Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/AuOuUKhz7LbWM9xXAFqUFIS1KQI.roa
File: AuOuUKhz7LbWM9xXAFqUFIS1KQI.roa (raw, json)
Hash identifier: yQUlcBfkC7CQTeK1Wv3DBode7pqw+A1kJYyGEQOXp9g=
Subject key identifier: 02:E3:AE:50:A8:73:EC:B6:D6:33:DC:57:00:5A:94:14:84:B5:29:02
Certificate issuer: /CN=3cabc3dde8f16cf6d918a40f1682ca41be4d0a41
Certificate serial: 019422201457455C7AC58854F333F595A1A1
Authority key identifier: 3C:AB:C3:DD:E8:F1:6C:F6:D9:18:A4:0F:16:82:CA:41:BE:4D:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKvD3ejxbPbZGKQPFoLKQb5NCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/AuOuUKhz7LbWM9xXAFqUFIS1KQI.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12984
IP address blocks: 185.118.80.0/22 maxlen: 22
2a06:9280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/PKvD3ejxbPbZGKQPFoLKQb5NCkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/PKvD3ejxbPbZGKQPFoLKQb5NCkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/PKvD3ejxbPbZGKQPFoLKQb5NCkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:14:57:45:5c:7a:c5:88:54:f3:33:f5:95:a1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cabc3dde8f16cf6d918a40f1682ca41be4d0a41
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02e3ae50a873ecb6d633dc57005a941484b52902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7a:7e:34:27:8b:f1:0e:e8:f0:57:6f:4d:b8:
b7:60:61:c2:76:9d:e9:b1:c9:7c:9f:97:11:00:ae:
fd:78:d5:73:69:03:f0:b1:10:98:5c:db:0c:51:12:
d1:3e:f7:50:d1:4f:26:2f:c3:77:ac:af:2c:74:c6:
c2:99:5e:a0:83:e7:e1:c9:a5:81:d8:02:3a:a9:57:
93:bf:42:24:94:ae:c8:a7:ef:c6:56:a3:56:95:98:
31:43:d1:aa:5f:1a:fd:c9:d5:3b:cd:b9:52:e2:d0:
9e:9e:21:bb:18:5c:84:42:80:26:75:10:74:e1:be:
71:77:47:4d:72:61:40:6a:aa:5c:71:87:b2:1d:47:
de:dc:5a:b8:32:85:2c:85:c3:0d:1a:a5:e7:93:01:
19:a5:37:45:fd:a3:62:d4:f1:f7:37:45:e2:47:9a:
d2:dd:89:0c:53:1d:57:39:68:58:db:46:3c:0f:fa:
61:3e:c9:ae:d8:05:fa:bf:fc:2d:3b:89:b8:5b:aa:
3d:5f:c2:62:03:ec:34:85:95:e0:bc:88:0f:0e:a5:
ba:13:fe:35:f9:0a:96:d3:84:9c:35:97:80:66:a1:
6c:ed:7b:64:eb:84:4f:51:be:28:e9:18:5c:7e:c2:
26:f4:ca:23:6d:13:d8:e7:55:3f:4c:a6:02:48:c9:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E3:AE:50:A8:73:EC:B6:D6:33:DC:57:00:5A:94:14:84:B5:29:02
X509v3 Authority Key Identifier:
keyid:3C:AB:C3:DD:E8:F1:6C:F6:D9:18:A4:0F:16:82:CA:41:BE:4D:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKvD3ejxbPbZGKQPFoLKQb5NCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/AuOuUKhz7LbWM9xXAFqUFIS1KQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/PKvD3ejxbPbZGKQPFoLKQb5NCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.80.0/22
IPv6:
2a06:9280::/29
Signature Algorithm: sha256WithRSAEncryption
7c:4d:09:b0:4a:45:7a:1b:5b:90:39:d2:98:3f:32:32:fc:cc:
1c:bd:54:eb:86:ad:f3:f3:ff:57:c1:06:f5:72:23:f6:97:76:
52:3d:1f:5f:8c:02:36:8e:66:8e:59:3b:4e:0f:98:b8:ed:20:
ef:80:62:90:50:5b:e0:9e:59:7d:99:aa:e9:25:42:59:dc:c3:
4e:18:79:76:c4:31:5b:1f:45:6e:2c:d1:bc:3c:6b:75:f1:66:
36:22:93:43:e0:ff:e9:66:e4:7e:99:3d:42:56:58:c5:41:ad:
48:8c:49:c1:b6:7e:93:b7:f1:94:69:44:c8:7e:a9:82:7f:b0:
7b:a5:3e:97:69:65:e0:f3:f5:ff:33:74:2a:c3:9d:c5:7f:06:
0b:df:e9:88:31:53:03:a4:13:72:ea:fd:43:4b:fe:8c:32:e6:
96:1d:e4:a1:1c:cd:d4:0a:89:55:09:b2:31:1d:31:68:10:44:
4f:8d:e0:22:d8:29:83:cc:fd:f9:bf:b9:b8:dd:b5:ee:36:42:
e7:9f:e7:c4:e8:c0:c4:0f:42:32:88:69:b0:1b:e7:db:a8:82:
85:57:f2:32:02:c0:e7:cb:c8:99:c8:df:7c:31:09:5c:df:52:
0e:99:45:0d:51:84:bd:3c:0d:ba:dc:8d:5b:64:2e:82:5e:b9:
fc:6e:4b:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIBRXRVx6xYhU8zP1laGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYWJjM2RkZThmMTZjZjZkOTE4YTQwZjE2ODJjYTQxYmU0
ZDBhNDEwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmUzYWU1MGE4NzNlY2I2ZDYzM2RjNTcwMDVhOTQxNDg0YjUyOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3p+NCeL8Q7o8FdvTbi3YGHCdp3p
scl8n5cRAK79eNVzaQPwsRCYXNsMURLRPvdQ0U8mL8N3rK8sdMbCmV6gg+fhyaWB
2AI6qVeTv0IklK7Ip+/GVqNWlZgxQ9GqXxr9ydU7zblS4tCeniG7GFyEQoAmdRB0
4b5xd0dNcmFAaqpccYeyHUfe3Fq4MoUshcMNGqXnkwEZpTdF/aNi1PH3N0XiR5rS
3YkMUx1XOWhY20Y8D/phPsmu2AX6v/wtO4m4W6o9X8JiA+w0hZXgvIgPDqW6E/41
+QqW04ScNZeAZqFs7Xtk64RPUb4o6RhcfsIm9MojbRPY51U/TKYCSMnTWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFALjrlCoc+y21jPcVwBalBSEtSkCMB8GA1UdIwQY
MBaAFDyrw93o8Wz22RikDxaCykG+TQpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEt2RDNlanhiUGJaR0tRUEZvTEtRYjVOQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85MTA2MzMtZGU0Ni00YWUyLWExNWEt
MjljODdjOGQ4MzM1LzEvQXVPdVVLaHo3TGJXTTl4WEFGcVVGSVMxS1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85MTA2MzMtZGU0Ni00YWUyLWExNWEtMjljODdjOGQ4MzM1
LzEvUEt2RDNlanhiUGJaR0tRUEZvTEtRYjVOQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXZQMA0E
AgACMAcDBQMqBpKAMA0GCSqGSIb3DQEBCwUAA4IBAQB8TQmwSkV6G1uQOdKYPzIy
/MwcvVTrhq3z8/9XwQb1ciP2l3ZSPR9fjAI2jmaOWTtOD5i47SDvgGKQUFvgnll9
marpJUJZ3MNOGHl2xDFbH0VuLNG8PGt18WY2IpND4P/pZuR+mT1CVljFQa1IjEnB
tn6Tt/GUaUTIfqmCf7B7pT6XaWXg8/X/M3Qqw53FfwYL3+mIMVMDpBNy6v1DS/6M
MuaWHeShHM3UColVCbIxHTFoEERPjeAi2CmDzP35v7m43bXuNkLnn+fE6MDED0Iy
iGmwG+fbqIKFV/IyAsDny8iZyN98MQlc31IOmUUNUYS9PA263I1bZC6CXrn8bkvl
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:04:07 2025 by rpki-client