Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/uOq6i2-TnOYCsxAxwvHpJmAlTfg.roa
File: uOq6i2-TnOYCsxAxwvHpJmAlTfg.roa (raw, json)
Hash identifier: 9inVtd7SVRI0UIGAJNZs9aNl1wsnYwDi5iWNfEOoDLM=
Subject key identifier: B8:EA:BA:8B:6F:93:9C:E6:02:B3:10:31:C2:F1:E9:26:60:25:4D:F8
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 019428254F10A7BBEAAB27E0B7AC1FB0A0B5
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/uOq6i2-TnOYCsxAxwvHpJmAlTfg.roa
Signing time: Thu 02 Jan 2025 17:52:01 +0000
ROA not before: Thu 02 Jan 2025 17:52:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 193.239.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:4f:10:a7:bb:ea:ab:27:e0:b7:ac:1f:b0:a0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 17:52:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8eaba8b6f939ce602b31031c2f1e92660254df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:9b:16:7f:a7:19:a8:3a:c5:8d:23:ef:47:
23:49:1d:7b:8b:08:24:52:8c:22:9c:c0:10:3b:77:
ad:a9:78:69:a8:4e:75:5a:38:ed:f5:3a:fc:87:e5:
0e:25:c1:ff:a5:fc:72:ea:4e:cc:a1:fa:59:ea:d0:
30:ed:39:58:b4:d2:7e:15:f7:ce:c4:2a:99:4b:ba:
52:2b:4a:f4:ea:78:a9:3f:8d:4b:3a:a8:8b:01:55:
70:90:dc:08:54:cc:32:76:08:93:65:96:23:c4:c7:
eb:98:10:6a:08:46:ec:d6:47:fc:e7:ce:92:02:27:
09:b7:71:73:82:27:c5:98:c2:05:0d:bb:c8:37:4b:
42:e8:ad:35:3f:2b:db:7d:97:3b:5e:7e:52:68:b9:
66:46:7c:6d:0a:a0:1a:5c:55:c3:d7:18:e8:97:30:
ee:5a:eb:a8:94:dd:2d:24:e8:f7:e7:ca:0a:0f:dc:
41:cc:78:17:e6:92:9b:63:c1:62:23:c8:68:61:2f:
0e:df:77:31:e4:41:b5:6c:19:79:a0:3b:16:66:bb:
41:86:3a:c8:c0:76:81:06:65:32:05:df:27:ae:51:
24:1c:30:cd:ac:00:8a:6d:cb:d1:91:b4:23:bb:8a:
d2:ec:db:6b:af:eb:d8:13:bd:ea:53:18:25:f6:10:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EA:BA:8B:6F:93:9C:E6:02:B3:10:31:C2:F1:E9:26:60:25:4D:F8
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/uOq6i2-TnOYCsxAxwvHpJmAlTfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.155.0/24
Signature Algorithm: sha256WithRSAEncryption
61:5b:af:3b:3b:62:36:48:ba:5e:d4:fc:3f:63:11:2b:a0:86:
f3:64:59:3d:c5:e7:0d:9f:4f:92:b2:56:4c:eb:69:20:fb:6d:
50:ec:35:70:96:e0:70:27:3e:ef:de:b2:fb:4f:ef:db:57:d4:
b7:3f:8d:cb:2d:ca:9f:f2:87:3b:6d:11:9e:cb:16:63:1e:54:
d4:31:42:0a:4d:5b:38:1c:5b:74:c5:06:aa:18:3c:f7:5c:8a:
98:d7:75:3f:47:bf:0f:8e:6e:0d:0c:62:0e:e7:8b:02:5a:90:
b3:d2:db:b3:b1:1e:3c:f0:e2:21:b3:05:e7:12:e5:1a:1b:0c:
cd:50:04:ee:3d:fb:41:eb:d0:bb:0c:fd:d7:e8:22:b4:84:e0:
ab:9a:4a:e1:4f:aa:86:79:9d:a5:fd:99:17:9b:24:cc:e0:0a:
b8:22:36:37:82:db:a5:4c:7e:50:2b:fb:bc:2c:9c:3f:91:0b:
a3:1a:56:02:3e:be:34:68:e4:07:3e:9d:b4:50:ff:dd:02:3c:
8c:76:ca:a8:01:91:8b:48:57:fa:c8:a6:e1:be:68:12:10:fa:
22:93:b1:41:9a:f5:27:b4:db:15:af:4b:bb:b4:fc:95:6b:3c:
b6:4c:68:1f:c5:03:6e:70:b2:73:e2:53:5d:6b:81:17:b4:56:
2c:d2:8e:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJU8Qp7vqqyfgt6wfsKC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjUwMTAyMTc1MjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVhYmE4YjZmOTM5Y2U2MDJiMzEwMzFjMmYxZTkyNjYwMjU0ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttSbFn+nGag6xY0j70cjSR17iwgk
UowinMAQO3etqXhpqE51Wjjt9Tr8h+UOJcH/pfxy6k7MofpZ6tAw7TlYtNJ+FffO
xCqZS7pSK0r06nipP41LOqiLAVVwkNwIVMwydgiTZZYjxMfrmBBqCEbs1kf8586S
AicJt3FzgifFmMIFDbvIN0tC6K01PyvbfZc7Xn5SaLlmRnxtCqAaXFXD1xjolzDu
WuuolN0tJOj358oKD9xBzHgX5pKbY8FiI8hoYS8O33cx5EG1bBl5oDsWZrtBhjrI
wHaBBmUyBd8nrlEkHDDNrACKbcvRkbQju4rS7Ntrr+vYE73qUxgl9hBamwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjquotvk5zmArMQMcLx6SZgJU34MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvdU9xNmkyLVRuT1lDc3hBeHd2SHBKbUFsVGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe+bMA0G
CSqGSIb3DQEBCwUAA4IBAQBhW687O2I2SLpe1Pw/YxEroIbzZFk9xecNn0+SslZM
62kg+21Q7DVwluBwJz7v3rL7T+/bV9S3P43LLcqf8oc7bRGeyxZjHlTUMUIKTVs4
HFt0xQaqGDz3XIqY13U/R78Pjm4NDGIO54sCWpCz0tuzsR488OIhswXnEuUaGwzN
UATuPftB69C7DP3X6CK0hOCrmkrhT6qGeZ2l/ZkXmyTM4Aq4IjY3gtulTH5QK/u8
LJw/kQujGlYCPr40aOQHPp20UP/dAjyMdsqoAZGLSFf6yKbhvmgSEPoik7FBmvUn
tNsVr0u7tPyVazy2TGgfxQNucLJz4lNda4EXtFYs0o5W
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:01:16 2025 by rpki-client