Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/uDHvC1gbyPvElxXjra020zUF1aA.roa
File: uDHvC1gbyPvElxXjra020zUF1aA.roa (raw, json)
Hash identifier: mBB8emc2SwM/UbFsOUYaesRR+Jarxo+v9XMNLGqzCeQ=
Subject key identifier: B8:31:EF:0B:58:1B:C8:FB:C4:97:15:E3:AD:AD:36:D3:35:05:D5:A0
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E230CA7161F8C02761994913F686
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/uDHvC1gbyPvElxXjra020zUF1aA.roa
Signing time: Thu 02 Jan 2025 01:48:10 +0000
ROA not before: Thu 02 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 89.191.120.0/22 maxlen: 22
91.123.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e2:30:ca:71:61:f8:c0:27:61:99:49:13:f6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b831ef0b581bc8fbc49715e3adad36d33505d5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:00:e8:3e:11:a2:3b:9f:08:5a:3a:34:f2:
84:be:b5:9d:71:71:24:41:47:8e:76:97:72:bf:59:
d2:70:53:ef:13:0e:43:6d:a8:e0:52:70:cd:57:c3:
b0:1d:5a:84:7e:58:e7:d9:53:91:24:58:df:45:51:
a1:6f:00:e7:ae:e5:b0:d5:ab:97:ae:21:11:8b:a7:
7d:37:65:cd:51:6e:9a:0a:33:57:bd:13:c4:92:f4:
08:38:62:b9:c3:d5:96:cb:99:8b:3f:cb:31:6a:a4:
fc:37:04:56:19:49:73:c7:91:f4:70:67:10:bc:f2:
c8:16:ec:25:b1:ae:73:38:78:73:cf:aa:cf:0f:da:
ec:db:e0:67:59:8f:28:cd:84:0e:cf:79:e3:17:43:
45:29:f9:88:18:c3:1f:7f:36:9e:75:0b:b8:27:30:
43:25:3d:04:55:a9:7a:af:78:2f:00:a2:ca:e8:92:
f8:da:e1:ab:ed:16:ca:31:58:64:2a:e0:aa:61:bd:
5c:bf:74:8a:24:d6:d2:ba:01:ca:65:7f:78:bc:a2:
25:24:7a:4f:c7:48:28:25:c9:13:c6:29:3b:88:2c:
27:21:78:c7:ff:e4:cb:70:d3:39:e6:c2:50:12:fc:
44:a2:99:44:e1:76:d5:60:7f:9b:d2:10:71:a2:91:
84:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:31:EF:0B:58:1B:C8:FB:C4:97:15:E3:AD:AD:36:D3:35:05:D5:A0
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/uDHvC1gbyPvElxXjra020zUF1aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.120.0/22
91.123.64.0/20
Signature Algorithm: sha256WithRSAEncryption
19:61:06:ef:53:ca:d1:5a:91:d9:1b:c4:19:db:53:96:5c:8e:
cf:8f:25:40:ff:6e:90:2f:80:d6:f7:a2:71:ba:c9:58:e9:77:
07:22:f6:c6:4c:9f:5e:ee:85:53:16:50:f2:11:e6:8e:d1:ba:
a0:71:f1:1d:41:25:85:12:e4:0d:73:78:39:35:5f:92:22:ba:
79:03:1f:b4:49:46:18:0b:7e:a9:dd:91:0a:11:78:ee:b1:0a:
d5:85:b5:26:33:25:cd:da:56:11:34:5c:99:1a:47:f1:78:72:
e9:05:01:8d:76:33:01:28:f8:ba:83:56:af:9f:01:5b:4f:38:
8a:c9:a8:d6:d4:d7:b9:e6:e2:6b:98:05:60:3a:30:e1:65:6d:
44:0f:61:08:48:84:a4:40:21:86:f8:c8:f8:e2:80:75:9d:e3:
0a:96:cd:28:11:c2:eb:14:2d:13:9f:21:50:f5:e1:68:b4:29:
30:79:4d:08:8c:44:39:f5:33:a2:30:db:4a:e7:f8:29:f3:42:
7d:8c:d7:42:05:65:db:8f:66:7d:62:4f:13:c7:14:cc:aa:b1:
2b:da:6b:2b:c9:ef:15:dc:cd:3c:2b:23:b9:b3:18:2e:8d:d1:
52:ba:0b:2c:59:4b:c4:f0:9a:ba:cb:c5:46:50:06:a5:b5:ec:
09:11:fe:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksuIwynFh+MAnYZlJE/aGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMxZWYwYjU4MWJjOGZiYzQ5NzE1ZTNhZGFkMzZkMzM1MDVkNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxsA6D4RojufCFo6NPKEvrWdcXEk
QUeOdpdyv1nScFPvEw5DbajgUnDNV8OwHVqEfljn2VORJFjfRVGhbwDnruWw1auX
riERi6d9N2XNUW6aCjNXvRPEkvQIOGK5w9WWy5mLP8sxaqT8NwRWGUlzx5H0cGcQ
vPLIFuwlsa5zOHhzz6rPD9rs2+BnWY8ozYQOz3njF0NFKfmIGMMffzaedQu4JzBD
JT0EVal6r3gvAKLK6JL42uGr7RbKMVhkKuCqYb1cv3SKJNbSugHKZX94vKIlJHpP
x0goJckTxik7iCwnIXjH/+TLcNM55sJQEvxEoplE4XbVYH+b0hBxopGEiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLgx7wtYG8j7xJcV462tNtM1BdWgMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdURIdkMxZ2J5UHZFbHhYanJhMDIwelVGMWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWb94AwQE
W3tAMA0GCSqGSIb3DQEBCwUAA4IBAQAZYQbvU8rRWpHZG8QZ21OWXI7PjyVA/26Q
L4DW96JxuslY6XcHIvbGTJ9e7oVTFlDyEeaO0bqgcfEdQSWFEuQNc3g5NV+SIrp5
Ax+0SUYYC36p3ZEKEXjusQrVhbUmMyXN2lYRNFyZGkfxeHLpBQGNdjMBKPi6g1av
nwFbTziKyajW1Ne55uJrmAVgOjDhZW1ED2EISISkQCGG+Mj44oB1neMKls0oEcLr
FC0TnyFQ9eFotCkweU0IjEQ59TOiMNtK5/gp80J9jNdCBWXbj2Z9Yk8TxxTMqrEr
2msrye8V3M08KyO5sxgujdFSugssWUvE8Jq6y8VGUAaltewJEf58
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:27 2025 by rpki-client