Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ScuMBaUfrb1vvgCD1YcHA3A4yhc.roa
File: ScuMBaUfrb1vvgCD1YcHA3A4yhc.roa (raw, json)
Hash identifier: X1vJYrLA4zXwTH9BTIR0IgqhTGr9ixlD5JEygQaXj2w=
Subject key identifier: 49:CB:8C:05:A5:1F:AD:BD:6F:BE:00:83:D5:87:07:03:70:38:CA:17
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445337FDD570D09B3B9DA1B5C91477E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ScuMBaUfrb1vvgCD1YcHA3A4yhc.roa
Signing time: Wed 01 Jan 2025 23:48:22 +0000
ROA not before: Wed 01 Jan 2025 23:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212913
IP address blocks: 193.3.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:33:7f:dd:57:0d:09:b3:b9:da:1b:5c:91:47:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49cb8c05a51fadbd6fbe0083d58707037038ca17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1f:df:a4:93:e6:42:a0:bc:4c:87:32:6f:77:
13:36:db:35:e8:24:be:ef:9f:43:c1:5f:f1:48:01:
b6:01:b2:c0:22:59:86:e2:f6:8d:5d:09:c3:bc:3b:
0e:bf:8d:ee:3b:1a:93:0a:9c:f3:16:5c:0c:9d:a1:
82:11:98:da:64:ab:c0:3b:d6:94:3c:ca:05:f5:49:
ef:11:00:58:e0:09:9b:f1:61:25:d5:35:03:79:db:
31:99:17:81:7b:ed:1d:9a:34:01:02:96:1a:17:bf:
49:89:ba:13:63:8d:8f:8d:b6:d8:fb:07:6f:59:e1:
e8:12:8e:4c:bc:18:37:ac:89:30:58:35:54:e1:d8:
99:ff:be:79:f4:91:4d:df:48:49:19:ea:3d:b7:4f:
4f:23:17:1c:97:24:89:7a:de:0a:cc:b9:98:01:93:
ef:d9:8d:86:1c:c8:52:9f:1c:9e:c6:73:97:a8:71:
09:7d:cb:66:bd:21:d8:24:65:b3:65:39:83:08:1e:
bb:68:73:c4:22:3b:32:0a:c8:6e:63:72:e2:37:ea:
59:ae:1d:25:dd:49:3a:7a:c8:0b:0d:ef:9c:ab:eb:
da:f8:53:74:fe:8b:d4:3b:b5:ee:60:f3:ad:50:15:
cf:f4:7b:bd:55:68:e6:cf:44:cb:2f:80:4d:0d:76:
65:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CB:8C:05:A5:1F:AD:BD:6F:BE:00:83:D5:87:07:03:70:38:CA:17
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ScuMBaUfrb1vvgCD1YcHA3A4yhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.23.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:16:c7:eb:1b:e7:99:9c:96:17:63:95:18:7a:73:3d:3b:c2:
64:ec:74:4e:27:00:ee:38:09:62:f6:11:5e:58:29:5d:59:22:
87:54:4e:4f:35:4f:be:7c:55:1b:0b:2f:6c:83:02:0c:fe:ce:
01:c6:71:78:26:33:0b:cf:be:d6:65:d3:ed:48:ea:f8:3d:8d:
f1:1e:0a:7b:e6:07:e9:54:18:b8:bf:53:26:e2:b1:95:2e:9f:
89:cd:67:e6:6e:27:e1:6f:3b:09:9b:2d:e5:04:42:66:2c:84:
69:d6:12:f9:0b:20:9f:97:c1:bd:4c:e6:6a:94:c3:92:d0:7a:
fc:e6:44:c3:53:d5:e2:50:1c:0b:c3:e1:ca:bd:bb:08:6c:08:
75:0d:29:39:48:ca:04:06:a8:2f:c3:a7:3d:73:f2:c5:bb:b5:
b1:be:3e:f1:84:ad:a6:60:17:0e:f6:ff:1b:02:30:7e:2b:4f:
dd:94:57:ce:0b:01:b4:f3:66:4a:48:db:c8:dd:b7:15:0c:fe:
c9:8b:ba:a5:06:16:cb:b7:77:2f:f1:d3:65:98:4a:d9:3b:73:
08:a5:11:54:4a:58:05:c7:37:ad:2b:5a:9d:86:5c:8b:f7:97:
e2:db:bd:8b:bc:05:09:a4:02:dd:55:9e:1e:88:92:5c:02:a7:
5f:c2:de:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRTN/3VcNCbO52htckUd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNiOGMwNWE1MWZhZGJkNmZiZTAwODNkNTg3MDcwMzcwMzhjYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx/fpJPmQqC8TIcyb3cTNts16CS+
759DwV/xSAG2AbLAIlmG4vaNXQnDvDsOv43uOxqTCpzzFlwMnaGCEZjaZKvAO9aU
PMoF9UnvEQBY4Amb8WEl1TUDedsxmReBe+0dmjQBApYaF79JiboTY42PjbbY+wdv
WeHoEo5MvBg3rIkwWDVU4diZ/7559JFN30hJGeo9t09PIxcclySJet4KzLmYAZPv
2Y2GHMhSnxyexnOXqHEJfctmvSHYJGWzZTmDCB67aHPEIjsyCshuY3LiN+pZrh0l
3Uk6esgLDe+cq+va+FN0/ovUO7XuYPOtUBXP9Hu9VWjmz0TLL4BNDXZl2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnLjAWlH629b74Ag9WHBwNwOMoXMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvU2N1TUJhVWZyYjF2dmdDRDFZY0hBM0E0eWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMXMA0G
CSqGSIb3DQEBCwUAA4IBAQBeFsfrG+eZnJYXY5UYenM9O8Jk7HROJwDuOAli9hFe
WCldWSKHVE5PNU++fFUbCy9sgwIM/s4BxnF4JjMLz77WZdPtSOr4PY3xHgp75gfp
VBi4v1Mm4rGVLp+JzWfmbifhbzsJmy3lBEJmLIRp1hL5CyCfl8G9TOZqlMOS0Hr8
5kTDU9XiUBwLw+HKvbsIbAh1DSk5SMoEBqgvw6c9c/LFu7Wxvj7xhK2mYBcO9v8b
AjB+K0/dlFfOCwG082ZKSNvI3bcVDP7Ji7qlBhbLt3cv8dNlmErZO3MIpRFUSlgF
xzetK1qdhlyL95fi272LvAUJpALdVZ4eiJJcAqdfwt6D
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:31:40 2025 by rpki-client