Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/uOUxSiBIbzpDJ7EaKMdYFnC-HEQ.roa
File: uOUxSiBIbzpDJ7EaKMdYFnC-HEQ.roa (raw, json)
Hash identifier: P7xU7zipmmpWbMdR+tIYpEi0SHoYEWAWhVNCw2vAWTE=
Subject key identifier: B8:E5:31:4A:20:48:6F:3A:43:27:B1:1A:28:C7:58:16:70:BE:1C:44
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 019421B21362312CA3C86154E13ED790E37E
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/uOUxSiBIbzpDJ7EaKMdYFnC-HEQ.roa
Signing time: Wed 01 Jan 2025 11:48:25 +0000
ROA not before: Wed 01 Jan 2025 11:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24638
IP address blocks: 81.19.64.0/19 maxlen: 24
91.220.133.0/24 maxlen: 24
185.110.56.0/22 maxlen: 24
2a02:6b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:13:62:31:2c:a3:c8:61:54:e1:3e:d7:90:e3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: Jan 1 11:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8e5314a20486f3a4327b11a28c7581670be1c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:16:27:4c:22:86:64:c3:7c:ad:f5:80:eb:b5:
94:47:c6:f4:1b:9d:aa:8b:ae:4d:cd:9a:08:59:76:
6f:2c:1f:1e:49:61:3b:20:ea:58:ef:cb:09:a3:c7:
97:36:e1:c5:10:94:81:97:24:63:58:ea:e3:99:1c:
df:8f:15:4e:da:92:36:b8:95:fd:9e:bf:b1:e6:b1:
43:65:ba:76:13:75:96:27:d7:81:6a:5c:bd:dd:eb:
a1:27:a8:3c:a1:2d:fc:d0:8f:aa:83:50:2d:25:fa:
8a:5b:9f:ac:64:03:0a:28:95:24:2e:00:48:71:3f:
4a:72:d8:00:f4:cd:a0:a5:2e:df:dd:84:62:63:6a:
c4:0f:3d:a7:89:86:a9:1b:19:3c:11:d5:40:85:d3:
dd:4d:cd:68:80:6f:87:a9:9b:cc:ec:7c:6b:35:45:
54:47:3b:0d:d9:1f:a0:7e:86:a1:ae:10:71:8a:92:
7d:8c:5c:37:f0:1f:00:bd:d2:fd:bb:ae:97:00:4e:
33:4f:88:8c:14:ad:03:1d:67:7c:3f:d5:81:0a:d9:
1c:c7:1e:b1:fb:27:af:a3:82:1b:4e:c1:a9:ea:31:
cf:80:25:4e:01:1e:c3:55:28:45:83:10:d5:f5:f6:
79:fc:9a:fc:47:25:a2:e8:6a:63:df:1b:97:f5:4c:
8c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E5:31:4A:20:48:6F:3A:43:27:B1:1A:28:C7:58:16:70:BE:1C:44
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/uOUxSiBIbzpDJ7EaKMdYFnC-HEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.64.0/19
91.220.133.0/24
185.110.56.0/22
IPv6:
2a02:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
34:6a:ce:49:88:02:35:0b:15:78:5e:52:a2:dd:20:42:77:3a:
9f:e2:b9:d6:10:92:f9:1b:87:9e:b9:5d:02:25:ef:cb:9c:aa:
99:3b:7c:67:a2:07:9e:ba:a1:50:e8:84:18:eb:f9:58:87:a5:
0f:87:c0:a6:af:93:24:fd:8e:72:67:3f:72:a6:15:80:22:d7:
c1:4c:66:24:16:ed:f3:64:98:77:04:9a:ff:f1:b0:80:78:3c:
28:d7:d0:16:df:84:10:0b:4d:88:8d:37:10:dd:75:d6:8a:f5:
2f:80:1c:68:79:c5:cb:48:23:88:44:11:e1:03:13:f4:f4:96:
2b:c4:28:59:c5:76:17:0f:66:9e:6b:72:a9:d1:74:33:df:51:
e2:0f:e4:3e:19:1b:54:19:c7:d5:d4:1c:32:8a:0b:eb:2e:e4:
62:a0:55:1a:77:d2:d8:66:ff:63:c9:7d:58:a8:9d:84:e8:d0:
94:d9:9c:89:a2:2e:fa:c5:15:6c:5a:2a:bc:92:a5:d6:d7:e8:
f5:8c:57:8f:eb:03:4d:7a:d7:a6:83:32:02:71:4f:4f:96:09:
e7:21:57:e6:14:01:69:b4:e9:78:44:09:05:0d:49:7e:b5:ba:
c6:80:7f:99:da:89:e1:6e:c5:72:9e:b1:e0:d0:54:d6:3a:29:
2b:f8:94:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhshNiMSyjyGFU4T7XkON+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjUwMTAxMTE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU1MzE0YTIwNDg2ZjNhNDMyN2IxMWEyOGM3NTgxNjcwYmUxYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRYnTCKGZMN8rfWA67WUR8b0G52q
i65NzZoIWXZvLB8eSWE7IOpY78sJo8eXNuHFEJSBlyRjWOrjmRzfjxVO2pI2uJX9
nr+x5rFDZbp2E3WWJ9eBaly93euhJ6g8oS380I+qg1AtJfqKW5+sZAMKKJUkLgBI
cT9KctgA9M2gpS7f3YRiY2rEDz2niYapGxk8EdVAhdPdTc1ogG+HqZvM7HxrNUVU
RzsN2R+gfoahrhBxipJ9jFw38B8AvdL9u66XAE4zT4iMFK0DHWd8P9WBCtkcxx6x
+yevo4IbTsGp6jHPgCVOAR7DVShFgxDV9fZ5/Jr8RyWi6Gpj3xuX9UyMzwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLjlMUogSG86QyexGijHWBZwvhxEMB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEvdU9VeFNpQklienBESjdFYUtNZFlGbkMtSEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFURNAAwQA
W9yFAwQCuW44MA0EAgACMAcDBQAqAgawMA0GCSqGSIb3DQEBCwUAA4IBAQA0as5J
iAI1CxV4XlKi3SBCdzqf4rnWEJL5G4eeuV0CJe/LnKqZO3xnogeeuqFQ6IQY6/lY
h6UPh8Cmr5Mk/Y5yZz9yphWAItfBTGYkFu3zZJh3BJr/8bCAeDwo19AW34QQC02I
jTcQ3XXWivUvgBxoecXLSCOIRBHhAxP09JYrxChZxXYXD2aea3Kp0XQz31HiD+Q+
GRtUGcfV1BwyigvrLuRioFUad9LYZv9jyX1YqJ2E6NCU2ZyJoi76xRVsWiq8kqXW
1+j1jFeP6wNNetemgzICcU9PlgnnIVfmFAFptOl4RAkFDUl+tbrGgH+Z2onhbsVy
nrHg0FTWOikr+JT+
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:06 2025 by rpki-client