Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/UuAIaR0v0SUcpnHbi81lgTGwt68.roa
File: UuAIaR0v0SUcpnHbi81lgTGwt68.roa (raw, json)
Hash identifier: S7roZyfDvSD0rs1D/ICIUXI/40e6tijQPmSOTtOsoBs=
Subject key identifier: 52:E0:08:69:1D:2F:D1:25:1C:A6:71:DB:8B:CD:65:81:31:B0:B7:AF
Certificate issuer: /CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Certificate serial: 019425FC64201F8C3456563B634735D2ABD6
Authority key identifier: 85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/UuAIaR0v0SUcpnHbi81lgTGwt68.roa
Signing time: Thu 02 Jan 2025 07:48:05 +0000
ROA not before: Thu 02 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 46.22.208.0/20 maxlen: 24
80.79.112.0/20 maxlen: 24
185.246.184.0/22 maxlen: 24
2a01:97a0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:64:20:1f:8c:34:56:56:3b:63:47:35:d2:ab:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Validity
Not Before: Jan 2 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52e008691d2fd1251ca671db8bcd658131b0b7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ff:4b:fc:ad:5d:9c:8b:1f:d7:0b:71:1c:4b:
cc:3e:99:81:b4:11:26:07:56:5c:45:cb:a4:b8:3a:
1d:3f:1d:5d:ad:c3:a0:95:d6:f2:9f:ae:4c:8f:0a:
96:1c:29:4a:56:27:cd:e3:d8:29:73:74:6d:ba:16:
88:c6:1a:74:02:d2:d1:68:5f:6d:38:77:66:ed:d1:
89:5c:50:f5:8d:99:73:16:54:d3:30:36:db:ce:97:
22:b4:fb:86:2e:16:78:9b:b5:c5:7e:5c:27:96:c1:
24:cf:64:10:e8:85:5d:fa:aa:7d:23:ed:62:22:cc:
6e:4b:5e:ec:97:ba:56:1e:15:05:b2:4d:7c:2a:9d:
61:be:80:ef:65:02:dd:80:4a:fe:61:7f:ee:53:61:
1d:41:e1:47:09:e9:74:de:80:50:af:1b:7c:d8:04:
25:36:e4:9c:1f:6e:c2:3f:03:eb:4b:5e:75:08:ba:
8c:79:e6:ba:dd:20:87:75:66:93:71:2c:68:9e:80:
4f:ed:d0:e6:f1:53:5b:81:5d:32:7e:61:53:be:12:
53:c9:e4:ed:3f:57:e3:f5:d7:db:f7:1c:0c:25:03:
47:69:5c:42:b4:29:bb:bb:76:4f:6f:db:12:65:29:
6a:cd:39:ec:d0:77:3f:35:66:e4:4d:86:d3:31:2c:
c6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E0:08:69:1D:2F:D1:25:1C:A6:71:DB:8B:CD:65:81:31:B0:B7:AF
X509v3 Authority Key Identifier:
keyid:85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/UuAIaR0v0SUcpnHbi81lgTGwt68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.208.0/20
80.79.112.0/20
185.246.184.0/22
IPv6:
2a01:97a0::/32
Signature Algorithm: sha256WithRSAEncryption
37:47:81:a8:25:da:60:2e:9a:ff:c5:9f:1c:93:d5:5e:ab:80:
74:0c:99:85:1d:71:d7:d2:4b:1f:e2:c3:83:d2:e9:2c:c6:40:
cd:87:9f:a7:f7:7a:27:da:c0:20:84:97:45:85:55:ac:31:59:
80:f8:6f:50:0d:d6:42:7f:6e:15:e9:55:1c:2d:9b:9f:a4:d8:
e0:99:91:1d:8b:90:ef:40:02:1e:c8:82:8c:aa:17:38:a5:e7:
a7:d5:a4:9c:32:e1:2b:cd:bd:21:5b:7c:9e:c7:b8:53:c3:bd:
95:24:05:07:63:e0:ce:e0:ed:3b:2a:8b:aa:d6:a5:33:9a:25:
1b:6d:7e:23:1d:21:83:e6:e8:7f:d6:09:20:36:cb:ff:c7:83:
0a:4d:ec:6a:21:dc:22:7e:04:f6:6a:60:f1:d4:96:fd:5e:94:
3a:2e:89:99:27:80:16:32:63:ef:d6:30:9d:09:37:a3:18:2d:
cd:19:72:28:05:56:8e:d0:65:b7:6b:16:49:fa:94:89:bc:68:
a0:6d:12:5a:49:bc:6d:01:f6:33:4a:dd:d0:d1:54:5b:6a:0e:
cf:09:4c:5d:09:67:67:98:7c:7d:da:c0:fc:18:64:2d:e2:5a:
b7:cb:52:f6:96:d9:ce:d2:79:3f:d4:ae:5a:f3:f3:fd:31:36:
93:39:0c:93
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/GQgH4w0VlY7Y0c10qvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzcwY2M1ZDI2MGYzZTJhZWZmNWRkOGY4ZjRhNDE1YTIz
NDVhODEwHhcNMjUwMTAyMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmUwMDg2OTFkMmZkMTI1MWNhNjcxZGI4YmNkNjU4MTMxYjBiN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5f9L/K1dnIsf1wtxHEvMPpmBtBEm
B1ZcRcukuDodPx1drcOgldbyn65MjwqWHClKVifN49gpc3RtuhaIxhp0AtLRaF9t
OHdm7dGJXFD1jZlzFlTTMDbbzpcitPuGLhZ4m7XFflwnlsEkz2QQ6IVd+qp9I+1i
IsxuS17sl7pWHhUFsk18Kp1hvoDvZQLdgEr+YX/uU2EdQeFHCel03oBQrxt82AQl
NuScH27CPwPrS151CLqMeea63SCHdWaTcSxonoBP7dDm8VNbgV0yfmFTvhJTyeTt
P1fj9dfb9xwMJQNHaVxCtCm7u3ZPb9sSZSlqzTns0Hc/NWbkTYbTMSzGcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFLgCGkdL9ElHKZx24vNZYExsLevMB8GA1UdIwQY
MBaAFIU3DMXSYPPirv9d2Pj0pBWiNFqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEt
YWU2MGJlYTA2YTljLzEvVXVBSWFSMHYwU1VjcG5IYmk4MWxnVEd3dDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEtYWU2MGJlYTA2YTlj
LzEvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhbQAwQE
UE9wAwQCufa4MA0EAgACMAcDBQAqAZegMA0GCSqGSIb3DQEBCwUAA4IBAQA3R4Go
JdpgLpr/xZ8ck9Veq4B0DJmFHXHX0ksf4sOD0uksxkDNh5+n93on2sAghJdFhVWs
MVmA+G9QDdZCf24V6VUcLZufpNjgmZEdi5DvQAIeyIKMqhc4peen1aScMuErzb0h
W3yex7hTw72VJAUHY+DO4O07Kouq1qUzmiUbbX4jHSGD5uh/1gkgNsv/x4MKTexq
IdwifgT2amDx1Jb9XpQ6LomZJ4AWMmPv1jCdCTejGC3NGXIoBVaO0GW3axZJ+pSJ
vGigbRJaSbxtAfYzSt3Q0VRbag7PCUxdCWdnmHx92sD8GGQt4lq3y1L2ltnO0nk/
1K5a8/P9MTaTOQyT
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:01:45 2025 by rpki-client