Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4MyHMDvBhvUHmKp24W1JiBcSOk.roa
File: u4MyHMDvBhvUHmKp24W1JiBcSOk.roa (raw, json)
Hash identifier: gS13vq8d2AcWy28SzGW89UMeifhY7qzN3tHv7fZRCsY=
Subject key identifier: BB:83:32:1C:C0:EF:06:1B:D4:1E:62:A9:DB:85:B5:26:20:5C:48:E9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019542AEBEFD8170479E74BB51A500D77FC1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4MyHMDvBhvUHmKp24W1JiBcSOk.roa
Signing time: Wed 26 Feb 2025 14:35:03 +0000
ROA not before: Wed 26 Feb 2025 14:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25548
IP address blocks: 31.148.202.0/23 maxlen: 24
93.170.36.0/22 maxlen: 24
95.47.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:ae:be:fd:81:70:47:9e:74:bb:51:a5:00:d7:7f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 26 14:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb83321cc0ef061bd41e62a9db85b526205c48e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ed:4a:cf:fa:90:80:d9:45:f4:d5:5a:8d:19:
b0:c6:bf:f1:bd:05:b4:12:bc:f3:1e:df:78:bb:b8:
6f:8c:5c:fb:4f:6d:0d:00:69:af:f2:75:22:f0:4b:
46:eb:66:3d:24:6f:b5:40:23:1f:97:3f:ae:c0:c3:
fc:b3:82:5b:fe:ee:8e:8f:72:87:3e:f5:83:21:5e:
b0:cc:69:79:80:25:70:36:07:54:d3:c1:23:bb:98:
27:c0:f3:6b:51:c8:8b:30:16:a3:97:ad:99:3d:36:
b0:7b:c6:31:eb:25:25:0a:a1:aa:d6:89:2e:89:21:
40:b9:52:a3:e0:76:34:15:50:5d:70:64:7a:bd:7e:
75:3c:36:f5:02:74:49:bd:34:78:5f:7a:e7:b0:12:
83:ea:1e:62:e9:0d:5a:7b:21:7d:07:15:fb:1d:4f:
cf:0d:a9:e0:d0:b8:cd:6d:dc:3d:7b:32:f5:d2:dc:
a9:d7:23:22:20:ad:98:28:c8:d2:cf:c7:d2:f1:5a:
79:f2:8f:45:f4:2d:9e:ac:cb:a0:6e:a4:8f:46:94:
6a:8a:d1:76:2e:fc:5c:9e:a4:73:f6:db:01:fb:d1:
55:09:8d:bc:1c:fd:7c:9f:e3:ae:10:af:31:d4:8b:
20:3d:ac:28:c4:29:30:4f:cb:08:3f:1b:d8:fc:aa:
d4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:83:32:1C:C0:EF:06:1B:D4:1E:62:A9:DB:85:B5:26:20:5C:48:E9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/u4MyHMDvBhvUHmKp24W1JiBcSOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.202.0/23
93.170.36.0/22
95.47.186.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:15:0b:9f:39:f9:9f:b4:2b:40:e9:0d:0b:f2:b4:e0:39:12:
00:08:16:a7:9d:22:79:43:98:7c:67:3e:e9:36:77:84:c3:fe:
51:2b:17:7a:11:8c:41:16:85:8f:10:b4:06:fa:a5:47:f8:f8:
95:7c:6f:5d:ce:53:88:89:3f:00:05:1e:95:1f:ea:ba:a1:e1:
5a:1a:66:0e:ce:b3:8e:e5:ea:48:d1:e6:93:d8:32:e7:1b:d2:
c7:62:ed:6e:08:2c:53:6d:cc:11:39:9f:12:75:8a:a3:81:d1:
66:9b:1d:97:f7:d9:ad:24:a0:c5:e0:db:a0:8a:02:df:15:a5:
21:91:2f:ca:a0:cc:17:f8:3a:53:1d:74:4e:0a:fe:b6:2e:22:
d8:94:3a:22:dc:50:b7:1f:58:22:f6:e0:7a:cc:3b:53:c3:51:
f0:fc:78:4f:bf:99:68:8f:ab:7b:58:c2:e2:db:c9:4c:47:a0:
ce:7c:10:ea:4f:dd:d5:6f:1a:4d:a7:0e:6c:1e:53:4d:00:48:
3d:b9:7a:6f:46:6a:b3:dc:50:6e:7f:2e:e3:21:83:90:24:38:
68:ae:70:79:bc:80:58:a8:d2:52:48:22:4f:d7:4c:a7:f8:79:
72:d4:c8:5d:41:2b:a6:81:29:71:c8:f6:0a:5d:18:4a:4a:d0:
c3:c1:84:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVCrr79gXBHnnS7UaUA13/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjI2MTQzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjgzMzIxY2MwZWYwNjFiZDQxZTYyYTlkYjg1YjUyNjIwNWM0OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO1Kz/qQgNlF9NVajRmwxr/xvQW0
ErzzHt94u7hvjFz7T20NAGmv8nUi8EtG62Y9JG+1QCMflz+uwMP8s4Jb/u6Oj3KH
PvWDIV6wzGl5gCVwNgdU08Eju5gnwPNrUciLMBajl62ZPTawe8Yx6yUlCqGq1oku
iSFAuVKj4HY0FVBdcGR6vX51PDb1AnRJvTR4X3rnsBKD6h5i6Q1aeyF9BxX7HU/P
Dang0LjNbdw9ezL10typ1yMiIK2YKMjSz8fS8Vp58o9F9C2erMugbqSPRpRqitF2
LvxcnqRz9tsB+9FVCY28HP18n+OuEK8x1IsgPawoxCkwT8sIPxvY/KrUgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuDMhzA7wYb1B5iqduFtSYgXEjpMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdTRNeUhNRHZCaHZVSG1LcDI0VzFKaUJjU09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH5TKAwQC
XaokAwQBXy+6MA0GCSqGSIb3DQEBCwUAA4IBAQAKFQufOfmftCtA6Q0L8rTgORIA
CBannSJ5Q5h8Zz7pNneEw/5RKxd6EYxBFoWPELQG+qVH+PiVfG9dzlOIiT8ABR6V
H+q6oeFaGmYOzrOO5epI0eaT2DLnG9LHYu1uCCxTbcwROZ8SdYqjgdFmmx2X99mt
JKDF4NugigLfFaUhkS/KoMwX+DpTHXROCv62LiLYlDoi3FC3H1gi9uB6zDtTw1Hw
/HhPv5loj6t7WMLi28lMR6DOfBDqT93VbxpNpw5sHlNNAEg9uXpvRmqz3FBufy7j
IYOQJDhornB5vIBYqNJSSCJP10yn+Hly1MhdQSumgSlxyPYKXRhKStDDwYTm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:50 2025 by rpki-client