Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/UimCrRoW77_TuE98ROM6a4r3M7k.roa
File: UimCrRoW77_TuE98ROM6a4r3M7k.roa (raw, json)
Hash identifier: 5uqrCJNuVVErs9qDZ0SX3YHeKjIrW7sTvt0m5uxJW80=
Subject key identifier: 52:29:82:AD:1A:16:EF:BF:D3:B8:4F:7C:44:E3:3A:6B:8A:F7:33:B9
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 019421B1B5F8B27FCA734CA08CB3C4420C6A
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/UimCrRoW77_TuE98ROM6a4r3M7k.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206762
IP address blocks: 188.241.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 08:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b5:f8:b2:7f:ca:73:4c:a0:8c:b3:c4:42:0c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=522982ad1a16efbfd3b84f7c44e33a6b8af733b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:71:aa:79:8c:e4:78:e6:f7:e0:13:e3:97:24:
3a:ac:f2:ba:4d:27:a2:7e:bd:b4:85:b5:7f:b9:69:
41:c7:a2:20:5a:2b:6e:5a:b3:a1:77:ed:ce:8d:ef:
93:3c:36:ea:80:69:64:a2:3e:80:8c:51:2f:bd:96:
5e:c0:e6:05:6f:6c:13:c1:0a:23:15:bf:50:54:a5:
54:8a:b1:05:bc:8c:fc:4a:8b:03:94:ec:a3:b4:24:
9e:02:a4:be:9d:d0:00:cc:52:2f:bb:55:f0:c2:33:
cc:5c:b6:9b:4f:58:4b:23:3e:96:85:1c:42:0b:e4:
19:63:19:8d:3b:e9:23:9c:32:b0:51:80:e3:47:0b:
e8:53:e5:78:57:77:9d:f3:d3:34:fc:92:52:f2:1a:
40:6a:37:16:2a:12:94:17:ff:2c:7c:60:d3:20:67:
6e:9f:b7:96:65:ad:bd:b5:b5:59:e2:9a:12:f1:2f:
91:41:79:f6:d7:b2:62:7c:0a:01:64:b3:ad:1c:e5:
5e:24:38:1d:cf:10:53:f8:74:5d:39:68:3a:ad:2c:
c1:9c:18:97:91:56:6a:22:bc:12:4b:c2:50:c7:ef:
74:cc:46:48:24:ab:57:c8:dc:b3:d0:8c:14:6a:a3:
0d:92:af:63:54:73:3d:2b:52:b2:59:db:2f:ee:e8:
96:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:29:82:AD:1A:16:EF:BF:D3:B8:4F:7C:44:E3:3A:6B:8A:F7:33:B9
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/UimCrRoW77_TuE98ROM6a4r3M7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.29.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ae:e4:df:42:a9:9b:ef:52:13:54:e0:2c:8b:c4:d2:ce:4d:
fc:41:f7:ae:5b:d1:9d:92:a7:55:b5:2a:89:7c:34:74:84:72:
09:8e:96:43:aa:78:f9:92:30:e0:01:d3:8a:e3:33:7e:f5:33:
3c:58:85:f1:88:dc:29:41:09:a9:58:be:09:94:5f:b1:59:5f:
78:c7:a1:fb:e9:67:56:50:bb:db:ce:17:4d:01:61:4d:89:13:
7b:44:3c:98:2f:d6:8a:ab:3e:f8:96:8b:b8:79:fa:88:ce:86:
9f:51:e0:87:2e:26:cd:ee:c5:04:3b:30:96:59:6c:cd:30:a1:
89:19:8d:83:c4:42:21:d6:d9:85:ad:28:f2:33:f6:75:57:c7:
55:6c:eb:2e:b9:a3:3c:47:8f:88:36:d4:05:e4:75:19:48:3d:
4d:ef:22:fe:f3:18:2e:ca:7d:2c:0a:e3:2c:6d:3c:4b:e3:68:
d7:de:c5:09:56:23:ae:8b:cc:12:a7:6f:3b:92:b9:d9:1e:91:
1b:96:39:78:03:49:1b:46:29:31:5d:1c:04:41:2f:a0:c3:f7:
db:78:43:da:e1:89:74:47:dd:ee:e2:9f:f9:1b:84:8c:22:3e:
97:0c:35:6b:99:8a:2e:d2:18:bb:0a:39:98:1e:ca:8e:5c:12:
d6:87:e1:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbX4sn/Kc0ygjLPEQgxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI5ODJhZDFhMTZlZmJmZDNiODRmN2M0NGUzM2E2YjhhZjczM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXGqeYzkeOb34BPjlyQ6rPK6TSei
fr20hbV/uWlBx6IgWituWrOhd+3Oje+TPDbqgGlkoj6AjFEvvZZewOYFb2wTwQoj
Fb9QVKVUirEFvIz8SosDlOyjtCSeAqS+ndAAzFIvu1XwwjPMXLabT1hLIz6WhRxC
C+QZYxmNO+kjnDKwUYDjRwvoU+V4V3ed89M0/JJS8hpAajcWKhKUF/8sfGDTIGdu
n7eWZa29tbVZ4poS8S+RQXn217JifAoBZLOtHOVeJDgdzxBT+HRdOWg6rSzBnBiX
kVZqIrwSS8JQx+90zEZIJKtXyNyz0IwUaqMNkq9jVHM9K1KyWdsv7uiWXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIpgq0aFu+/07hPfETjOmuK9zO5MB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvVWltQ3JSb1c3N19UdUU5OFJPTTZhNHIzTTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPEdMA0G
CSqGSIb3DQEBCwUAA4IBAQBUruTfQqmb71ITVOAsi8TSzk38QfeuW9GdkqdVtSqJ
fDR0hHIJjpZDqnj5kjDgAdOK4zN+9TM8WIXxiNwpQQmpWL4JlF+xWV94x6H76WdW
ULvbzhdNAWFNiRN7RDyYL9aKqz74lou4efqIzoafUeCHLibN7sUEOzCWWWzNMKGJ
GY2DxEIh1tmFrSjyM/Z1V8dVbOsuuaM8R4+INtQF5HUZSD1N7yL+8xguyn0sCuMs
bTxL42jX3sUJViOui8wSp287krnZHpEbljl4A0kbRikxXRwEQS+gw/fbeEPa4Yl0
R93u4p/5G4SMIj6XDDVrmYou0hi7CjmYHsqOXBLWh+Hh
-----END CERTIFICATE-----
Generated at Thu Mar 13 10:48:31 2025 by rpki-client