Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/UtyjBV0EsNwGMX6YP0NptzzeFf4.roa
File: UtyjBV0EsNwGMX6YP0NptzzeFf4.roa (raw, json)
Hash identifier: dA0RBDw7aGVYNwlm/IJ4BCmDJNOn72e0aCAEZ6RnVIc=
Subject key identifier: 52:DC:A3:05:5D:04:B0:DC:06:31:7E:98:3F:43:69:B7:3C:DE:15:FE
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 0194206806FFBE237C1E01BFFC76CD5F10A5
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/UtyjBV0EsNwGMX6YP0NptzzeFf4.roa
Signing time: Wed 01 Jan 2025 05:47:55 +0000
ROA not before: Wed 01 Jan 2025 05:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141760
IP address blocks: 141.113.128.0/21 maxlen: 21
141.113.136.0/21 maxlen: 21
141.113.192.0/21 maxlen: 21
2a03:9e43::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:06:ff:be:23:7c:1e:01:bf:fc:76:cd:5f:10:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 1 05:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52dca3055d04b0dc06317e983f4369b73cde15fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:59:8c:1f:60:74:f1:a6:df:ef:fb:c9:6e:d8:
3d:49:ea:db:e8:e0:2a:b2:57:86:22:90:07:ce:1a:
d3:d1:d5:54:31:4f:24:17:dd:93:fc:dd:0c:78:7a:
23:d4:37:24:a8:d0:d7:01:1b:8c:e8:6b:90:45:1c:
27:ed:13:a4:99:01:07:27:f8:12:5d:f9:f8:f3:f1:
34:2a:75:5d:30:29:fa:c0:4d:d4:4f:c9:4e:66:5c:
b9:88:ac:07:af:a8:a2:e8:e7:45:46:5c:4d:a8:e2:
1f:6d:2a:6a:1b:3b:1a:1b:b4:6e:40:02:6b:2f:ac:
7e:b2:e8:20:f7:cb:de:d1:6d:2f:d8:bf:83:11:20:
3e:56:a8:c0:7a:41:25:44:e3:d8:59:6f:2a:71:fb:
f3:b4:64:c6:4d:2e:28:f3:15:cd:f2:d2:8f:ec:0f:
a7:25:5b:47:7a:67:8f:d1:8b:90:d6:43:bd:17:71:
38:4c:f8:ba:86:9e:fb:3b:4c:b6:22:bb:f2:43:fd:
23:90:09:80:4f:43:5f:eb:f7:1f:8a:a4:7c:0d:ed:
33:38:30:ae:60:11:05:61:26:0c:fb:a0:7a:41:c1:
39:d6:bb:95:65:87:f8:3f:e9:9a:e0:24:23:3c:e0:
75:82:77:b2:a0:1f:ed:de:4a:6f:87:64:3d:18:26:
b1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DC:A3:05:5D:04:B0:DC:06:31:7E:98:3F:43:69:B7:3C:DE:15:FE
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/UtyjBV0EsNwGMX6YP0NptzzeFf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.113.128.0/20
141.113.192.0/21
IPv6:
2a03:9e43::/32
Signature Algorithm: sha256WithRSAEncryption
8a:9f:0c:75:2c:40:61:34:de:00:da:aa:be:f8:75:54:4a:7e:
c3:e1:a4:1f:09:ab:30:f3:a9:d6:de:25:1f:9e:ea:88:8b:b7:
2b:aa:cc:f7:66:0b:c8:e1:8b:02:0a:9c:89:e0:b9:ff:14:08:
d6:93:b5:57:5d:9e:68:1e:63:35:8e:ae:82:ea:74:97:e9:98:
d8:5f:42:ca:c7:0d:4e:3b:d4:72:da:c7:9a:59:fc:2b:d7:2c:
67:3e:8e:8f:1e:d1:8b:f1:b7:14:93:fb:fd:7e:ec:31:95:ba:
11:46:12:b3:b8:af:ab:ce:9b:de:62:58:7c:93:b8:05:af:9e:
77:88:62:4e:82:ef:ae:ae:dd:7f:44:f4:41:83:63:cc:47:2e:
fb:ca:87:b0:cc:5f:26:10:f6:a6:55:1a:04:bb:d9:53:65:c2:
43:7e:cc:4e:30:83:c7:37:07:5e:51:cd:32:42:57:ec:83:5d:
0d:d7:c8:31:83:e2:55:08:4d:92:5c:3b:86:cb:1b:78:ef:c6:
b1:8e:78:b5:5a:39:5c:01:97:3e:d9:20:05:61:7d:4a:51:57:
3f:e7:d5:48:5f:3e:ae:f5:52:a5:85:8a:d8:18:75:f3:bc:bc:
2e:56:90:5d:9f:6f:7e:c7:fd:ed:1b:d6:87:24:7c:a0:4b:15:
bc:4e:da:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaAb/viN8HgG//HbNXxClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjUwMTAxMDU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRjYTMwNTVkMDRiMGRjMDYzMTdlOTgzZjQzNjliNzNjZGUxNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VmMH2B08abf7/vJbtg9Serb6OAq
sleGIpAHzhrT0dVUMU8kF92T/N0MeHoj1DckqNDXARuM6GuQRRwn7ROkmQEHJ/gS
Xfn48/E0KnVdMCn6wE3UT8lOZly5iKwHr6ii6OdFRlxNqOIfbSpqGzsaG7RuQAJr
L6x+sugg98ve0W0v2L+DESA+VqjAekElROPYWW8qcfvztGTGTS4o8xXN8tKP7A+n
JVtHemeP0YuQ1kO9F3E4TPi6hp77O0y2IrvyQ/0jkAmAT0Nf6/cfiqR8De0zODCu
YBEFYSYM+6B6QcE51ruVZYf4P+ma4CQjPOB1gneyoB/t3kpvh2Q9GCaxWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFLcowVdBLDcBjF+mD9Dabc83hX+MB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvVXR5akJWMEVzTndHTVg2WVAwTnB0enplRmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEjXGAAwQD
jXHAMA0EAgACMAcDBQAqA55DMA0GCSqGSIb3DQEBCwUAA4IBAQCKnwx1LEBhNN4A
2qq++HVUSn7D4aQfCasw86nW3iUfnuqIi7crqsz3ZgvI4YsCCpyJ4Ln/FAjWk7VX
XZ5oHmM1jq6C6nSX6ZjYX0LKxw1OO9Ry2seaWfwr1yxnPo6PHtGL8bcUk/v9fuwx
lboRRhKzuK+rzpveYlh8k7gFr553iGJOgu+urt1/RPRBg2PMRy77yoewzF8mEPam
VRoEu9lTZcJDfsxOMIPHNwdeUc0yQlfsg10N18gxg+JVCE2SXDuGyxt478axjni1
WjlcAZc+2SAFYX1KUVc/59VIXz6u9VKlhYrYGHXzvLwuVpBdn29+x/3tG9aHJHyg
SxW8Ttry
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:44:15 2025 by rpki-client