Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/ucuU-Uq0Xb62o4XqDQOup7WMShY.roa
File: ucuU-Uq0Xb62o4XqDQOup7WMShY.roa (raw, json)
Hash identifier: bTCTTFwhaYZdJywJ5h4MOhDury0ZGVdUw5QGOuUV0Sc=
Subject key identifier: B9:CB:94:F9:4A:B4:5D:BE:B6:A3:85:EA:0D:03:AE:A7:B5:8C:4A:16
Certificate issuer: /CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Certificate serial: 01941FFA5DB7CD972E478E1D908758F898FB
Authority key identifier: 1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/ucuU-Uq0Xb62o4XqDQOup7WMShY.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.118.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:b7:cd:97:2e:47:8e:1d:90:87:58:f8:98:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9cb94f94ab45dbeb6a385ea0d03aea7b58c4a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e6:40:c4:91:da:a7:2e:a8:73:9d:6b:96:5c:
b6:c2:93:02:8d:01:83:38:72:80:6b:57:23:f0:55:
d7:66:b2:b1:b9:12:e6:b5:e9:33:ad:73:e3:e7:aa:
2c:2f:83:3e:05:f9:04:75:ae:70:10:65:0c:b1:79:
3a:3f:6f:b6:f5:c0:5e:3b:68:dd:d4:32:c3:5d:06:
38:8d:76:00:e7:dc:eb:9e:66:46:7d:b9:27:47:e8:
02:de:43:f8:09:08:d3:1c:da:d8:99:be:10:ab:6e:
9d:57:e2:e3:dc:c9:db:53:4b:66:cb:c5:24:0d:52:
77:a7:4f:9d:3d:c8:27:9d:05:85:c6:b0:31:20:7c:
0b:e1:14:f6:e7:35:89:54:f0:7f:f4:09:37:fe:c3:
0f:89:3f:e8:eb:0a:a7:53:a2:13:67:44:70:4d:95:
4f:52:ad:a2:0f:99:7e:57:0f:66:e0:60:e1:a2:de:
f6:62:63:49:9b:67:fb:9f:e1:ca:9b:d6:42:0c:89:
f7:f6:6f:b4:2d:8a:23:2e:da:03:60:03:c5:5b:d2:
bd:d7:62:d9:e6:92:b9:03:6e:c6:43:ca:4a:01:12:
ae:29:5f:17:d7:51:d1:8d:67:f2:e8:05:cc:4c:fd:
30:c2:03:60:fb:fb:fe:d0:9f:08:81:bd:d3:de:f4:
61:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CB:94:F9:4A:B4:5D:BE:B6:A3:85:EA:0D:03:AE:A7:B5:8C:4A:16
X509v3 Authority Key Identifier:
keyid:1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/ucuU-Uq0Xb62o4XqDQOup7WMShY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.109.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:25:f4:9b:32:ab:b3:a6:2c:40:b6:d6:b2:67:7c:a1:61:cd:
99:e1:98:b4:76:f0:a7:c8:38:7c:21:01:1b:dd:a7:55:4a:b6:
55:d1:76:48:02:8a:e8:26:66:a8:40:62:fa:9e:50:c8:f3:88:
1d:e3:59:24:a3:dd:97:01:64:9a:ae:d2:33:06:47:36:e3:0b:
eb:14:68:8d:55:91:8f:a7:e5:6f:9d:60:82:32:76:25:a7:2b:
c4:e0:86:b7:ab:c6:69:50:e1:11:bc:03:c4:ac:40:b5:23:3b:
d4:6c:79:14:b1:d1:aa:e9:7b:52:85:2d:03:f3:eb:d1:66:da:
56:88:a1:59:bb:54:75:5a:12:1b:ae:6c:a6:14:24:64:04:a1:
3b:1d:6c:48:3d:2a:33:6b:fd:60:d0:15:ed:2c:d1:c6:13:f3:
f1:14:bc:aa:02:ed:de:c2:2a:0b:e3:d1:6d:3c:2b:47:39:64:
aa:48:cd:38:21:f5:31:67:72:0c:7c:02:7a:1b:a5:b2:62:df:
41:34:cc:06:87:2c:09:ed:1a:ab:0d:7b:b4:b2:73:01:70:5c:
a9:6a:a4:6b:6e:b7:17:6f:94:c2:13:e5:46:d6:14:c0:7e:2e:
cb:d8:29:96:4c:a3:32:5c:27:ea:4f:be:18:80:cc:80:b2:1b:
6b:d1:6a:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+l23zZcuR44dkIdY+Jj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDg3MWZjMmU5OTg5MmVhMTExNWEzMDIxMzhlMWQzMmE2
MjE4MmMwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWNiOTRmOTRhYjQ1ZGJlYjZhMzg1ZWEwZDAzYWVhN2I1OGM0YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuZAxJHapy6oc51rlly2wpMCjQGD
OHKAa1cj8FXXZrKxuRLmtekzrXPj56osL4M+BfkEda5wEGUMsXk6P2+29cBeO2jd
1DLDXQY4jXYA59zrnmZGfbknR+gC3kP4CQjTHNrYmb4Qq26dV+Lj3MnbU0tmy8Uk
DVJ3p0+dPcgnnQWFxrAxIHwL4RT25zWJVPB/9Ak3/sMPiT/o6wqnU6ITZ0RwTZVP
Uq2iD5l+Vw9m4GDhot72YmNJm2f7n+HKm9ZCDIn39m+0LYojLtoDYAPFW9K912LZ
5pK5A27GQ8pKARKuKV8X11HRjWfy6AXMTP0wwgNg+/v+0J8Igb3T3vRhpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnLlPlKtF2+tqOF6g0Drqe1jEoWMB8GA1UdIwQY
MBaAFB0IcfwumYkuoRFaMCE44dMqYhgsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAt
NGYzZTViMmUwYzU2LzEvdWN1VS1VcTBYYjYybzRYcURRT3VwN1dNU2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAtNGYzZTViMmUwYzU2
LzEvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXZtMA0G
CSqGSIb3DQEBCwUAA4IBAQDJJfSbMquzpixAttayZ3yhYc2Z4Zi0dvCnyDh8IQEb
3adVSrZV0XZIAoroJmaoQGL6nlDI84gd41kko92XAWSartIzBkc24wvrFGiNVZGP
p+VvnWCCMnYlpyvE4Ia3q8ZpUOERvAPErEC1IzvUbHkUsdGq6XtShS0D8+vRZtpW
iKFZu1R1WhIbrmymFCRkBKE7HWxIPSoza/1g0BXtLNHGE/PxFLyqAu3ewioL49Ft
PCtHOWSqSM04IfUxZ3IMfAJ6G6WyYt9BNMwGhywJ7RqrDXu0snMBcFypaqRrbrcX
b5TCE+VG1hTAfi7L2CmWTKMyXCfqT74YgMyAshtr0WpE
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:28:15 2025 by rpki-client