Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/uIQg-k4QoyqXWfTy_MZ6BVQABQM.roa
File: uIQg-k4QoyqXWfTy_MZ6BVQABQM.roa (raw, json)
Hash identifier: Cx2jyvv/VKruIg91hf3AtutnP6nMOk9qU6tmjgX9EqQ=
Subject key identifier: B8:84:20:FA:4E:10:A3:2A:97:59:F4:F2:FC:C6:7A:05:54:00:05:03
Certificate issuer: /CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Certificate serial: 0194228E401CED9FBE4A1E52B1BCE315B597
Authority key identifier: AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/uIQg-k4QoyqXWfTy_MZ6BVQABQM.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48288
IP address blocks: 87.104.128.0/18 maxlen: 18
87.104.240.0/20 maxlen: 20
185.161.77.0/24 maxlen: 24
2a00:8200::/32 maxlen: 32
2a12:3d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:40:1c:ed:9f:be:4a:1e:52:b1:bc:e3:15:b5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b88420fa4e10a32a9759f4f2fcc67a0554000503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1e:96:fb:58:48:93:27:d8:23:c7:47:85:fc:
4e:16:e0:09:5a:39:91:72:f7:59:99:5d:25:97:d0:
a5:cf:d4:3e:65:4a:89:33:1f:d7:51:fb:2e:16:b7:
2f:9e:ed:09:52:9d:46:47:a9:69:d5:48:d0:81:06:
b7:f6:f5:b9:9e:8c:4b:2a:2c:cc:5b:fe:81:2b:54:
75:0f:4c:c2:9f:05:c1:06:5e:88:ae:eb:0d:cf:9a:
9b:a7:2d:31:11:9d:47:21:0b:30:7c:3c:00:1c:df:
a1:3f:37:b0:f4:f7:b2:2a:f6:eb:ea:da:53:fa:b4:
16:0b:b6:a3:95:ea:3a:38:11:15:40:ba:19:72:7d:
30:f1:bd:54:61:8a:40:38:e2:92:b2:f6:74:d1:4e:
9e:11:30:d5:9d:cd:a3:82:9d:37:3c:76:6b:52:16:
bd:05:ca:2a:34:df:3d:e7:0e:f9:f4:6b:50:46:97:
c3:5e:c1:3c:99:93:f9:a8:7b:91:b1:59:d9:5d:dc:
2f:50:62:c2:c3:03:72:1d:12:23:99:ad:48:67:0d:
dd:66:43:1e:f8:44:ed:d3:1a:10:97:a9:41:e4:d5:
fe:4e:2f:d0:12:c2:86:ef:48:3a:60:7b:89:ae:33:
71:b8:ec:e4:93:85:64:3b:73:29:9c:76:e0:64:c5:
9e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:84:20:FA:4E:10:A3:2A:97:59:F4:F2:FC:C6:7A:05:54:00:05:03
X509v3 Authority Key Identifier:
keyid:AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/uIQg-k4QoyqXWfTy_MZ6BVQABQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.104.128.0/18
87.104.240.0/20
185.161.77.0/24
IPv6:
2a00:8200::/32
2a12:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
45:da:c5:1b:fa:31:4a:04:87:69:ec:7b:46:6e:f9:13:42:ce:
45:de:cd:e6:0e:bb:d9:69:a0:44:eb:f7:6e:f9:28:d7:16:26:
57:b3:e3:ed:8f:0c:7e:45:f3:77:eb:ee:62:8c:f5:13:ca:2c:
85:9a:de:8b:52:4c:5a:9b:58:12:e8:5b:bd:d2:af:d6:08:51:
2d:56:e6:26:65:da:a9:cf:1f:49:50:2d:0b:54:03:97:65:e3:
30:35:07:53:42:77:a4:c2:1b:09:7f:86:b9:1f:cf:d4:dc:62:
3f:25:78:af:de:5e:c5:e4:e8:a7:85:4a:ac:3c:41:88:b0:1e:
72:1e:8c:64:52:2f:33:95:2a:8c:bb:f4:47:4d:8f:06:13:6d:
13:7a:28:05:65:e9:ac:67:dc:6b:d4:be:c1:82:92:ca:65:20:
c9:f4:06:d2:22:eb:69:62:64:14:cf:1c:ff:b8:81:2d:2a:e8:
2b:7d:a0:65:f1:bf:57:15:b6:e8:2f:c7:5f:5b:ec:fb:8b:a8:
64:85:b1:fb:6c:8b:75:c9:f9:c3:4b:8e:3a:bd:74:94:d1:eb:
00:af:c9:ea:f2:a2:12:58:b5:ca:39:a7:01:41:00:5d:f4:36:
e5:50:ba:14:4f:0c:52:42:4b:9b:e5:e5:cf:78:8f:0d:03:15:
a3:7d:f3:5a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQijkAc7Z++Sh5SsbzjFbWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTdlYjk2NzQzOGZmYzRlYjY2NjMzZGQ4YzAzNTAxODkz
NjY3ZjcwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg0MjBmYTRlMTBhMzJhOTc1OWY0ZjJmY2M2N2EwNTU0MDAwNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh6W+1hIkyfYI8dHhfxOFuAJWjmR
cvdZmV0ll9Clz9Q+ZUqJMx/XUfsuFrcvnu0JUp1GR6lp1UjQgQa39vW5noxLKizM
W/6BK1R1D0zCnwXBBl6IrusNz5qbpy0xEZ1HIQswfDwAHN+hPzew9PeyKvbr6tpT
+rQWC7ajleo6OBEVQLoZcn0w8b1UYYpAOOKSsvZ00U6eETDVnc2jgp03PHZrUha9
BcoqNN895w759GtQRpfDXsE8mZP5qHuRsVnZXdwvUGLCwwNyHRIjma1IZw3dZkMe
+ETt0xoQl6lB5NX+Ti/QEsKG70g6YHuJrjNxuOzkk4VkO3MpnHbgZMWehwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLiEIPpOEKMql1n08vzGegVUAAUDMB8GA1UdIwQY
MBaAFKyX65Z0OP/E62ZjPdjANQGJNmf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEt
Y2YxOTk3YzAyNTBkLzEvdUlRZy1rNFFveXFYV2ZUeV9NWjZCVlFBQlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEtY2YxOTk3YzAyNTBk
LzEvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQGV2iAAwQE
V2jwAwQAuaFNMBQEAgACMA4DBQAqAIIAAwUDKhI9gDANBgkqhkiG9w0BAQsFAAOC
AQEARdrFG/oxSgSHaex7Rm75E0LORd7N5g672WmgROv3bvko1xYmV7Pj7Y8MfkXz
d+vuYoz1E8oshZrei1JMWptYEuhbvdKv1ghRLVbmJmXaqc8fSVAtC1QDl2XjMDUH
U0J3pMIbCX+GuR/P1NxiPyV4r95exeTop4VKrDxBiLAech6MZFIvM5UqjLv0R02P
BhNtE3ooBWXprGfca9S+wYKSymUgyfQG0iLraWJkFM8c/7iBLSroK32gZfG/VxW2
6C/HX1vs+4uoZIWx+2yLdcn5w0uOOr10lNHrAK/J6vKiEli1yjmnAUEAXfQ25VC6
FE8MUkJLm+Xlz3iPDQMVo33zWg==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:30:31 2025 by rpki-client