Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/iWu72NaaTSDAiJGqIVfKYfSk9Cg.roa
File: iWu72NaaTSDAiJGqIVfKYfSk9Cg.roa (raw, json)
Hash identifier: BiHkYnw80HRUON814fdKI0ZwVn2DSPqeEkVU4t9Jnsk=
Subject key identifier: 89:6B:BB:D8:D6:9A:4D:20:C0:88:91:AA:21:57:CA:61:F4:A4:F4:28
Certificate issuer: /CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Certificate serial: 0194236A24A124BD824A6CE0003B3B197198
Authority key identifier: 52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/iWu72NaaTSDAiJGqIVfKYfSk9Cg.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209378
IP address blocks: 85.208.0.0/22 maxlen: 22
2a09:7f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:24:a1:24:bd:82:4a:6c:e0:00:3b:3b:19:71:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=896bbbd8d69a4d20c08891aa2157ca61f4a4f428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:df:cd:24:44:64:5b:63:32:bb:6b:b9:55:
da:d7:ee:1b:0f:c4:f9:19:74:49:3d:4b:ca:0f:c0:
65:5d:f7:a4:ff:54:2d:8f:9a:4b:34:12:23:83:12:
9c:75:10:b8:46:97:fe:fa:bb:f7:b4:8e:55:08:fc:
12:b9:c9:5d:b0:1a:58:0d:31:34:11:bb:a3:0d:c1:
af:08:03:70:07:1f:12:e9:77:9d:b1:b3:6d:00:0b:
ea:8a:35:15:d3:ac:b6:26:0a:02:62:08:90:e6:51:
bb:c3:f9:cb:46:d2:f4:d1:9c:69:09:32:03:12:ea:
34:3b:5a:9b:ca:d3:a4:b3:e5:c7:bc:77:c4:54:17:
8b:ab:42:db:ff:74:0b:c7:ca:be:7b:9a:30:45:e5:
5c:e9:20:a2:0b:06:0c:4e:6e:78:b5:f7:a6:71:4b:
7f:c4:e4:d7:81:7b:04:86:03:d4:79:47:c3:e4:99:
1e:f5:f8:1f:9f:77:69:b5:75:3c:2f:82:4e:5f:d0:
a6:c2:84:78:c9:0e:92:cb:3a:4b:97:81:bd:96:24:
a0:f7:7e:ab:50:33:ec:27:d5:db:53:61:48:b2:67:
ec:ae:95:04:f4:ff:99:ac:61:37:29:9e:4a:7d:a8:
d2:8e:b8:25:39:96:13:9d:82:1b:35:5d:f8:8e:21:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6B:BB:D8:D6:9A:4D:20:C0:88:91:AA:21:57:CA:61:F4:A4:F4:28
X509v3 Authority Key Identifier:
keyid:52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/iWu72NaaTSDAiJGqIVfKYfSk9Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.0.0/22
IPv6:
2a09:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
04:eb:ab:b8:49:b2:ed:5a:1a:45:88:a8:9b:8d:1a:24:4f:dc:
3e:43:2e:a8:7e:7b:08:d6:32:e5:f7:d8:b7:bb:30:5e:98:7e:
60:8c:09:c3:70:d3:83:2b:01:a4:05:bd:95:7f:28:88:4e:b7:
98:45:69:ee:33:4b:47:8a:0e:b5:31:1d:de:d3:b3:bf:7e:91:
97:43:db:e3:37:b1:6b:c0:67:f2:e5:45:bd:5a:87:08:eb:f6:
c4:16:b0:61:0c:e9:03:02:18:53:8f:9c:36:05:b0:22:19:72:
7b:63:d1:05:0d:1d:72:d0:df:d1:22:8d:da:dd:5b:32:65:45:
7f:dc:76:8d:ae:4b:c3:8c:00:d8:6d:b1:5a:5f:4f:74:50:f6:
5d:9f:42:b7:08:e7:4f:2f:e9:93:6b:55:6d:14:ee:da:15:83:
dc:47:be:11:63:17:90:8e:0c:9b:38:01:6f:89:8e:a8:b5:99:
01:51:98:69:11:7e:ff:e7:db:bc:4c:ab:67:69:35:e0:e1:b8:
b3:42:3d:e9:fd:96:d9:77:46:c2:af:5a:a5:ad:10:bf:d8:d2:
99:59:7d:16:99:93:b6:77:3c:b8:29:ab:f0:39:a6:9f:05:33:
3f:11:3b:52:70:9e:e0:02:73:4f:85:d6:ae:bd:97:5b:52:87:
58:3b:ae:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaiShJL2CSmzgADs7GXGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYzQ4ZTFiYjY3MmNkYTY4NDY0MDBlOGJmOGQ2ZDY5Njgz
NWQ3YmYwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZiYmJkOGQ2OWE0ZDIwYzA4ODkxYWEyMTU3Y2E2MWY0YTRmNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXzfzSREZFtjMrtruVXa1+4bD8T5
GXRJPUvKD8BlXfek/1Qtj5pLNBIjgxKcdRC4Rpf++rv3tI5VCPwSucldsBpYDTE0
EbujDcGvCANwBx8S6XedsbNtAAvqijUV06y2JgoCYgiQ5lG7w/nLRtL00ZxpCTID
Euo0O1qbytOks+XHvHfEVBeLq0Lb/3QLx8q+e5owReVc6SCiCwYMTm54tfemcUt/
xOTXgXsEhgPUeUfD5Jke9fgfn3dptXU8L4JOX9CmwoR4yQ6SyzpLl4G9liSg936r
UDPsJ9XbU2FIsmfsrpUE9P+ZrGE3KZ5KfajSjrglOZYTnYIbNV34jiFFJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIlru9jWmk0gwIiRqiFXymH0pPQoMB8GA1UdIwQY
MBaAFFLEjhu2cs2mhGQA6L+NbWloNde/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzkt
MThlY2UzNjgyNjZmLzEvaVd1NzJOYWFUU0RBaUpHcUlWZktZZlNrOUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzktMThlY2UzNjgyNjZm
LzEvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAAMA0E
AgACMAcDBQMqCX9AMA0GCSqGSIb3DQEBCwUAA4IBAQAE66u4SbLtWhpFiKibjRok
T9w+Qy6ofnsI1jLl99i3uzBemH5gjAnDcNODKwGkBb2VfyiITreYRWnuM0tHig61
MR3e07O/fpGXQ9vjN7FrwGfy5UW9WocI6/bEFrBhDOkDAhhTj5w2BbAiGXJ7Y9EF
DR1y0N/RIo3a3VsyZUV/3HaNrkvDjADYbbFaX090UPZdn0K3COdPL+mTa1VtFO7a
FYPcR74RYxeQjgybOAFviY6otZkBUZhpEX7/59u8TKtnaTXg4bizQj3p/ZbZd0bC
r1qlrRC/2NKZWX0WmZO2dzy4KavwOaafBTM/ETtScJ7gAnNPhdauvZdbUodYO66N
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:59 2025 by rpki-client