Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/umBmq8XFX-zXziXQ4pyACUgy-FQ.roa
File: umBmq8XFX-zXziXQ4pyACUgy-FQ.roa (raw, json)
Hash identifier: JuI2qHr6MZgrFWdKqrf8sXobXSWHVnMHISH4QdZzmLE=
Subject key identifier: BA:60:66:AB:C5:C5:5F:EC:D7:CE:25:D0:E2:9C:80:09:48:32:F8:54
Certificate issuer: /CN=bac03ae6c5458ad280765ba5527980a06fec23a8
Certificate serial: 019424B3D9E02B6B61F424D49A6779BA946C
Authority key identifier: BA:C0:3A:E6:C5:45:8A:D2:80:76:5B:A5:52:79:80:A0:6F:EC:23:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/usA65sVFitKAdlulUnmAoG_sI6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/umBmq8XFX-zXziXQ4pyACUgy-FQ.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 185.167.8.0/22 maxlen: 22
2a0b:2e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/usA65sVFitKAdlulUnmAoG_sI6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/usA65sVFitKAdlulUnmAoG_sI6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/usA65sVFitKAdlulUnmAoG_sI6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d9:e0:2b:6b:61:f4:24:d4:9a:67:79:ba:94:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bac03ae6c5458ad280765ba5527980a06fec23a8
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6066abc5c55fecd7ce25d0e29c80094832f854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:30:0e:71:66:1a:ca:45:24:a5:9f:6b:08:13:
f9:e2:a9:92:85:a9:de:4b:6a:72:c5:8b:ff:2c:a9:
39:4c:59:c8:78:77:aa:4f:64:36:24:d7:70:5f:2e:
d0:d0:6b:18:f7:18:51:20:a0:27:83:b1:fb:5c:5a:
7e:ab:59:64:74:1a:6d:66:d8:8b:9d:93:9c:05:f2:
21:e2:58:c3:61:f5:7c:cc:fc:84:7c:77:3a:5c:df:
16:04:61:bc:2d:8d:a5:c9:90:22:e5:c5:b6:8f:ad:
74:0c:c3:9f:3e:3a:c6:fc:4c:0b:4f:3e:1d:34:1c:
4f:25:db:52:27:65:8a:f1:1a:23:42:77:39:93:38:
dc:58:e4:c7:9d:84:5c:16:7d:19:30:0e:6a:97:35:
1a:13:a7:8c:28:e1:57:42:2c:39:0e:10:a4:e6:ae:
31:e7:3c:19:82:d8:0f:49:55:89:cf:48:a5:2a:c8:
04:d4:8f:47:f1:32:81:3a:cc:ec:2c:2a:54:f9:8d:
65:a0:57:45:6c:8b:e1:1b:74:55:a5:92:9d:4b:38:
97:dc:07:70:6e:15:70:90:70:b5:2c:b0:1f:6a:54:
19:e6:38:7e:41:80:f8:24:ca:2c:74:f6:24:c2:31:
bb:3f:80:18:69:0f:ab:13:97:2b:88:d7:e7:d5:e6:
22:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:60:66:AB:C5:C5:5F:EC:D7:CE:25:D0:E2:9C:80:09:48:32:F8:54
X509v3 Authority Key Identifier:
keyid:BA:C0:3A:E6:C5:45:8A:D2:80:76:5B:A5:52:79:80:A0:6F:EC:23:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/usA65sVFitKAdlulUnmAoG_sI6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/umBmq8XFX-zXziXQ4pyACUgy-FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e931e6-a152-4a1a-b08a-1081aeb121b3/1/usA65sVFitKAdlulUnmAoG_sI6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.8.0/22
IPv6:
2a0b:2e00::/29
Signature Algorithm: sha256WithRSAEncryption
17:e1:d5:d3:54:d6:e1:d0:09:aa:cc:f4:32:83:83:72:ab:20:
3c:b1:ed:76:44:ec:91:a2:7b:14:61:17:56:fc:bc:bb:0a:39:
b6:a3:00:5e:c6:41:8c:41:73:21:da:db:e4:96:5d:1f:27:7c:
06:7f:69:13:8b:64:38:dc:a2:95:2a:ae:88:91:63:86:e1:bc:
07:bb:01:c0:e7:30:0d:e4:82:92:9c:3d:7e:a9:bf:3d:eb:4b:
c8:63:57:f4:14:94:c6:b3:8c:dd:9d:eb:ff:04:1a:e6:02:c5:
ed:b7:7d:12:92:97:6a:5e:1f:7a:8c:50:92:50:a9:7d:74:5a:
b9:0e:c8:a6:9f:4d:aa:80:be:c5:e0:5c:54:50:d6:97:79:62:
3b:99:53:52:40:71:44:0a:2b:23:c1:29:84:fb:c2:7c:e5:ab:
27:60:1d:ac:c8:65:a1:03:29:08:e0:ac:d4:e4:2e:3b:9e:d1:
8c:e7:de:ac:52:e7:28:84:3a:1e:af:cf:0f:e8:d5:8b:dd:fd:
09:4d:79:49:01:cf:35:a1:e4:19:49:d5:7a:78:1b:e0:ba:35:
f9:b4:ac:59:e4:44:91:00:ab:f1:0b:6a:3a:af:e3:20:b2:4e:
07:54:07:94:f4:f9:0e:60:54:6c:53:40:13:a7:6f:99:50:6a:
c4:e6:dd:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks9ngK2th9CTUmmd5upRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYzAzYWU2YzU0NThhZDI4MDc2NWJhNTUyNzk4MGEwNmZl
YzIzYTgwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTYwNjZhYmM1YzU1ZmVjZDdjZTI1ZDBlMjljODAwOTQ4MzJmODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TAOcWYaykUkpZ9rCBP54qmShane
S2pyxYv/LKk5TFnIeHeqT2Q2JNdwXy7Q0GsY9xhRIKAng7H7XFp+q1lkdBptZtiL
nZOcBfIh4ljDYfV8zPyEfHc6XN8WBGG8LY2lyZAi5cW2j610DMOfPjrG/EwLTz4d
NBxPJdtSJ2WK8RojQnc5kzjcWOTHnYRcFn0ZMA5qlzUaE6eMKOFXQiw5DhCk5q4x
5zwZgtgPSVWJz0ilKsgE1I9H8TKBOszsLCpU+Y1loFdFbIvhG3RVpZKdSziX3Adw
bhVwkHC1LLAfalQZ5jh+QYD4JMosdPYkwjG7P4AYaQ+rE5criNfn1eYinwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLpgZqvFxV/s184l0OKcgAlIMvhUMB8GA1UdIwQY
MBaAFLrAOubFRYrSgHZbpVJ5gKBv7COoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXNBNjVzVkZpdEtBZGx1bFVubUFvR19zSTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOTMxZTYtYTE1Mi00YTFhLWIwOGEt
MTA4MWFlYjEyMWIzLzEvdW1CbXE4WEZYLXpYemlYUTRweUFDVWd5LUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOTMxZTYtYTE1Mi00YTFhLWIwOGEtMTA4MWFlYjEyMWIz
LzEvdXNBNjVzVkZpdEtBZGx1bFVubUFvR19zSTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuacIMA0E
AgACMAcDBQMqCy4AMA0GCSqGSIb3DQEBCwUAA4IBAQAX4dXTVNbh0AmqzPQyg4Ny
qyA8se12ROyRonsUYRdW/Ly7Cjm2owBexkGMQXMh2tvkll0fJ3wGf2kTi2Q43KKV
Kq6IkWOG4bwHuwHA5zAN5IKSnD1+qb8960vIY1f0FJTGs4zdnev/BBrmAsXtt30S
kpdqXh96jFCSUKl9dFq5Dsimn02qgL7F4FxUUNaXeWI7mVNSQHFECisjwSmE+8J8
5asnYB2syGWhAykI4KzU5C47ntGM596sUucohDoer88P6NWL3f0JTXlJAc81oeQZ
SdV6eBvgujX5tKxZ5ESRAKvxC2o6r+Mgsk4HVAeU9PkOYFRsU0ATp2+ZUGrE5t2l
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:26:23 2025 by rpki-client