Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/uYWwRm4H6YcSfThBlj9ZG4s8g-o.roa
File: uYWwRm4H6YcSfThBlj9ZG4s8g-o.roa (raw, json)
Hash identifier: k7HHEyNrsyk4kGL9qKSfgAwu15JappUHRUGh3h3zAJw=
Subject key identifier: B9:85:B0:46:6E:07:E9:87:12:7D:38:41:96:3F:59:1B:8B:3C:83:EA
Certificate issuer: /CN=93077a997c95bd01a64d408afcf554d88b4db5e5
Certificate serial: 01942143E2C7352C0B08C9A5A33EBDD4917F
Authority key identifier: 93:07:7A:99:7C:95:BD:01:A6:4D:40:8A:FC:F5:54:D8:8B:4D:B5:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwd6mXyVvQGmTUCK_PVU2ItNteU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/uYWwRm4H6YcSfThBlj9ZG4s8g-o.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 193.161.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/kwd6mXyVvQGmTUCK_PVU2ItNteU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/kwd6mXyVvQGmTUCK_PVU2ItNteU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kwd6mXyVvQGmTUCK_PVU2ItNteU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e2:c7:35:2c:0b:08:c9:a5:a3:3e:bd:d4:91:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93077a997c95bd01a64d408afcf554d88b4db5e5
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b985b0466e07e987127d3841963f591b8b3c83ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cf:57:59:fc:3e:c6:c3:32:e4:b5:87:6c:e9:
b4:60:5b:ee:1b:49:c2:19:57:e5:49:c9:c3:c0:f4:
64:d6:35:ab:b2:07:bc:c1:a8:15:43:9d:83:39:20:
8f:e5:a7:a4:be:84:2d:85:82:90:08:a4:d9:ca:36:
57:de:01:23:05:16:24:f2:f3:7d:b7:43:9e:a7:66:
aa:e9:ad:89:8c:d4:17:b8:42:6f:3c:bf:c1:92:a4:
92:e6:6d:2f:a1:66:4f:13:fd:26:bc:5f:0c:1f:84:
d7:67:9f:15:27:39:46:1b:c1:86:da:90:f8:da:91:
ef:61:62:49:f1:d9:15:36:a8:8f:ab:d8:ba:e6:53:
eb:c7:73:b3:bb:19:6e:c5:ac:aa:42:db:d4:ec:90:
a1:b3:cc:a5:71:01:e1:de:53:2a:9a:74:b1:4d:54:
8b:93:e3:68:85:9d:9e:33:94:fa:77:fe:24:81:19:
c4:00:11:92:87:1f:6c:96:13:ca:93:68:d2:b1:ab:
fa:c3:46:48:7e:0c:ed:2f:2c:57:cf:a4:e2:9a:de:
9d:aa:a5:d2:f0:90:9c:28:ce:64:db:e3:7d:67:cc:
6c:c9:2b:55:18:e7:dd:2f:07:ee:4f:1f:07:a2:cf:
d4:d9:7c:28:9c:73:e3:2f:91:05:ca:81:ca:b9:0b:
18:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:85:B0:46:6E:07:E9:87:12:7D:38:41:96:3F:59:1B:8B:3C:83:EA
X509v3 Authority Key Identifier:
keyid:93:07:7A:99:7C:95:BD:01:A6:4D:40:8A:FC:F5:54:D8:8B:4D:B5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwd6mXyVvQGmTUCK_PVU2ItNteU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/uYWwRm4H6YcSfThBlj9ZG4s8g-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/1bac01-212c-4f4c-8d3a-65257b1fec6d/1/kwd6mXyVvQGmTUCK_PVU2ItNteU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.202.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a8:8a:87:0e:7f:fe:28:85:e9:90:c3:98:8b:d3:66:ed:42:
78:46:21:4e:c5:f6:ae:df:ae:8e:17:f9:27:63:5e:fd:81:77:
e3:90:bf:8b:72:d3:bb:96:a5:8f:ad:3f:f6:5f:82:77:12:18:
b2:b8:aa:bd:7c:7b:0c:95:5c:3d:3c:75:45:74:7f:3c:ba:05:
61:b4:d3:03:d0:08:55:14:c7:64:79:9a:43:6a:9a:f1:c1:b1:
9e:9d:27:0f:6c:73:90:ea:13:01:d2:fd:5c:e6:92:ee:4d:c8:
22:6d:c8:2e:fe:0a:94:37:20:09:8e:f9:32:95:6c:07:c3:94:
01:75:a2:43:3a:9e:30:05:55:20:a4:89:b0:c1:9a:69:5f:6c:
17:50:e5:5c:05:4d:f5:d1:bd:30:d5:31:d0:11:10:99:47:84:
f5:0b:7b:dd:af:9c:95:88:95:59:4c:15:6e:1d:61:e6:0b:ea:
13:62:ae:8e:e1:97:13:f3:dd:df:f4:de:90:bf:36:0c:b1:f6:
53:b6:9e:2c:f2:0b:6d:16:e3:0d:59:72:ca:02:27:f2:83:b0:
0d:fb:01:02:eb:94:f6:d4:0f:57:d4:35:08:02:58:db:48:e4:
81:75:de:65:95:fb:27:5c:56:b4:57:85:77:d7:2d:bf:16:d5:
68:c4:52:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+LHNSwLCMmloz691JF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDc3YTk5N2M5NWJkMDFhNjRkNDA4YWZjZjU1NGQ4OGI0
ZGI1ZTUwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg1YjA0NjZlMDdlOTg3MTI3ZDM4NDE5NjNmNTkxYjhiM2M4M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM9XWfw+xsMy5LWHbOm0YFvuG0nC
GVflScnDwPRk1jWrsge8wagVQ52DOSCP5aekvoQthYKQCKTZyjZX3gEjBRYk8vN9
t0Oep2aq6a2JjNQXuEJvPL/BkqSS5m0voWZPE/0mvF8MH4TXZ58VJzlGG8GG2pD4
2pHvYWJJ8dkVNqiPq9i65lPrx3OzuxluxayqQtvU7JChs8ylcQHh3lMqmnSxTVSL
k+NohZ2eM5T6d/4kgRnEABGShx9slhPKk2jSsav6w0ZIfgztLyxXz6Timt6dqqXS
8JCcKM5k2+N9Z8xsyStVGOfdLwfuTx8Hos/U2XwonHPjL5EFyoHKuQsY+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmFsEZuB+mHEn04QZY/WRuLPIPqMB8GA1UdIwQY
MBaAFJMHepl8lb0Bpk1Aivz1VNiLTbXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dkNm1YeVZ2UUdtVFVDS19QVlUySXROdGVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8xYmFjMDEtMjEyYy00ZjRjLThkM2Et
NjUyNTdiMWZlYzZkLzEvdVlXd1JtNEg2WWNTZlRoQmxqOVpHNHM4Zy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8xYmFjMDEtMjEyYy00ZjRjLThkM2EtNjUyNTdiMWZlYzZk
LzEva3dkNm1YeVZ2UUdtVFVDS19QVlUySXROdGVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaHKMA0G
CSqGSIb3DQEBCwUAA4IBAQBKqIqHDn/+KIXpkMOYi9Nm7UJ4RiFOxfau366OF/kn
Y179gXfjkL+LctO7lqWPrT/2X4J3EhiyuKq9fHsMlVw9PHVFdH88ugVhtNMD0AhV
FMdkeZpDaprxwbGenScPbHOQ6hMB0v1c5pLuTcgibcgu/gqUNyAJjvkylWwHw5QB
daJDOp4wBVUgpImwwZppX2wXUOVcBU310b0w1THQERCZR4T1C3vdr5yViJVZTBVu
HWHmC+oTYq6O4ZcT893f9N6QvzYMsfZTtp4s8gttFuMNWXLKAifyg7AN+wEC65T2
1A9X1DUIAljbSOSBdd5llfsnXFa0V4V31y2/FtVoxFK8
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:26 2025 by rpki-client