Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/uFTtcjsPGnkaZVI5W5A8IkTF394.roa
File: uFTtcjsPGnkaZVI5W5A8IkTF394.roa (raw, json)
Hash identifier: SZYFDFQluX6/of0g5ijROkb7a9Qa6zQP//c286jjxKM=
Subject key identifier: B8:54:ED:72:3B:0F:1A:79:1A:65:52:39:5B:90:3C:22:44:C5:DF:DE
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 019423D71A97B1945B70114E39AE59994321
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/uFTtcjsPGnkaZVI5W5A8IkTF394.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22239
IP address blocks: 31.186.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1a:97:b1:94:5b:70:11:4e:39:ae:59:99:43:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b854ed723b0f1a791a6552395b903c2244c5dfde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:a3:e1:1d:62:44:b7:ee:a9:df:c4:58:69:
76:5a:02:d9:6c:2d:a1:e2:c5:7d:1f:e7:21:a5:fe:
b8:fd:3b:9d:02:aa:20:2c:5f:53:7d:71:2e:d0:08:
6a:50:03:2d:82:d4:d6:16:ed:19:ca:17:a3:4e:ca:
e8:73:71:a2:04:64:9c:2a:1a:fe:40:f3:43:e1:58:
48:41:15:18:40:cf:9c:6e:7e:6e:55:23:49:04:b1:
0e:70:7f:44:a0:bb:c9:e2:4f:f5:1a:fb:58:de:cb:
1a:ac:bb:ca:18:6b:02:32:c0:97:62:03:6a:70:27:
8a:eb:00:44:1a:e6:b7:bc:0b:e5:23:2d:7a:aa:db:
f8:6f:0a:b9:61:91:c0:74:41:2f:06:1f:5b:46:7d:
7a:b9:04:a7:62:dc:ac:2f:2e:2f:47:67:d1:39:05:
26:59:24:1e:9e:01:c1:e2:6d:ef:f9:8d:cd:0f:07:
99:0d:b8:47:1c:31:85:37:c6:13:b9:12:fa:42:96:
41:12:59:ac:1b:32:89:e2:c7:2c:50:dc:ab:03:2f:
ec:ac:dc:96:bb:a8:77:84:e0:8a:bd:83:4e:ff:87:
d7:2b:63:2a:06:68:93:11:a2:a9:89:8e:46:3c:1f:
e2:51:99:57:95:bd:58:0d:6c:ee:00:cf:1d:08:3f:
f9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:54:ED:72:3B:0F:1A:79:1A:65:52:39:5B:90:3C:22:44:C5:DF:DE
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/uFTtcjsPGnkaZVI5W5A8IkTF394.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ed:79:3f:4a:86:93:d6:ed:9a:d4:74:24:e1:0f:df:8c:69:
af:c1:7c:73:53:50:a7:9e:58:ff:8a:cf:68:28:b6:87:ad:92:
a1:90:c4:22:68:b0:b5:86:99:ea:c8:91:8a:f0:de:d7:67:a1:
a2:9e:2c:3e:8e:bb:f2:48:d8:b3:b8:ac:ae:af:db:a6:3a:52:
31:4a:f1:cf:52:c4:fc:7f:29:c2:5b:6e:b2:b4:cb:10:a6:d9:
9f:d0:fd:31:ca:fa:1e:07:ad:5f:53:f0:c7:35:63:7f:94:29:
3d:ea:30:c8:ca:c4:9f:3d:2e:6a:d0:fc:eb:a8:a4:2c:dc:ab:
9b:04:b9:4c:42:e6:99:89:02:6c:5f:f0:87:48:6d:0c:3e:38:
cc:35:7b:de:8b:9a:6f:f2:4d:15:40:74:ff:62:fa:49:32:c2:
aa:74:66:b1:58:06:72:18:4e:7a:ea:eb:54:9e:dc:ff:4d:ab:
10:fd:f3:8c:ac:58:82:ed:36:5e:d9:6d:44:5b:a1:02:f3:94:
35:b6:b2:3f:6e:0e:a6:c9:ad:de:b1:8b:27:da:72:5f:ad:6b:
2f:fb:0f:fc:cf:9b:98:f6:35:9d:76:50:85:ce:ae:09:8d:9a:
a8:45:bf:1d:68:13:8e:2a:fc:31:0a:04:00:58:60:04:0d:22:
b2:0c:d4:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xqXsZRbcBFOOa5ZmUMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU0ZWQ3MjNiMGYxYTc5MWE2NTUyMzk1YjkwM2MyMjQ0YzVkZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKKj4R1iRLfuqd/EWGl2WgLZbC2h
4sV9H+chpf64/TudAqogLF9TfXEu0AhqUAMtgtTWFu0ZyhejTsroc3GiBGScKhr+
QPND4VhIQRUYQM+cbn5uVSNJBLEOcH9EoLvJ4k/1GvtY3ssarLvKGGsCMsCXYgNq
cCeK6wBEGua3vAvlIy16qtv4bwq5YZHAdEEvBh9bRn16uQSnYtysLy4vR2fROQUm
WSQengHB4m3v+Y3NDweZDbhHHDGFN8YTuRL6QpZBElmsGzKJ4scsUNyrAy/srNyW
u6h3hOCKvYNO/4fXK2MqBmiTEaKpiY5GPB/iUZlXlb1YDWzuAM8dCD/5XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhU7XI7Dxp5GmVSOVuQPCJExd/eMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvdUZUdGNqc1BHbmthWlZJNVc1QThJa1RGMzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH7r5MA0G
CSqGSIb3DQEBCwUAA4IBAQBc7Xk/SoaT1u2a1HQk4Q/fjGmvwXxzU1Cnnlj/is9o
KLaHrZKhkMQiaLC1hpnqyJGK8N7XZ6Giniw+jrvySNizuKyur9umOlIxSvHPUsT8
fynCW26ytMsQptmf0P0xyvoeB61fU/DHNWN/lCk96jDIysSfPS5q0PzrqKQs3Kub
BLlMQuaZiQJsX/CHSG0MPjjMNXvei5pv8k0VQHT/YvpJMsKqdGaxWAZyGE566utU
ntz/TasQ/fOMrFiC7TZe2W1EW6EC85Q1trI/bg6mya3esYsn2nJfrWsv+w/8z5uY
9jWddlCFzq4JjZqoRb8daBOOKvwxCgQAWGAEDSKyDNRP
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:38:18 2025 by rpki-client