Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UYDoB3x60CZ0QlNGESbwAlWd428.roa
File: UYDoB3x60CZ0QlNGESbwAlWd428.roa (raw, json)
Hash identifier: TFnakiXJIH+PyATRJlNHqXCNQvSIEl+DgNHmhyYXVOo=
Subject key identifier: 51:80:E8:07:7C:7A:D0:26:74:42:53:46:11:26:F0:02:55:9D:E3:6F
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 0194266B922843F89A593CBAA8D02E1D5390
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UYDoB3x60CZ0QlNGESbwAlWd428.roa
Signing time: Thu 02 Jan 2025 09:49:31 +0000
ROA not before: Thu 02 Jan 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35624
IP address blocks: 212.119.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:92:28:43:f8:9a:59:3c:ba:a8:d0:2e:1d:53:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 2 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5180e8077c7ad026744253461126f002559de36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e8:8d:fe:01:a1:99:3c:ea:12:67:58:5c:9b:
1f:75:18:3f:5f:9f:83:86:a8:e3:9d:f4:14:f1:fe:
5f:7e:05:20:64:26:2d:b6:37:08:89:a1:73:13:88:
fb:3f:e6:88:9f:66:48:6a:6d:30:43:82:f7:e0:d7:
da:62:dd:0e:01:56:41:5a:8b:78:11:4c:9d:52:d6:
0f:f5:45:2d:ee:51:63:de:3f:c6:8b:f6:aa:a9:98:
f0:5d:9a:77:59:28:49:1c:26:0b:e4:f8:ef:16:5d:
29:fe:61:ce:de:7e:8f:d5:3e:98:b4:90:6b:27:54:
89:64:3f:89:79:f2:87:f8:27:9e:7a:17:f3:3d:56:
5e:0c:9a:a0:1a:2d:a2:91:27:42:bc:17:06:d1:7e:
66:9f:05:3d:6c:0c:d2:33:32:8f:45:9c:f6:af:5d:
b0:27:ff:d2:ea:2e:58:33:6a:15:79:7a:8a:c4:1a:
23:82:6e:25:a4:ad:b9:ef:99:11:92:32:52:d5:19:
b5:36:36:ef:f6:31:30:20:a4:7d:f4:f5:ef:80:46:
b9:51:f8:df:eb:5f:6e:fe:e7:77:6d:0c:75:4b:7a:
5f:c9:e5:a1:78:07:0b:67:d1:72:4d:b3:75:e5:a7:
47:cd:58:ce:59:7b:78:9d:08:56:7c:06:fb:b9:a3:
89:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:80:E8:07:7C:7A:D0:26:74:42:53:46:11:26:F0:02:55:9D:E3:6F
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/UYDoB3x60CZ0QlNGESbwAlWd428.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.119.42.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:4c:b9:4d:6d:40:d6:36:8e:c0:11:6a:c7:52:56:5b:9e:af:
48:72:eb:5b:0d:ac:f4:38:8a:2f:22:fe:48:28:69:03:27:59:
1c:72:55:ca:fd:eb:eb:70:7c:71:e7:90:54:5e:e8:82:52:48:
15:b6:59:66:46:ba:a8:9a:44:6e:0d:e6:24:ba:fc:2a:e0:26:
9e:4a:a4:ec:dd:1d:ee:f2:cc:77:da:56:63:f7:d4:7a:54:11:
71:25:0e:a3:67:a5:e8:4a:a8:9d:98:ca:b3:7a:10:05:c1:05:
98:90:ec:bb:86:8b:05:69:72:46:ea:62:0b:1e:e2:68:d8:65:
7a:ae:2d:97:4c:e2:ec:6e:b3:83:30:3e:26:0f:31:2a:04:12:
95:bd:f8:2e:a1:0e:65:cc:53:37:d2:cf:51:cd:f8:fe:da:56:
21:df:1d:90:db:94:0d:65:3c:56:c1:69:c7:32:cd:0c:89:32:
51:fa:4f:78:17:cb:2d:a2:71:59:ac:a1:f9:d8:72:c1:34:8e:
65:23:f9:12:dc:c0:db:63:6e:8d:3d:dd:ab:c0:aa:5e:4c:8e:
7d:fd:0a:2d:6b:3e:32:64:9a:25:db:0b:c3:66:c9:e9:e7:96:
54:cb:5e:e1:02:4e:08:31:e6:53:8e:6d:d0:df:2e:2e:96:26:
24:98:82:02
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQma5IoQ/iaWTy6qNAuHVOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjUwMTAyMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTgwZTgwNzdjN2FkMDI2NzQ0MjUzNDYxMTI2ZjAwMjU1OWRlMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOiN/gGhmTzqEmdYXJsfdRg/X5+D
hqjjnfQU8f5ffgUgZCYttjcIiaFzE4j7P+aIn2ZIam0wQ4L34NfaYt0OAVZBWot4
EUydUtYP9UUt7lFj3j/Gi/aqqZjwXZp3WShJHCYL5PjvFl0p/mHO3n6P1T6YtJBr
J1SJZD+JefKH+CeeehfzPVZeDJqgGi2ikSdCvBcG0X5mnwU9bAzSMzKPRZz2r12w
J//S6i5YM2oVeXqKxBojgm4lpK2575kRkjJS1Rm1Njbv9jEwIKR99PXvgEa5Ufjf
619u/ud3bQx1S3pfyeWheAcLZ9FyTbN15adHzVjOWXt4nQhWfAb7uaOJQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFGA6Ad8etAmdEJTRhEm8AJVneNvMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1VZRG9CM3g2MENaMFFsTkdFU2J3QWxXZDQyOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHUdyow
DQYJKoZIhvcNAQELBQADggEBAF1MuU1tQNY2jsARasdSVluer0hy61sNrPQ4ii8i
/kgoaQMnWRxyVcr96+twfHHnkFRe6IJSSBW2WWZGuqiaRG4N5iS6/CrgJp5KpOzd
He7yzHfaVmP31HpUEXElDqNnpehKqJ2YyrN6EAXBBZiQ7LuGiwVpckbqYgse4mjY
ZXquLZdM4uxus4MwPiYPMSoEEpW9+C6hDmXMUzfSz1HN+P7aViHfHZDblA1lPFbB
accyzQyJMlH6T3gXyy2icVmsofnYcsE0jmUj+RLcwNtjbo093avAql5Mjn39Ci1r
PjJkmiXbC8NmyennllTLXuECTggx5lOObdDfLi6WJiSYggI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:56:34 2025 by rpki-client