Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uCJs3VfOd9XlMzz8RlxYwm6JR8g.roa
File: uCJs3VfOd9XlMzz8RlxYwm6JR8g.roa (raw, json)
Hash identifier: aQ8GGeLzceXoLXJ/X0KURkE7J4DP5Ck+ioxtdgiJTwI=
Subject key identifier: B8:22:6C:DD:57:CE:77:D5:E5:33:3C:FC:46:5C:58:C2:6E:89:47:C8
Certificate issuer: /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Certificate serial: 019421B1BD8B3839D882236CBCD439A8E25E
Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uCJs3VfOd9XlMzz8RlxYwm6JR8g.roa
Signing time: Wed 01 Jan 2025 11:48:04 +0000
ROA not before: Wed 01 Jan 2025 11:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47957
IP address blocks: 185.8.52.0/22 maxlen: 24
185.139.244.0/22 maxlen: 24
2a02:d940::/29 maxlen: 48
2a07:18c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bd:8b:38:39:d8:82:23:6c:bc:d4:39:a8:e2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Validity
Not Before: Jan 1 11:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8226cdd57ce77d5e5333cfc465c58c26e8947c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:85:62:95:0d:77:cc:8d:83:f0:78:59:db:
a7:4e:f5:2a:22:84:95:a0:32:d9:79:3a:40:13:7f:
15:c9:87:d8:6c:16:fb:81:ed:09:1b:0f:dd:c1:c1:
72:61:a2:39:c9:8d:55:67:f7:76:7a:e6:ff:b8:77:
11:ca:fd:aa:e5:1b:ca:4b:6f:19:e6:cb:ed:1a:a5:
b6:4d:ff:ca:92:60:db:37:b2:bc:f8:ff:56:ea:29:
8f:6a:3c:40:a7:ba:e9:5e:86:82:0f:3c:6b:af:2d:
e8:7b:56:e5:0d:ac:14:9c:05:09:0e:bb:62:b9:5a:
44:2b:bc:c0:d3:15:45:18:21:c3:85:fb:a9:81:2e:
a5:0b:a7:2e:c1:a9:c2:23:10:28:7b:bf:fb:ed:c5:
79:b4:76:38:e0:4b:2d:df:3f:b8:7f:f6:3f:d3:47:
97:f7:b5:b5:f9:40:ea:b9:d4:ea:d7:dd:93:81:a0:
22:8f:81:8e:26:f2:0b:9e:7e:61:c7:3f:fe:5c:01:
36:aa:f3:b9:35:8b:c5:3b:a4:0f:f8:32:9f:36:12:
7f:5a:bd:3e:b3:5d:a6:22:a2:ae:4b:f5:f3:d3:25:
4a:7d:c2:67:4e:c2:d8:50:c1:23:a4:43:7c:a8:2f:
75:2c:fc:bc:72:3d:47:ff:93:cc:7e:1b:50:3a:cd:
50:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:22:6C:DD:57:CE:77:D5:E5:33:3C:FC:46:5C:58:C2:6E:89:47:C8
X509v3 Authority Key Identifier:
keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/uCJs3VfOd9XlMzz8RlxYwm6JR8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.52.0/22
185.139.244.0/22
IPv6:
2a02:d940::/29
2a07:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:27:ee:63:bc:bb:be:e7:a2:b8:7a:d8:a7:c2:cf:47:d7:a1:
f5:81:1a:25:46:6b:f2:e4:32:5b:e2:df:50:4d:9b:46:31:fa:
ec:e2:be:ff:f4:2b:89:a7:8f:34:15:23:5f:15:83:15:de:1f:
33:5a:a2:84:7b:e7:ec:ba:d1:08:21:ef:f7:85:fd:07:46:1c:
3e:b4:4d:6b:14:52:92:1c:63:94:01:ee:f7:5f:91:d4:82:37:
35:93:60:3e:a4:e7:aa:47:18:e0:19:b4:eb:94:77:aa:40:a0:
b1:31:bb:aa:cf:7b:8e:cb:16:34:7c:68:cb:fd:82:d2:04:21:
05:36:c6:20:74:20:fc:f3:6e:63:4a:c1:31:90:8e:ac:ca:54:
b5:4b:51:cf:2e:6b:24:0b:36:60:20:e3:b9:18:b4:52:c3:e7:
5a:b8:12:4e:51:07:f7:6c:79:d7:36:b7:28:40:5e:e0:77:67:
11:80:4c:d9:18:1e:be:eb:36:fb:a8:db:35:3e:e1:85:30:32:
20:74:09:a1:55:8e:d1:39:d1:65:55:66:7c:51:e6:e7:7c:0e:
9e:09:64:d0:27:16:26:b9:fa:cf:03:9a:6e:06:7b:b8:6a:30:
37:fe:36:c8:a0:4f:af:2a:b9:fa:c4:a8:52:c1:ee:d3:41:16:
f0:74:cf:14
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhsb2LODnYgiNsvNQ5qOJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODM3MTFiZDdhYjEzZGEzZDExZjI1YmI1N2E0ZjQ4M2Mx
Zjk5YWMwHhcNMjUwMTAxMTE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODIyNmNkZDU3Y2U3N2Q1ZTUzMzNjZmM0NjVjNThjMjZlODk0N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBiFYpUNd8yNg/B4WdunTvUqIoSV
oDLZeTpAE38VyYfYbBb7ge0JGw/dwcFyYaI5yY1VZ/d2eub/uHcRyv2q5RvKS28Z
5svtGqW2Tf/KkmDbN7K8+P9W6imPajxAp7rpXoaCDzxrry3oe1blDawUnAUJDrti
uVpEK7zA0xVFGCHDhfupgS6lC6cuwanCIxAoe7/77cV5tHY44Est3z+4f/Y/00eX
97W1+UDqudTq192TgaAij4GOJvILnn5hxz/+XAE2qvO5NYvFO6QP+DKfNhJ/Wr0+
s12mIqKuS/Xz0yVKfcJnTsLYUMEjpEN8qC91LPy8cj1H/5PMfhtQOs1QcwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLgibN1XznfV5TM8/EZcWMJuiUfIMB8GA1UdIwQY
MBaAFCKDcRvXqxPaPRHyW7V6T0g8H5msMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEt
NWVlNzZmMGY2NGUyLzEvdUNKczNWZk9kOVhsTXp6OFJseFl3bTZKUjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEtNWVlNzZmMGY2NGUy
LzEvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQg0AwQC
uYv0MBYEAgACMBADBQMqAtlAAwcAKgcYwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBP
J+5jvLu+56K4etinws9H16H1gRolRmvy5DJb4t9QTZtGMfrs4r7/9CuJp480FSNf
FYMV3h8zWqKEe+fsutEIIe/3hf0HRhw+tE1rFFKSHGOUAe73X5HUgjc1k2A+pOeq
RxjgGbTrlHeqQKCxMbuqz3uOyxY0fGjL/YLSBCEFNsYgdCD8825jSsExkI6sylS1
S1HPLmskCzZgIOO5GLRSw+dauBJOUQf3bHnXNrcoQF7gd2cRgEzZGB6+6zb7qNs1
PuGFMDIgdAmhVY7ROdFlVWZ8UebnfA6eCWTQJxYmufrPA5puBnu4ajA3/jbIoE+v
Krn6xKhSwe7TQRbwdM8U
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:34:30 2025 by rpki-client