Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ub-f3sQpeZFIR7bmv9inv38i9hc.roa
File: ub-f3sQpeZFIR7bmv9inv38i9hc.roa (raw, json)
Hash identifier: d/wCuYvq40CEhT6+Gf00rW0og+1XZHNfdNwE4g4ibIk=
Subject key identifier: B9:BF:9F:DE:C4:29:79:91:48:47:B6:E6:BF:D8:A7:BF:7F:22:F6:17
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 01941FFA431075FCEE09A8A91693A3876EF8
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ub-f3sQpeZFIR7bmv9inv38i9hc.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6977
IP address blocks: 91.235.168.0/24 maxlen: 24
193.23.60.0/24 maxlen: 24
2001:67c:2d78::/48 maxlen: 48
2a09:8400::/29 maxlen: 48
2a0f:75c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:43:10:75:fc:ee:09:a8:a9:16:93:a3:87:6e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9bf9fdec42979914847b6e6bfd8a7bf7f22f617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:45:ae:a9:d5:78:1d:cf:04:bf:94:d7:f8:
a9:7d:65:fd:6b:e4:ab:4c:e6:cc:9e:7a:28:46:25:
53:a0:f4:c8:5e:3b:db:c0:24:f7:12:d8:c9:13:03:
8e:be:c0:be:a8:5b:b9:2d:61:fb:8d:ed:48:01:50:
87:fa:9f:26:ca:da:9d:05:2b:89:f4:e5:9f:8a:fd:
b0:f4:dc:c1:05:2c:5d:37:ea:38:e1:56:0f:fb:ba:
ad:a0:8e:59:da:57:91:58:5a:c9:fd:62:0f:12:e1:
75:e3:3e:05:ee:ed:05:9b:4f:87:0e:98:34:f2:83:
31:b2:0c:94:35:cd:15:3f:fb:51:c3:96:f0:3f:5e:
9a:2f:67:78:c4:df:6e:a6:78:63:e2:b7:c3:d2:c1:
d4:db:33:f8:97:0f:d5:42:47:e1:09:fa:b6:70:3c:
13:a6:4c:cb:8b:3d:5c:a8:ec:fa:9e:66:7a:99:44:
55:7e:1f:41:45:16:e5:19:e3:6b:bd:82:af:80:1a:
d0:d6:b9:d7:05:99:91:49:f2:33:ef:ef:5d:45:7d:
5f:4b:41:bf:04:89:24:b6:e3:ee:1c:d7:4d:cd:fd:
8f:ab:4f:da:80:34:bd:b9:e9:9c:58:4f:78:68:33:
a3:6f:ae:2b:74:86:fb:41:ce:8b:d6:c0:de:98:57:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BF:9F:DE:C4:29:79:91:48:47:B6:E6:BF:D8:A7:BF:7F:22:F6:17
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/ub-f3sQpeZFIR7bmv9inv38i9hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
193.23.60.0/24
IPv6:
2001:67c:2d78::/48
2a09:8400::/29
2a0f:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:3b:6b:8c:4f:50:68:cd:15:30:45:54:3d:90:ad:d2:a9:e0:
e1:f6:04:90:6a:07:f7:f2:35:95:dd:c0:ac:39:94:d4:9c:bc:
21:d1:a7:b4:c8:a9:17:54:48:69:b6:84:ce:09:7b:2c:b4:04:
a6:2d:d9:7e:d1:11:eb:0c:cb:45:e9:82:43:0b:6f:7d:93:77:
50:2d:1f:37:bc:eb:ac:38:b9:76:7c:12:7a:70:9c:76:f4:06:
19:29:fe:73:0d:91:74:23:17:4c:20:d1:a8:bf:24:30:75:c1:
1f:71:0c:1c:64:7d:7c:3f:01:c3:86:5b:52:b3:09:ef:cd:82:
01:85:31:12:cc:18:46:9d:fe:95:dd:95:7a:4f:88:2e:5e:a8:
fb:19:dd:c2:fa:ec:e0:63:0a:03:69:8d:42:72:6c:08:a2:03:
e6:62:7e:c5:ad:87:81:3e:02:72:b7:46:39:3c:ce:8c:16:dc:
5a:ee:f8:20:28:f0:83:08:4d:d4:ee:0f:e8:90:df:59:b9:08:
59:06:90:f6:32:7a:d4:80:04:77:ea:3e:4e:7e:29:4c:95:7b:
47:ad:dc:fd:68:f8:8c:a0:0c:99:16:87:15:cd:45:37:f0:ca:
e9:c5:48:65:af:25:57:aa:5c:ec:e5:d3:24:a7:9b:bd:da:65:
00:5e:49:38
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQf+kMQdfzuCaipFpOjh274MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJmOWZkZWM0Mjk3OTkxNDg0N2I2ZTZiZmQ4YTdiZjdmMjJmNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsONFrqnVeB3PBL+U1/ipfWX9a+Sr
TObMnnooRiVToPTIXjvbwCT3EtjJEwOOvsC+qFu5LWH7je1IAVCH+p8mytqdBSuJ
9OWfiv2w9NzBBSxdN+o44VYP+7qtoI5Z2leRWFrJ/WIPEuF14z4F7u0Fm0+HDpg0
8oMxsgyUNc0VP/tRw5bwP16aL2d4xN9upnhj4rfD0sHU2zP4lw/VQkfhCfq2cDwT
pkzLiz1cqOz6nmZ6mURVfh9BRRblGeNrvYKvgBrQ1rnXBZmRSfIz7+9dRX1fS0G/
BIkktuPuHNdNzf2Pq0/agDS9uemcWE94aDOjb64rdIb7Qc6L1sDemFcO+QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFLm/n97EKXmRSEe25r/Yp79/IvYXMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvdWItZjNzUXBlWkZJUjdibXY5aW52MzhpOWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQAW+uoAwQA
wRc8MB0EAgACMBcDBwAgAQZ8LXgDBQMqCYQAAwUDKg91wDANBgkqhkiG9w0BAQsF
AAOCAQEAfDtrjE9QaM0VMEVUPZCt0qng4fYEkGoH9/I1ld3ArDmU1Jy8IdGntMip
F1RIabaEzgl7LLQEpi3ZftER6wzLRemCQwtvfZN3UC0fN7zrrDi5dnwSenCcdvQG
GSn+cw2RdCMXTCDRqL8kMHXBH3EMHGR9fD8Bw4ZbUrMJ782CAYUxEswYRp3+ld2V
ek+ILl6o+xndwvrs4GMKA2mNQnJsCKID5mJ+xa2HgT4CcrdGOTzOjBbcWu74ICjw
gwhN1O4P6JDfWbkIWQaQ9jJ61IAEd+o+Tn4pTJV7R63c/Wj4jKAMmRaHFc1FN/DK
6cVIZa8lV6pc7OXTJKebvdplAF5JOA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:29:02 2025 by rpki-client