Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/UtKiQGfE91jlOKwP8rLwXNBFK1U.roa
File: UtKiQGfE91jlOKwP8rLwXNBFK1U.roa (raw, json)
Hash identifier: gtwF8YdPIpXECcoZEZl/U2g7y7OxQYzV3N9213wCkjQ=
Subject key identifier: 52:D2:A2:40:67:C4:F7:58:E5:38:AC:0F:F2:B2:F0:5C:D0:45:2B:55
Certificate issuer: /CN=dafef97ca010bad4ff59ef7d2b6bc9077860aab2
Certificate serial: 01945FD0910A67E20ACBF7DEC5A7EAC366D0
Authority key identifier: DA:FE:F9:7C:A0:10:BA:D4:FF:59:EF:7D:2B:6B:C9:07:78:60:AA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2v75fKAQutT_We99K2vJB3hgqrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/UtKiQGfE91jlOKwP8rLwXNBFK1U.roa
Signing time: Mon 13 Jan 2025 13:18:11 +0000
ROA not before: Mon 13 Jan 2025 13:18:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201078
IP address blocks: 82.163.160.0/22 maxlen: 22
85.194.233.0/24 maxlen: 24
185.85.4.0/22 maxlen: 22
185.158.60.0/22 maxlen: 22
185.201.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/2v75fKAQutT_We99K2vJB3hgqrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/2v75fKAQutT_We99K2vJB3hgqrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2v75fKAQutT_We99K2vJB3hgqrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:d0:91:0a:67:e2:0a:cb:f7:de:c5:a7:ea:c3:66:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafef97ca010bad4ff59ef7d2b6bc9077860aab2
Validity
Not Before: Jan 13 13:18:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52d2a24067c4f758e538ac0ff2b2f05cd0452b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:b6:3c:7a:55:f6:df:f1:d6:4b:72:bd:c7:
c1:d8:c7:1a:46:af:70:75:2b:be:60:6d:26:ef:73:
a6:bb:62:62:98:4a:78:96:78:2b:7c:04:ba:5f:c7:
d7:8f:23:d3:e5:53:cd:15:b3:fc:c6:93:e7:fc:19:
76:9e:8f:a0:a8:dc:7a:49:27:fd:2a:82:df:30:5a:
26:9b:48:2d:b7:fe:64:e1:ab:09:90:c6:9a:3d:cb:
d3:51:f5:1c:2c:8a:38:7f:eb:2b:d3:c6:0a:2c:8e:
86:bc:83:18:a8:c9:f3:2c:d4:38:fa:6a:ba:47:89:
72:60:f5:04:73:d2:45:02:25:86:8a:21:1b:63:e1:
db:00:73:3c:31:d1:77:b8:d1:c1:f0:4f:40:4a:1e:
26:25:3d:bc:68:55:d0:17:e8:5b:2a:1a:85:2a:44:
52:fc:7d:b9:72:8c:b4:78:09:fd:b1:d0:08:e5:c7:
bf:e9:74:17:5e:ee:ca:0a:42:71:d5:c3:b8:eb:7a:
0a:d4:fb:77:6c:ec:1f:7e:f1:9b:4b:d3:9d:90:61:
bf:9a:e7:20:16:d3:3f:a0:12:2a:d7:b3:da:82:a0:
8b:3a:7d:54:4b:48:03:77:9d:64:e1:39:a5:94:bc:
6f:f6:c3:81:c7:68:57:ff:f3:2d:cc:68:30:0d:ba:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D2:A2:40:67:C4:F7:58:E5:38:AC:0F:F2:B2:F0:5C:D0:45:2B:55
X509v3 Authority Key Identifier:
keyid:DA:FE:F9:7C:A0:10:BA:D4:FF:59:EF:7D:2B:6B:C9:07:78:60:AA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2v75fKAQutT_We99K2vJB3hgqrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/UtKiQGfE91jlOKwP8rLwXNBFK1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/2v75fKAQutT_We99K2vJB3hgqrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.160.0/22
85.194.233.0/24
185.85.4.0/22
185.158.60.0/22
185.201.104.0/22
Signature Algorithm: sha256WithRSAEncryption
91:ac:46:c4:87:f4:4b:1c:fc:c5:96:15:6b:d5:ee:9b:72:fa:
a6:fd:6f:d7:da:04:c2:56:d5:fb:a4:d7:be:ff:86:2a:ab:14:
a3:a6:f6:e5:2f:56:71:1a:57:55:78:52:8d:77:47:9d:71:ff:
a7:08:ea:14:b4:52:76:1a:2b:77:d3:4a:04:56:75:9f:27:24:
b4:88:e2:cf:10:4c:a4:6a:9f:99:e8:4f:6f:d4:0e:4a:c8:2d:
d5:d2:60:5a:c0:86:ca:c9:53:53:aa:dd:bd:0f:89:eb:33:8e:
c4:61:9e:31:ca:dd:54:53:e9:5e:29:82:d3:c4:6d:7a:fb:a3:
80:04:22:31:48:3a:ca:09:14:84:47:d9:43:fa:21:69:80:3a:
2a:d8:e1:18:9e:0c:58:d0:1a:25:fd:b6:93:c1:ab:d2:35:aa:
f0:34:4f:d6:63:1b:5d:5e:2f:14:ef:5b:fa:f1:99:c7:ee:a2:
04:11:39:2c:b0:e0:a2:08:f6:17:c4:37:0a:f1:07:ee:63:f7:
d3:f7:e8:df:b8:5c:6e:7a:67:d8:7c:64:cb:9f:24:29:f0:e3:
0b:a3:f5:63:6b:e0:95:20:f1:0f:02:ca:1e:fe:15:54:5d:67:
d2:1f:ec:7e:86:72:6f:d0:11:d6:fb:de:c6:65:09:a6:c8:0a:
39:9d:b6:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRf0JEKZ+IKy/fexafqw2bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmVmOTdjYTAxMGJhZDRmZjU5ZWY3ZDJiNmJjOTA3Nzg2
MGFhYjIwHhcNMjUwMTEzMTMxODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQyYTI0MDY3YzRmNzU4ZTUzOGFjMGZmMmIyZjA1Y2QwNDUyYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9e2PHpV9t/x1ktyvcfB2McaRq9w
dSu+YG0m73Omu2JimEp4lngrfAS6X8fXjyPT5VPNFbP8xpPn/Bl2no+gqNx6SSf9
KoLfMFomm0gtt/5k4asJkMaaPcvTUfUcLIo4f+sr08YKLI6GvIMYqMnzLNQ4+mq6
R4lyYPUEc9JFAiWGiiEbY+HbAHM8MdF3uNHB8E9ASh4mJT28aFXQF+hbKhqFKkRS
/H25coy0eAn9sdAI5ce/6XQXXu7KCkJx1cO463oK1Pt3bOwffvGbS9OdkGG/mucg
FtM/oBIq17PagqCLOn1US0gDd51k4TmllLxv9sOBx2hX//MtzGgwDbqUVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFLSokBnxPdY5TisD/Ky8FzQRStVMB8GA1UdIwQY
MBaAFNr++XygELrU/1nvfStryQd4YKqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnY3NWZLQVF1dFRfV2U5OUsydkpCM2hncXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yOTIxZTYtODFjNi00NDQ3LTlkNzgt
YmZhOTRlYjFhYTAyLzEvVXRLaVFHZkU5MWpsT0t3UDhyTHdYTkJGSzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yOTIxZTYtODFjNi00NDQ3LTlkNzgtYmZhOTRlYjFhYTAy
LzEvMnY3NWZLQVF1dFRfV2U5OUsydkpCM2hncXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUqOgAwQA
VcLpAwQCuVUEAwQCuZ48AwQCucloMA0GCSqGSIb3DQEBCwUAA4IBAQCRrEbEh/RL
HPzFlhVr1e6bcvqm/W/X2gTCVtX7pNe+/4YqqxSjpvblL1ZxGldVeFKNd0edcf+n
COoUtFJ2Git300oEVnWfJyS0iOLPEEykap+Z6E9v1A5KyC3V0mBawIbKyVNTqt29
D4nrM47EYZ4xyt1UU+leKYLTxG16+6OABCIxSDrKCRSER9lD+iFpgDoq2OEYngxY
0Bol/baTwavSNarwNE/WYxtdXi8U71v68ZnH7qIEETkssOCiCPYXxDcK8QfuY/fT
9+jfuFxuemfYfGTLnyQp8OMLo/Vja+CVIPEPAsoe/hVUXWfSH+x+hnJv0BHW+97G
ZQmmyAo5nbY1
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:51:01 2025 by rpki-client