Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/udh3xGDNJXhOcF-5H4cWJu3ktiY.roa
File: udh3xGDNJXhOcF-5H4cWJu3ktiY.roa (raw, json)
Hash identifier: ocPGT+ldVCPhS+IwJUZcLKrDX+p6H2fIq+UgAUlkPrU=
Subject key identifier: B9:D8:77:C4:60:CD:25:78:4E:70:5F:B9:1F:87:16:26:ED:E4:B6:26
Certificate issuer: /CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Certificate serial: 01942369889E7D9A43441E912E5C6050F7A7
Authority key identifier: B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/udh3xGDNJXhOcF-5H4cWJu3ktiY.roa
Signing time: Wed 01 Jan 2025 19:48:26 +0000
ROA not before: Wed 01 Jan 2025 19:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200612
IP address blocks: 185.200.232.0/22 maxlen: 22
185.200.232.0/23 maxlen: 23
185.200.232.0/24 maxlen: 24
185.200.233.0/24 maxlen: 24
185.200.234.0/23 maxlen: 23
185.200.234.0/24 maxlen: 24
185.200.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/s8k12EMWos9WpllXttebevgRpwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/s8k12EMWos9WpllXttebevgRpwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:88:9e:7d:9a:43:44:1e:91:2e:5c:60:50:f7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Validity
Not Before: Jan 1 19:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d877c460cd25784e705fb91f871626ede4b626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0c:ee:eb:90:91:16:1f:96:cb:47:12:fe:f3:
9d:18:bd:ef:ed:5d:d6:70:ab:33:b5:f3:13:56:fa:
31:d9:fe:24:c9:ac:c6:e9:bf:ae:3b:79:05:d6:d2:
c2:ee:6e:3b:10:26:5a:a9:19:bd:99:07:6d:5e:99:
f5:62:38:fe:a8:bd:bb:c7:77:04:e3:a6:af:03:b1:
4c:c0:4c:10:86:58:d2:18:c5:97:17:63:e9:ad:58:
55:b0:2a:33:f5:01:7b:50:86:57:20:bc:e7:6b:e5:
f2:d9:42:dc:6a:79:ac:47:db:98:03:6a:59:ea:25:
72:27:12:74:1e:eb:b0:61:d7:03:12:77:fe:4f:7b:
28:a8:5e:b2:78:e2:1f:b6:6a:76:26:6f:39:be:19:
df:19:dd:d2:ae:7f:17:2a:c1:14:30:5a:20:0b:66:
67:0b:30:c3:04:b8:c3:09:64:e8:ac:61:f5:34:29:
cb:dd:76:79:13:66:fc:d9:d6:5b:51:7a:fb:8c:48:
5b:92:be:67:d5:06:52:f9:83:3d:67:7d:7c:12:07:
53:3e:33:2b:bb:e4:3e:c8:6c:ae:79:0b:21:81:9a:
78:62:77:7b:9a:0c:2d:1e:0c:5e:d9:a8:ac:d9:d5:
6f:f5:d9:b3:1b:11:15:53:89:42:d0:e7:ec:f5:ea:
77:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D8:77:C4:60:CD:25:78:4E:70:5F:B9:1F:87:16:26:ED:E4:B6:26
X509v3 Authority Key Identifier:
keyid:B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/udh3xGDNJXhOcF-5H4cWJu3ktiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/s8k12EMWos9WpllXttebevgRpwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:24:30:bf:d4:d1:3c:1a:c6:7a:92:cf:91:41:6f:94:74:06:
e6:f6:28:41:e7:2a:db:1d:65:c8:cb:cb:73:49:60:ec:a2:07:
ee:18:ff:ff:a7:4b:7f:fe:1e:c7:d3:4a:d3:eb:54:b0:ad:26:
66:e0:51:3e:61:59:23:20:51:9b:39:b8:ca:fe:58:ab:d0:91:
e5:9d:aa:b0:d3:a8:26:62:d7:80:f9:05:9a:a0:d4:89:99:8f:
24:c5:c6:f4:2b:05:a8:bb:76:32:2f:31:59:e4:69:3f:ec:76:
2e:82:a9:5e:40:ba:fb:87:02:fb:34:57:4a:84:af:bf:5b:76:
dc:3f:7e:fc:37:87:aa:32:36:7a:b7:36:65:a6:9e:9e:61:16:
bf:56:8f:84:cf:c3:83:cc:3e:c9:0c:ce:e2:93:fc:65:97:4b:
1c:ca:d8:b1:76:9c:da:33:ea:f0:73:39:81:4a:56:6b:e2:fc:
15:b0:3d:85:40:5b:e5:4b:e4:b1:bf:90:50:84:6c:bc:d1:c5:
b5:16:6e:e1:c0:d8:b1:a2:ac:2a:fd:19:3d:b7:3c:8f:ce:30:
e1:fe:6d:4b:a4:e7:4f:2c:84:7b:16:e3:13:6f:cf:2f:ad:77:
c3:74:6c:97:f3:64:eb:f7:ed:22:5b:59:0a:07:87:e1:fa:d9:
f3:6c:0f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYiefZpDRB6RLlxgUPenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzkzNWQ4NDMxNmEyY2Y1NmE2NTk1N2I2ZDc5YjdhZjgx
MWE3MDcwHhcNMjUwMTAxMTk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ4NzdjNDYwY2QyNTc4NGU3MDVmYjkxZjg3MTYyNmVkZTRiNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgzu65CRFh+Wy0cS/vOdGL3v7V3W
cKsztfMTVvox2f4kyazG6b+uO3kF1tLC7m47ECZaqRm9mQdtXpn1Yjj+qL27x3cE
46avA7FMwEwQhljSGMWXF2PprVhVsCoz9QF7UIZXILzna+Xy2ULcanmsR9uYA2pZ
6iVyJxJ0HuuwYdcDEnf+T3soqF6yeOIftmp2Jm85vhnfGd3Srn8XKsEUMFogC2Zn
CzDDBLjDCWTorGH1NCnL3XZ5E2b82dZbUXr7jEhbkr5n1QZS+YM9Z318EgdTPjMr
u+Q+yGyueQshgZp4Ynd7mgwtHgxe2ais2dVv9dmzGxEVU4lC0Ofs9ep3HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnYd8RgzSV4TnBfuR+HFibt5LYmMB8GA1UdIwQY
MBaAFLPJNdhDFqLPVqZZV7bXm3r4EacHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMt
MWNjMWE1MzhjM2NlLzEvdWRoM3hHRE5KWGhPY0YtNUg0Y1dKdTNrdGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMtMWNjMWE1MzhjM2Nl
LzEvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjoMA0G
CSqGSIb3DQEBCwUAA4IBAQBKJDC/1NE8GsZ6ks+RQW+UdAbm9ihB5yrbHWXIy8tz
SWDsogfuGP//p0t//h7H00rT61SwrSZm4FE+YVkjIFGbObjK/lir0JHlnaqw06gm
YteA+QWaoNSJmY8kxcb0KwWou3YyLzFZ5Gk/7HYugqleQLr7hwL7NFdKhK+/W3bc
P378N4eqMjZ6tzZlpp6eYRa/Vo+Ez8ODzD7JDM7ik/xll0scytixdpzaM+rwczmB
SlZr4vwVsD2FQFvlS+Sxv5BQhGy80cW1Fm7hwNixoqwq/Rk9tzyPzjDh/m1LpOdP
LIR7FuMTb88vrXfDdGyX82Tr9+0iW1kKB4fh+tnzbA+T
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:50:13 2025 by rpki-client