Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/uiGdfZv36ngdlEPtH0Dctu5_0kI.roa
File: uiGdfZv36ngdlEPtH0Dctu5_0kI.roa (raw, json)
Hash identifier: kwlBzu/ziaLKG7neS7FV84L3FCZ7YdUCR1fgHvPBMoI=
Subject key identifier: BA:21:9D:7D:9B:F7:EA:78:1D:94:43:ED:1F:40:DC:B6:EE:7F:D2:42
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 019420D5FEECAD0876202613B3AC86E7A91B
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/uiGdfZv36ngdlEPtH0Dctu5_0kI.roa
Signing time: Wed 01 Jan 2025 07:48:02 +0000
ROA not before: Wed 01 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208271
IP address blocks: 147.78.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fe:ec:ad:08:76:20:26:13:b3:ac:86:e7:a9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Jan 1 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba219d7d9bf7ea781d9443ed1f40dcb6ee7fd242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:51:a5:cb:22:25:e1:d1:75:d0:ce:e3:10:70:
15:df:b7:31:82:b7:60:c5:0f:c0:ba:5f:fa:22:65:
97:01:09:d4:22:b8:29:58:71:9a:31:e9:86:f5:b0:
8a:15:1e:38:5e:cf:fd:78:3b:13:73:20:35:f9:b9:
b5:1b:44:51:d0:b0:0c:df:dd:26:d7:1e:e5:0c:83:
48:14:00:c9:2a:2b:a9:de:eb:38:f6:7b:69:58:11:
48:f7:a7:62:1d:e4:a3:f3:29:f9:8b:2d:aa:39:6f:
9e:68:ef:37:af:69:8d:9f:40:19:5e:67:38:ed:ce:
df:1b:cb:68:21:84:b8:f7:63:98:95:56:94:77:8d:
df:a8:4a:4b:00:0a:04:d5:4c:e5:b3:f7:25:ee:4b:
e8:64:16:99:2f:5b:6b:e9:6f:f5:4c:5a:79:66:45:
fe:52:7c:e9:97:76:fa:3a:db:4d:8b:0f:39:27:57:
72:1b:44:39:76:34:ec:ab:c3:be:f3:38:71:c4:34:
7b:28:5c:85:89:8b:39:ba:5b:54:c2:a8:1d:3f:b4:
f2:2d:41:a9:03:03:32:41:75:11:75:07:a1:e8:99:
55:ca:38:22:28:dc:f2:25:c3:e9:75:de:de:fa:e5:
33:d3:70:e0:9b:0e:4f:4a:b6:63:c2:e2:0f:d2:f7:
fd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:21:9D:7D:9B:F7:EA:78:1D:94:43:ED:1F:40:DC:B6:EE:7F:D2:42
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/uiGdfZv36ngdlEPtH0Dctu5_0kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.34.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:05:8f:d3:df:74:35:34:26:59:5c:d4:ca:eb:a8:26:ac:d8:
28:ae:85:97:39:00:69:23:a6:54:7f:55:2c:fd:04:16:6e:5d:
c3:bb:cd:01:89:c3:cd:f5:77:ad:bc:5f:82:9c:b2:60:01:27:
e9:f6:a6:d1:7f:59:58:5b:de:3e:47:19:ca:39:85:e6:01:67:
9a:bd:e0:1d:3a:10:a3:fc:2d:f0:33:fe:e1:23:ea:cd:6c:2f:
e8:14:5b:e5:5e:c2:ca:0c:06:2a:c8:2e:a6:a8:11:02:1c:1c:
44:f8:08:83:f4:ec:26:bd:89:0a:41:81:fa:5e:34:b8:e7:f2:
b2:28:c4:d3:92:29:cb:57:bc:b6:ae:86:a3:fa:2b:55:db:df:
01:c1:25:30:9e:70:17:0f:7b:d2:25:54:e4:27:fa:a7:da:e7:
94:91:78:40:68:14:f6:68:10:88:bc:8c:97:e0:2c:e7:ae:d0:
2b:ea:0a:07:6d:b4:65:fa:fc:85:96:cd:a8:33:33:45:36:d6:
03:da:bf:55:d4:09:18:dd:a8:0b:e1:54:52:2a:e4:33:0a:ed:
71:d9:1b:1a:c9:df:ed:1f:48:e9:b7:63:b0:90:82:bd:d3:e6:
76:cb:c0:ce:b5:fb:58:d4:50:01:34:74:44:f8:df:0b:d8:95:
e7:0f:3b:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1f7srQh2ICYTs6yG56kbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjUwMTAxMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTIxOWQ3ZDliZjdlYTc4MWQ5NDQzZWQxZjQwZGNiNmVlN2ZkMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVGlyyIl4dF10M7jEHAV37cxgrdg
xQ/Aul/6ImWXAQnUIrgpWHGaMemG9bCKFR44Xs/9eDsTcyA1+bm1G0RR0LAM390m
1x7lDINIFADJKiup3us49ntpWBFI96diHeSj8yn5iy2qOW+eaO83r2mNn0AZXmc4
7c7fG8toIYS492OYlVaUd43fqEpLAAoE1Uzls/cl7kvoZBaZL1tr6W/1TFp5ZkX+
Unzpl3b6OttNiw85J1dyG0Q5djTsq8O+8zhxxDR7KFyFiYs5ultUwqgdP7TyLUGp
AwMyQXURdQeh6JlVyjgiKNzyJcPpdd7e+uUz03Dgmw5PSrZjwuIP0vf9ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLohnX2b9+p4HZRD7R9A3Lbuf9JCMB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvdWlHZGZadjM2bmdkbEVQdEgwRGN0dTVfMGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04iMA0G
CSqGSIb3DQEBCwUAA4IBAQDBBY/T33Q1NCZZXNTK66gmrNgoroWXOQBpI6ZUf1Us
/QQWbl3Du80BicPN9XetvF+CnLJgASfp9qbRf1lYW94+RxnKOYXmAWeaveAdOhCj
/C3wM/7hI+rNbC/oFFvlXsLKDAYqyC6mqBECHBxE+AiD9OwmvYkKQYH6XjS45/Ky
KMTTkinLV7y2roaj+itV298BwSUwnnAXD3vSJVTkJ/qn2ueUkXhAaBT2aBCIvIyX
4CznrtAr6goHbbRl+vyFls2oMzNFNtYD2r9V1AkY3agL4VRSKuQzCu1x2Rsayd/t
H0jpt2OwkIK90+Z2y8DOtftY1FABNHRE+N8L2JXnDzsS
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:54:44 2025 by rpki-client