Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/uF2hGrUxc1N8uD_IwqYeb-2HrZY.roa
File: uF2hGrUxc1N8uD_IwqYeb-2HrZY.roa (raw, json)
Hash identifier: fsAzeWi/1hM5dfAYIy0wko4LP6fOSbt07HXXXcBuDzU=
Subject key identifier: B8:5D:A1:1A:B5:31:73:53:7C:B8:3F:C8:C2:A6:1E:6F:ED:87:AD:96
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B2226A0B3072ADDCBDD48BEABA2A54
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/uF2hGrUxc1N8uD_IwqYeb-2HrZY.roa
Signing time: Wed 01 Jan 2025 11:48:29 +0000
ROA not before: Wed 01 Jan 2025 11:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60378
IP address blocks: 81.15.200.0/24 maxlen: 24
82.177.136.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:22:6a:0b:30:72:ad:dc:bd:d4:8b:ea:ba:2a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b85da11ab53173537cb83fc8c2a61e6fed87ad96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:8e:e1:e4:a6:17:40:92:4d:e0:c9:6a:ce:
f3:b0:51:dc:5c:63:87:ce:b8:79:45:09:07:a4:b0:
66:2b:ac:ea:54:1e:2a:89:12:9e:f5:38:ee:cf:52:
8f:df:b4:c9:f8:a4:98:e6:06:b3:eb:1f:03:0d:c9:
19:4d:03:39:67:4c:9b:8c:26:5c:22:de:19:94:1e:
a7:80:65:6d:de:d3:d7:26:9c:9e:23:89:a7:4b:2e:
30:11:25:27:ce:08:80:7d:28:2a:b8:2e:2e:92:dc:
87:02:85:ae:4a:0c:1a:aa:be:4e:a1:52:9d:7d:2e:
7a:38:08:86:84:61:a1:4f:b7:bc:28:d2:ad:59:30:
fe:7a:5d:c0:e3:79:43:a2:cf:17:e1:e7:f8:eb:30:
59:65:37:7f:fb:c8:6d:fa:69:ff:2a:c6:f7:a2:26:
02:67:5a:59:01:f4:e3:5a:c9:d4:95:5b:f6:04:b0:
e7:99:dd:9a:a1:2f:fe:80:ad:ee:88:30:ee:1a:b3:
bf:b9:cf:31:2b:58:d9:4f:6f:19:07:c4:66:4b:3f:
cb:3c:5b:be:46:cb:4e:40:88:48:72:fa:14:fa:d7:
95:7e:7f:24:bf:13:b6:fb:ba:c7:b8:a1:2a:c1:5d:
e7:b3:54:17:d2:56:74:5d:3c:1f:51:85:16:6d:60:
46:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5D:A1:1A:B5:31:73:53:7C:B8:3F:C8:C2:A6:1E:6F:ED:87:AD:96
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/uF2hGrUxc1N8uD_IwqYeb-2HrZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.200.0/24
82.177.136.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:e4:8d:a1:2f:00:74:b0:e3:a6:5b:7c:25:9b:db:ee:fe:84:
55:9b:e8:f4:55:c2:75:2d:2b:eb:df:b8:26:d7:d3:08:32:9f:
dc:9c:77:6d:50:98:2e:db:d4:00:bf:97:37:4f:41:13:d9:86:
95:0e:f4:85:34:a0:ca:6d:ae:ae:28:a0:46:7e:f7:6b:46:fc:
99:33:e1:86:5f:c1:92:ea:1d:1e:5c:34:4a:9e:c7:51:ec:08:
4f:43:03:6a:64:3b:b3:fb:5e:e3:cb:d2:6a:00:d6:09:8d:c3:
29:87:5f:f0:1d:0a:4b:96:11:a4:a1:8f:eb:21:d8:c1:bd:f1:
d8:cf:75:61:ac:45:78:06:35:71:be:a7:46:de:28:fa:ad:9c:
de:ee:64:f1:25:50:f2:fc:2c:98:3a:45:19:8f:fc:21:8c:2a:
4a:c1:c8:22:aa:ad:93:ef:b7:c1:c6:f7:42:39:bf:b8:f0:bc:
de:6a:08:26:1e:0a:7f:f5:c0:e0:ea:d7:fd:2c:c1:cf:7b:c5:
e0:75:22:d6:9c:44:2b:27:ea:35:00:a0:58:ea:ba:e9:37:03:
c8:86:bf:68:4e:7c:d7:f5:cb:46:c9:d4:e6:45:a4:ea:76:07:
f2:55:36:15:29:dd:22:4c:96:89:06:da:3e:a7:86:29:f4:8d:
e2:d7:95:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsiJqCzByrdy91IvquipUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVkYTExYWI1MzE3MzUzN2NiODNmYzhjMmE2MWU2ZmVkODdhZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ2O4eSmF0CSTeDJas7zsFHcXGOH
zrh5RQkHpLBmK6zqVB4qiRKe9Tjuz1KP37TJ+KSY5gaz6x8DDckZTQM5Z0ybjCZc
It4ZlB6ngGVt3tPXJpyeI4mnSy4wESUnzgiAfSgquC4uktyHAoWuSgwaqr5OoVKd
fS56OAiGhGGhT7e8KNKtWTD+el3A43lDos8X4ef46zBZZTd/+8ht+mn/Ksb3oiYC
Z1pZAfTjWsnUlVv2BLDnmd2aoS/+gK3uiDDuGrO/uc8xK1jZT28ZB8RmSz/LPFu+
RstOQIhIcvoU+teVfn8kvxO2+7rHuKEqwV3ns1QX0lZ0XTwfUYUWbWBG3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLhdoRq1MXNTfLg/yMKmHm/th62WMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvdUYyaEdyVXhjMU44dURfSXdxWWViLTJIclpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQ/IAwQB
UrGIMA0GCSqGSIb3DQEBCwUAA4IBAQB85I2hLwB0sOOmW3wlm9vu/oRVm+j0VcJ1
LSvr37gm19MIMp/cnHdtUJgu29QAv5c3T0ET2YaVDvSFNKDKba6uKKBGfvdrRvyZ
M+GGX8GS6h0eXDRKnsdR7AhPQwNqZDuz+17jy9JqANYJjcMph1/wHQpLlhGkoY/r
IdjBvfHYz3VhrEV4BjVxvqdG3ij6rZze7mTxJVDy/CyYOkUZj/whjCpKwcgiqq2T
77fBxvdCOb+48LzeaggmHgp/9cDg6tf9LMHPe8XgdSLWnEQrJ+o1AKBY6rrpNwPI
hr9oTnzX9ctGydTmRaTqdgfyVTYVKd0iTJaJBto+p4Yp9I3i15Vl
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:15 2025 by rpki-client