a:dd:41:af:dd:1a:04:46:
fa:a9:0f:2f:4b:e2:db:eb:1a:08:93:e8:46:8e:78:
76:f6:24:c4:00:e7:5f:c5:fa:06:16:df:19:8c:59:
b9:6f:6b:d7:17:4c:6b:e8:ad:7a:ae:9e:43:f7:25:
8d:58:21:1b:8a:1f:36:b7:c2:ad:3b:94:01:a8:fa:
71:bd:60:fd:e1:93:47:da:d9:1f:b6:dd:ca:9b:b1:
7a:2f:67:20:f5:81:0c:51:e5:ef:05:c6:3b:34:aa:
2f:e3:fa:aa:e8:26:e4:6c:2e:4c:28:5b:84:77:4f:
6e:70:a3:50:ea:31:30:7e:88:4a:ee:c3:6a:c8:ab:
25:ff:cc:8b:08:7d:27:ae:21:85:ed:da:98:47:88:
e8:63:d0:19:ae:53:ff:fb:96:fe:90:28:aa:1a:a1:
f7:a6:a3:e5:f4:23:68:6e:49:0e:47:bb:db:03:ff:
a4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:66:B8:32:2E:5A:9C:6E:8C:A1:5C:7E:91:29:0E:94:21:EE:67:D5
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/U2a4Mi5anG6MoVx-kSkOlCHuZ9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:59:4c:af:a5:06:f0:96:03:0c:84:23:fd:9d:8f:f3:24:9e:
d0:c6:24:fb:c3:b8:3b:8d:00:61:99:59:e2:23:31:46:d8:0b:
f2:cd:ca:60:65:5c:bb:0f:ab:80:77:f6:9a:50:17:25:17:29:
d2:10:fa:a6:3f:d9:f3:24:a8:46:bb:db:f9:30:75:62:30:d9:
55:a5:60:d0:27:50:20:28:e8:4a:28:76:8c:ce:bd:eb:b8:72:
ef:93:c6:d4:7e:ec:fe:0e:f0:8e:85:a6:a6:55:c1:ad:a9:48:
7b:7f:aa:99:54:49:9a:6e:56:97:e9:11:de:d3:86:7d:4c:96:
f5:25:35:e5:5d:80:86:13:d4:b2:21:4c:80:2d:c0:e3:ff:9d:
d1:30:cc:7c:ca:9c:46:67:d3:a8:75:09:e8:f6:e5:02:ac:1d:
a9:1e:10:fb:21:62:b9:6c:32:1f:e3:3f:9b:f5:8f:f5:f0:18:
8a:68:42:8f:36:3b:25:e0:83:fe:a3:4b:bc:1f:6d:6e:6f:72:
d9:a4:51:96:d0:aa:1d:a4:bb:3e:2a:6f:e5:45:13:a7:62:29:
cb:25:04:ef:f3:ee:97:06:4f:94:a8:0c:12:6c:0a:8b:43:8f:
48:10:a2:88:e3:97:47:03:1c:22:cd:7c:f7:38:f8:6f:c7:e7:
6f:f1:97:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVTuY0nvc7ayowQEakWTVSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwMzAxMjIwMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY2YjgzMjJlNWE5YzZlOGNhMTVjN2U5MTI5MGU5NDIxZWU2N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh4BJTu1et8/EsdgEoDkXJ+f7lys
0QNxLFRwbHNz/M6BgTdGOUhVMKTJHhteLE1i9XItTk8Bbyej/ciQ8BhtJ08g2vFi
gdLSVV9v3yy9uO0Git1Br90aBEb6qQ8vS+Lb6xoIk+hGjnh29iTEAOdfxfoGFt8Z
jFm5b2vXF0xr6K16rp5D9yWNWCEbih82t8KtO5QBqPpxvWD94ZNH2tkftt3Km7F6
L2cg9YEMUeXvBcY7NKov4/qq6CbkbC5MKFuEd09ucKNQ6jEwfohK7sNqyKsl/8yL
CH0nriGF7dqYR4joY9AZrlP/+5b+kCiqGqH3pqPl9CNobkkOR7vbA/+kAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNmuDIuWpxujKFcfpEpDpQh7mfVMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvVTJhNE1pNWFuRzZNb1Z4LWtTa09sQ0h1WjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuam3MA0G
CSqGSIb3DQEBCwUAA4IBAQAtWUyvpQbwlgMMhCP9nY/zJJ7QxiT7w7g7jQBhmVni
IzFG2AvyzcpgZVy7D6uAd/aaUBclFynSEPqmP9nzJKhGu9v5MHViMNlVpWDQJ1Ag
KOhKKHaMzr3ruHLvk8bUfuz+DvCOhaamVcGtqUh7f6qZVEmablaX6RHe04Z9TJb1
JTXlXYCGE9SyIUyALcDj/53RMMx8ypxGZ9OodQno9uUCrB2pHhD7IWK5bDIf4z+b
9Y/18BiKaEKPNjsl4IP+o0u8H21ub3LZpFGW0KodpLs+Km/lRROnYinLJQTv8+6X
Bk+UqAwSbAqLQ49IEKKI45dHAxwizXz3OPhvx+dv8Zf2
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:12:46 2025 by rpki-client