Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/uJJnjUiM_NZxiukKj0SMAuEZu9s.roa
File: uJJnjUiM_NZxiukKj0SMAuEZu9s.roa (raw, json)
Hash identifier: rKuDWrBp0PYOBRz7NFxaGHHnL+VoADNHakfLXL6TQaA=
Subject key identifier: B8:92:67:8D:48:8C:FC:D6:71:8A:E9:0A:8F:44:8C:02:E1:19:BB:DB
Certificate issuer: /CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Certificate serial: 0194206869F46214A6DC3E5235D78E5B8D4E
Authority key identifier: 65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/uJJnjUiM_NZxiukKj0SMAuEZu9s.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213692
IP address blocks: 91.238.195.0/24 maxlen: 24
2a13:dc80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:69:f4:62:14:a6:dc:3e:52:35:d7:8e:5b:8d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b892678d488cfcd6718ae90a8f448c02e119bbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:18:59:0f:6e:e0:85:56:08:ef:30:fe:07:
f4:38:c1:cc:46:c3:fa:5f:77:0e:f1:3a:3a:a7:f1:
37:3d:43:33:56:2a:6e:69:e8:77:8b:09:e5:d8:6b:
59:12:61:1b:73:6d:85:91:58:28:9b:36:47:2f:b0:
c4:ad:c3:8c:de:15:e9:83:8e:c0:24:64:d1:80:34:
2b:9c:20:d9:3f:65:11:74:e0:43:f9:4e:38:66:d8:
a2:f4:c0:fc:07:e9:fa:6a:44:33:3e:22:1f:8f:0d:
b3:1f:45:b5:c4:7f:a1:fb:e6:3b:88:3c:f2:d6:e5:
7a:42:6e:1c:15:24:c4:f2:8f:d4:56:76:21:d7:1b:
d9:8c:b5:df:cc:4a:02:d8:6b:50:6c:2e:1c:8a:7e:
47:5c:a9:5e:61:b6:7c:a6:0f:67:f5:05:bf:b2:ec:
82:0b:29:e6:91:7f:c2:f3:bb:c0:51:22:34:90:7b:
c9:e1:71:b2:60:71:b5:1b:9d:81:46:17:eb:f9:d3:
92:6a:9b:cd:f3:08:6d:01:b1:68:a5:31:a0:8a:9a:
9a:89:65:96:db:c7:4f:3f:28:53:f5:ae:9d:3a:02:
35:6b:90:65:3e:57:2b:29:41:94:2b:48:fb:04:14:
91:c1:78:4a:00:8b:77:ac:a3:22:db:2e:aa:c3:d9:
19:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:92:67:8D:48:8C:FC:D6:71:8A:E9:0A:8F:44:8C:02:E1:19:BB:DB
X509v3 Authority Key Identifier:
keyid:65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/uJJnjUiM_NZxiukKj0SMAuEZu9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.195.0/24
IPv6:
2a13:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
09:7c:d4:8b:fc:ac:34:53:63:22:90:c3:1a:5e:07:6d:1f:c3:
81:1f:75:c4:15:d6:06:03:6f:f8:ec:ec:3a:5d:8b:fb:0f:0e:
12:c9:ef:a9:a5:60:bc:f0:3d:16:69:16:83:bf:00:95:2a:f2:
94:c2:d4:55:9b:e7:09:5a:e5:66:5b:b2:17:be:ce:1d:0f:bb:
25:9c:48:8e:dc:d9:b5:cf:bd:1e:fd:8d:02:92:33:67:c0:ad:
f7:a4:81:33:ff:14:74:ba:4b:cf:78:2c:14:50:e1:ed:03:63:
7a:33:5a:55:c3:5d:c7:7a:d9:ff:2a:2a:82:50:23:7b:23:37:
3b:c2:7a:48:bc:06:58:fd:4c:3b:48:1f:bb:86:15:6b:90:a0:
7c:ae:df:35:d6:3d:7e:05:e9:b7:3c:af:81:3b:94:b5:14:48:
f8:e5:ae:7c:3f:3d:d0:7c:6b:c6:49:b0:47:05:4f:2c:13:9b:
a7:18:cb:e0:e2:c8:7a:36:d2:bb:4c:91:b2:40:7d:69:c7:c7:
b8:ef:f7:0e:f2:20:3b:c1:b5:e7:10:0b:d2:0c:e6:5c:ee:83:
25:fb:1f:00:97:dc:fd:bb:f1:e9:c0:dd:43:6c:a1:e9:0a:ea:
82:df:03:01:ea:43:d9:10:bb:3f:fc:43:7f:81:31:1c:4f:62:
8b:bf:91:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaGn0YhSm3D5SNdeOW41OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NTljZjM0ZDRjZmM1OTY0MDg2MmQxZTRiNzlkNDhkOWU0
ZDhlN2IwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkyNjc4ZDQ4OGNmY2Q2NzE4YWU5MGE4ZjQ0OGMwMmUxMTliYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhEYWQ9u4IVWCO8w/gf0OMHMRsP6
X3cO8To6p/E3PUMzVipuaeh3iwnl2GtZEmEbc22FkVgomzZHL7DErcOM3hXpg47A
JGTRgDQrnCDZP2URdOBD+U44Ztii9MD8B+n6akQzPiIfjw2zH0W1xH+h++Y7iDzy
1uV6Qm4cFSTE8o/UVnYh1xvZjLXfzEoC2GtQbC4cin5HXKleYbZ8pg9n9QW/suyC
CynmkX/C87vAUSI0kHvJ4XGyYHG1G52BRhfr+dOSapvN8whtAbFopTGgipqaiWWW
28dPPyhT9a6dOgI1a5BlPlcrKUGUK0j7BBSRwXhKAIt3rKMi2y6qw9kZjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLiSZ41IjPzWcYrpCo9EjALhGbvbMB8GA1UdIwQY
MBaAFGVZzzTUz8WWQIYtHkt51I2eTY57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAt
MTM0MWRlOGFiZTUxLzEvdUpKbmpVaU1fTlp4aXVrS2owU01BdUVadTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAtMTM0MWRlOGFiZTUx
LzEvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+7DMA0E
AgACMAcDBQMqE9yAMA0GCSqGSIb3DQEBCwUAA4IBAQAJfNSL/Kw0U2MikMMaXgdt
H8OBH3XEFdYGA2/47Ow6XYv7Dw4Sye+ppWC88D0WaRaDvwCVKvKUwtRVm+cJWuVm
W7IXvs4dD7slnEiO3Nm1z70e/Y0CkjNnwK33pIEz/xR0ukvPeCwUUOHtA2N6M1pV
w13Hetn/KiqCUCN7Izc7wnpIvAZY/Uw7SB+7hhVrkKB8rt811j1+Bem3PK+BO5S1
FEj45a58Pz3QfGvGSbBHBU8sE5unGMvg4sh6NtK7TJGyQH1px8e47/cO8iA7wbXn
EAvSDOZc7oMl+x8Al9z9u/HpwN1DbKHpCuqC3wMB6kPZELs//EN/gTEcT2KLv5Gj
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:35 2025 by rpki-client