Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/SccPUBWuljMHYcMk3K5QOdOVb6g.roa
File: SccPUBWuljMHYcMk3K5QOdOVb6g.roa (raw, json)
Hash identifier: uBtJ4Y5vGvXPCHheXT9gg13uzVBy/aYh9vF63HwlhDk=
Subject key identifier: 49:C7:0F:50:15:AE:96:33:07:61:C3:24:DC:AE:50:39:D3:95:6F:A8
Certificate issuer: /CN=2a12efaee997e9a763b460ab592ddda67a0deb70
Certificate serial: 0194A71B868BB5F26488B8066DF1DAC1BB91
Authority key identifier: 2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/SccPUBWuljMHYcMk3K5QOdOVb6g.roa
Signing time: Mon 27 Jan 2025 09:33:06 +0000
ROA not before: Mon 27 Jan 2025 09:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24822
IP address blocks: 85.90.160.0/19 maxlen: 19
91.137.128.0/17 maxlen: 17
212.162.140.0/22 maxlen: 22
2a09:9400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:1b:86:8b:b5:f2:64:88:b8:06:6d:f1:da:c1:bb:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a12efaee997e9a763b460ab592ddda67a0deb70
Validity
Not Before: Jan 27 09:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49c70f5015ae96330761c324dcae5039d3956fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dc:fc:7d:59:fc:0d:d2:e9:9b:eb:b1:3f:3c:
9a:54:4b:d2:90:7c:0d:bd:b0:b8:27:58:fe:ad:43:
e8:c6:aa:4b:ae:3f:fa:b5:ba:a6:f5:db:70:78:f4:
70:9f:0e:83:1d:f7:1c:0c:61:38:c7:b3:2a:b3:a7:
7f:b9:04:04:27:64:8d:d9:65:7b:a6:9f:73:ca:01:
2b:0d:fb:39:c5:7e:94:5e:41:6b:c8:02:30:6d:06:
19:a5:b7:69:c5:86:6e:6b:69:8d:d4:04:34:08:00:
fb:91:2f:9c:bb:47:b3:0b:e4:9a:24:79:2e:64:bf:
4f:29:52:8b:a5:b1:2b:b1:10:e3:4c:94:6e:b2:7b:
c0:5b:8a:a9:57:f9:da:26:ac:9d:6b:00:c9:22:91:
d4:bb:8f:6c:c7:9f:77:b9:81:cc:3d:8b:4c:ba:98:
16:71:68:68:d7:2d:7b:a2:85:35:9f:c8:29:d4:04:
08:46:38:d6:19:a6:a3:ec:ea:59:a0:f9:2a:a5:dc:
20:9b:99:48:e9:13:8d:3a:5c:73:ed:42:d6:33:b3:
87:e3:3c:44:d6:af:c3:6d:3b:cb:64:4e:90:be:ac:
81:b1:17:30:de:b0:42:e5:01:2f:2a:c7:0d:19:61:
d5:78:c9:ec:da:24:3d:a9:db:83:f1:57:4d:76:92:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C7:0F:50:15:AE:96:33:07:61:C3:24:DC:AE:50:39:D3:95:6F:A8
X509v3 Authority Key Identifier:
keyid:2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/SccPUBWuljMHYcMk3K5QOdOVb6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.90.160.0/19
91.137.128.0/17
212.162.140.0/22
IPv6:
2a09:9400::/29
Signature Algorithm: sha256WithRSAEncryption
2a:7a:0c:cb:c8:c7:32:31:48:f1:1f:a7:e2:c8:7f:87:ee:54:
65:df:b1:1e:24:8c:a1:ef:d8:3c:1b:a5:fa:0d:c1:96:cc:a6:
75:4a:b0:40:8a:91:31:d7:e4:5a:bd:f7:84:35:83:41:d6:24:
6d:1e:36:86:da:f2:44:14:88:f6:54:71:a4:34:5f:e9:ec:8e:
47:43:08:9a:b9:cc:3e:6b:3c:db:18:9b:6c:c6:13:07:96:98:
e7:a5:62:94:26:4a:4e:74:bf:0e:d2:0a:f7:20:00:5f:bd:30:
99:05:c7:02:3f:75:c3:e6:fc:ae:17:17:ea:26:9b:b2:c3:41:
8b:99:f7:6e:cd:e3:f1:ec:a0:86:09:99:81:de:d7:42:a4:b0:
34:8d:a0:b8:12:db:cf:85:7d:c9:28:db:9d:10:c9:b4:2d:a5:
ac:5d:46:73:18:fe:a6:57:40:57:ca:a4:ef:e8:19:db:bf:9b:
6d:74:fd:43:ee:ad:cd:97:af:5f:db:9d:a2:8d:2f:08:df:3e:
5b:f4:b8:65:bc:25:5d:a4:05:c6:8b:3a:10:21:fc:36:67:27:
58:4e:e6:d9:20:7c:e8:9f:80:c7:e4:16:0f:11:75:1d:8b:e9:
66:11:9b:ca:71:b4:0b:72:3e:0a:09:4d:2b:43:4d:8b:39:cf:
13:28:f3:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSnG4aLtfJkiLgGbfHawbuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTJlZmFlZTk5N2U5YTc2M2I0NjBhYjU5MmRkZGE2N2Ew
ZGViNzAwHhcNMjUwMTI3MDkzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWM3MGY1MDE1YWU5NjMzMDc2MWMzMjRkY2FlNTAzOWQzOTU2ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dz8fVn8DdLpm+uxPzyaVEvSkHwN
vbC4J1j+rUPoxqpLrj/6tbqm9dtwePRwnw6DHfccDGE4x7Mqs6d/uQQEJ2SN2WV7
pp9zygErDfs5xX6UXkFryAIwbQYZpbdpxYZua2mN1AQ0CAD7kS+cu0ezC+SaJHku
ZL9PKVKLpbErsRDjTJRusnvAW4qpV/naJqydawDJIpHUu49sx593uYHMPYtMupgW
cWho1y17ooU1n8gp1AQIRjjWGaaj7OpZoPkqpdwgm5lI6RONOlxz7ULWM7OH4zxE
1q/DbTvLZE6QvqyBsRcw3rBC5QEvKscNGWHVeMns2iQ9qduD8VdNdpJCDwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEnHD1AVrpYzB2HDJNyuUDnTlW+oMB8GA1UdIwQY
MBaAFCoS767pl+mnY7Rgq1kt3aZ6DetwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQt
MDllZDc4MDBmZGZiLzEvU2NjUFVCV3Vsak1IWWNNazNLNVFPZE9WYjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQtMDllZDc4MDBmZGZi
LzEvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVVqgAwQH
W4mAAwQC1KKMMA0EAgACMAcDBQMqCZQAMA0GCSqGSIb3DQEBCwUAA4IBAQAqegzL
yMcyMUjxH6fiyH+H7lRl37EeJIyh79g8G6X6DcGWzKZ1SrBAipEx1+RavfeENYNB
1iRtHjaG2vJEFIj2VHGkNF/p7I5HQwiaucw+azzbGJtsxhMHlpjnpWKUJkpOdL8O
0gr3IABfvTCZBccCP3XD5vyuFxfqJpuyw0GLmfduzePx7KCGCZmB3tdCpLA0jaC4
EtvPhX3JKNudEMm0LaWsXUZzGP6mV0BXyqTv6Bnbv5ttdP1D7q3Nl69f252ijS8I
3z5b9LhlvCVdpAXGizoQIfw2ZydYTubZIHzon4DH5BYPEXUdi+lmEZvKcbQLcj4K
CU0rQ02LOc8TKPMc
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:48 2025 by rpki-client