Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/uCt91sHM1dE5cj9fzwI6U2H47bk.roa
File: uCt91sHM1dE5cj9fzwI6U2H47bk.roa (raw, json)
Hash identifier: EaM9kfekbh46OZ7F5rxMV4FMRQkJJyJzsgvjGi6Og6M=
Subject key identifier: B8:2B:7D:D6:C1:CC:D5:D1:39:72:3F:5F:CF:02:3A:53:61:F8:ED:B9
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 019509354C20A060C41795FC95EAF9CCAC22
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/uCt91sHM1dE5cj9fzwI6U2H47bk.roa
Signing time: Sat 15 Feb 2025 10:44:02 +0000
ROA not before: Sat 15 Feb 2025 10:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49371
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.124.14.0/24 maxlen: 24
185.124.15.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
185.236.28.0/24 maxlen: 24
185.236.29.0/24 maxlen: 24
185.236.30.0/24 maxlen: 24
185.236.31.0/24 maxlen: 24
2a03:9000::/40 maxlen: 40
2a03:9000:100::/40 maxlen: 40
2a03:9000:200::/40 maxlen: 40
2a03:9000:400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:35:4c:20:a0:60:c4:17:95:fc:95:ea:f9:cc:ac:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Feb 15 10:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b82b7dd6c1ccd5d139723f5fcf023a5361f8edb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:17:88:6c:fd:09:c5:2d:09:70:20:93:f0:
5d:9d:fc:03:e6:55:a4:9c:78:29:5e:81:95:6e:64:
cb:7f:4c:0c:c6:34:17:59:1f:18:7e:cd:69:dc:f4:
32:da:89:df:ad:21:66:0b:0d:2c:bd:54:22:8f:29:
42:5b:a2:bb:45:6c:2d:2d:8d:04:9f:d7:0b:0a:00:
15:0f:8c:82:4a:7e:69:1d:5d:df:96:10:d6:8d:e6:
4e:e5:a6:88:0d:ff:eb:4b:c0:7d:c9:e1:50:41:d7:
f3:7e:4e:02:6b:50:09:52:69:8e:8a:b4:e2:fa:96:
77:7d:dd:7b:df:7f:9e:50:a1:81:b7:3c:0b:73:e3:
b3:bc:06:21:e1:81:a1:db:7c:44:82:24:45:35:42:
30:3a:46:80:48:f5:62:8c:60:e5:c7:a3:ce:80:96:
b2:e1:6e:18:80:e9:60:c9:e5:bf:00:7c:2b:96:4a:
bc:23:d6:29:b4:76:45:f5:7c:7e:90:fe:5e:39:0d:
06:51:90:6f:04:3f:ef:34:d0:c7:77:8b:19:f6:62:
13:9b:39:fc:0e:c4:26:d7:4d:a6:e9:be:27:6e:2a:
ee:1a:3d:0d:06:36:40:50:1f:7f:64:e8:05:b6:74:
79:9c:fe:94:ec:1b:31:c4:61:4e:05:06:1d:95:aa:
c7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2B:7D:D6:C1:CC:D5:D1:39:72:3F:5F:CF:02:3A:53:61:F8:ED:B9
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/uCt91sHM1dE5cj9fzwI6U2H47bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/22
185.236.28.0/22
IPv6:
2a03:9000::-2a03:9000:2ff:ffff:ffff:ffff:ffff:ffff
2a03:9000:400::/40
Signature Algorithm: sha256WithRSAEncryption
77:2f:a1:f5:72:61:80:af:cc:99:ef:5a:4f:10:60:63:8c:93:
6b:6f:a7:07:d0:0b:95:c5:e3:9e:5f:39:b4:75:51:00:da:2e:
dc:97:e0:85:47:a6:f8:84:80:6e:e2:e0:9c:c1:1f:63:90:d8:
d2:75:9c:22:35:8a:bb:c0:73:1e:39:5b:47:b7:e1:dc:c9:88:
02:c3:52:d6:f3:6c:06:c8:ed:d6:27:20:4b:6c:3b:e4:3f:c7:
34:53:d7:27:c2:f5:c8:eb:0a:23:cc:40:0a:b2:02:62:b6:15:
06:dd:10:3e:c7:ef:1a:55:2f:6e:16:51:be:60:66:1d:7e:d8:
f4:2a:eb:9d:e0:88:b5:b9:7c:72:90:e0:83:ef:ce:eb:c6:de:
be:23:11:eb:9b:75:75:f5:07:3c:93:d2:eb:c1:b4:c5:c6:46:
70:b5:fc:42:c8:be:4c:81:c9:8b:9a:11:47:e0:10:d8:5d:ef:
38:e8:dc:ec:ed:a6:86:2a:3b:89:4a:9e:33:6e:ee:72:5f:cf:
3c:ea:5f:86:9a:89:5f:f7:5c:fd:b1:4d:17:77:0c:2c:72:84:
e4:04:fe:c7:b6:7e:d6:d2:1f:7e:7e:e7:18:4e:11:03:67:56:
61:45:10:20:8c:61:37:95:3d:b3:d6:1c:cc:6f:50:33:b7:d7:
5e:57:55:25
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZUJNUwgoGDEF5X8ler5zKwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjUwMjE1MTA0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJiN2RkNmMxY2NkNWQxMzk3MjNmNWZjZjAyM2E1MzYxZjhlZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuwXiGz9CcUtCXAgk/BdnfwD5lWk
nHgpXoGVbmTLf0wMxjQXWR8Yfs1p3PQy2onfrSFmCw0svVQijylCW6K7RWwtLY0E
n9cLCgAVD4yCSn5pHV3flhDWjeZO5aaIDf/rS8B9yeFQQdfzfk4Ca1AJUmmOirTi
+pZ3fd1733+eUKGBtzwLc+OzvAYh4YGh23xEgiRFNUIwOkaASPVijGDlx6POgJay
4W4YgOlgyeW/AHwrlkq8I9YptHZF9Xx+kP5eOQ0GUZBvBD/vNNDHd4sZ9mITmzn8
DsQm102m6b4nbiruGj0NBjZAUB9/ZOgFtnR5nP6U7BsxxGFOBQYdlarHwwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLgrfdbBzNXROXI/X88COlNh+O25MB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvdUN0OTFzSE0xZEU1Y2o5Znp3STZVMkg0N2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDASBAIAATAMAwQCuXwMAwQC
uewcMB4EAgACMBgwDgMEBCoDkAMGACoDkAACAwYAKgOQAAQwDQYJKoZIhvcNAQEL
BQADggEBAHcvofVyYYCvzJnvWk8QYGOMk2tvpwfQC5XF455fObR1UQDaLtyX4IVH
pviEgG7i4JzBH2OQ2NJ1nCI1irvAcx45W0e34dzJiALDUtbzbAbI7dYnIEtsO+Q/
xzRT1yfC9cjrCiPMQAqyAmK2FQbdED7H7xpVL24WUb5gZh1+2PQq653giLW5fHKQ
4IPvzuvG3r4jEeubdXX1BzyT0uvBtMXGRnC1/ELIvkyByYuaEUfgENhd7zjo3Ozt
poYqO4lKnjNu7nJfzzzqX4aaiV/3XP2xTRd3DCxyhOQE/se2ftbSH35+5xhOEQNn
VmFFECCMYTeVPbPWHMxvUDO3115XVSU=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:43:21 2025 by rpki-client