Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/sUg9MVJbpnKjp6n_qVdxGGSeJB8.roa
File: sUg9MVJbpnKjp6n_qVdxGGSeJB8.roa (raw, json)
Hash identifier: iazJ3Yw/lvASdOuiaEdBPRq3HWHdL5Kxvj+o3m8saWE=
Subject key identifier: B1:48:3D:31:52:5B:A6:72:A3:A7:A9:FF:A9:57:71:18:64:9E:24:1F
Certificate issuer: /CN=b418677abf3aaee036cd4add77d66196fcde4c6d
Certificate serial: 019423D751A67FAE0A4F254E208A845C92AA
Authority key identifier: B4:18:67:7A:BF:3A:AE:E0:36:CD:4A:DD:77:D6:61:96:FC:DE:4C:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tBhner86ruA2zUrdd9ZhlvzeTG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/sUg9MVJbpnKjp6n_qVdxGGSeJB8.roa
Signing time: Wed 01 Jan 2025 21:48:21 +0000
ROA not before: Wed 01 Jan 2025 21:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 91.223.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/tBhner86ruA2zUrdd9ZhlvzeTG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/tBhner86ruA2zUrdd9ZhlvzeTG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tBhner86ruA2zUrdd9ZhlvzeTG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:51:a6:7f:ae:0a:4f:25:4e:20:8a:84:5c:92:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b418677abf3aaee036cd4add77d66196fcde4c6d
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1483d31525ba672a3a7a9ffa9577118649e241f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:5c:50:1b:51:54:90:95:05:63:a0:96:ec:
da:2a:eb:7c:af:f2:90:97:05:b4:61:48:75:ac:6a:
60:92:11:d7:b8:a6:3c:2a:26:34:b4:e4:b2:b1:a6:
aa:cb:26:ff:e1:a5:02:7e:55:a5:b6:81:91:94:42:
2d:27:74:76:67:79:3a:dd:c1:cd:82:31:f8:ee:d2:
4b:2c:40:0a:cb:85:01:46:da:8f:88:08:b0:32:d5:
8f:f8:f4:ad:89:bd:93:b6:48:b1:5d:c6:f9:dd:9b:
61:b1:f2:83:e9:a4:23:dd:24:a5:aa:00:a8:79:4b:
e2:55:ba:77:c8:25:d7:cd:ff:dc:9b:9b:6b:89:30:
31:da:20:9f:20:d5:da:01:85:71:9f:cc:7e:6a:e8:
cd:1b:08:6d:75:f0:1e:db:72:3d:08:f5:80:c9:be:
52:94:a6:b2:79:05:89:73:eb:a8:62:77:9d:27:b1:
e5:1a:c9:61:34:ea:d5:cb:e4:c3:64:0c:ba:81:ab:
6d:c0:0f:ec:02:78:7e:02:da:9e:3d:2e:26:2a:a8:
81:1f:d3:0e:0d:6a:2a:ef:db:cd:26:ef:8b:4b:8f:
73:18:eb:58:cc:f3:18:92:e8:87:aa:f7:71:ab:53:
3c:26:0d:84:79:24:a0:5c:e7:c9:29:dc:9f:87:61:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:48:3D:31:52:5B:A6:72:A3:A7:A9:FF:A9:57:71:18:64:9E:24:1F
X509v3 Authority Key Identifier:
keyid:B4:18:67:7A:BF:3A:AE:E0:36:CD:4A:DD:77:D6:61:96:FC:DE:4C:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tBhner86ruA2zUrdd9ZhlvzeTG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/sUg9MVJbpnKjp6n_qVdxGGSeJB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/da25c9-4fe1-45da-8e74-2bea34b8938b/1/tBhner86ruA2zUrdd9ZhlvzeTG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ff:7c:0b:6f:da:91:5d:1a:76:8e:8e:2c:57:0b:cb:dc:02:
bf:d5:2f:9f:01:ac:df:80:50:b8:4f:82:91:b4:b0:75:b3:e7:
d0:13:37:dc:7e:b1:e1:2b:88:00:ff:4e:1b:b1:d0:73:c6:ae:
dd:bd:40:8d:01:8a:3d:1d:ac:9c:94:4e:94:8d:38:7c:78:d0:
f9:68:42:82:c9:8b:02:bc:f5:65:e0:56:3a:43:81:62:80:c5:
c5:64:53:6f:45:4d:e8:ad:d1:20:20:0f:5e:f1:ed:f1:90:bc:
8e:13:6a:c7:06:d7:6f:85:c2:86:e1:24:f0:24:e5:b7:60:88:
ee:18:f5:9b:de:6d:0c:fa:7b:9e:a8:ef:d9:61:f9:ab:f8:eb:
c1:00:62:59:4a:99:0a:51:37:54:f4:84:21:7d:81:db:2f:54:
34:5b:7c:ff:9d:6c:13:d9:2e:67:84:84:e7:9c:6e:e7:35:a3:
36:4a:58:3b:51:d2:f2:2a:a1:8e:d0:ef:fe:ab:d1:9b:36:59:
1d:b9:19:c1:c0:a6:1d:a8:68:c1:39:14:45:cf:36:41:41:b2:
18:b6:c1:05:98:68:e2:9d:28:e7:1d:48:7a:d1:67:8f:55:a7:
f8:8a:50:9e:fd:2e:17:a7:60:c9:43:8f:89:45:69:27:f9:7b:
e6:f0:31:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj11Gmf64KTyVOIIqEXJKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MTg2NzdhYmYzYWFlZTAzNmNkNGFkZDc3ZDY2MTk2ZmNk
ZTRjNmQwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ4M2QzMTUyNWJhNjcyYTNhN2E5ZmZhOTU3NzExODY0OWUyNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiJcUBtRVJCVBWOgluzaKut8r/KQ
lwW0YUh1rGpgkhHXuKY8KiY0tOSysaaqyyb/4aUCflWltoGRlEItJ3R2Z3k63cHN
gjH47tJLLEAKy4UBRtqPiAiwMtWP+PStib2TtkixXcb53ZthsfKD6aQj3SSlqgCo
eUviVbp3yCXXzf/cm5triTAx2iCfINXaAYVxn8x+aujNGwhtdfAe23I9CPWAyb5S
lKayeQWJc+uoYnedJ7HlGslhNOrVy+TDZAy6gattwA/sAnh+AtqePS4mKqiBH9MO
DWoq79vNJu+LS49zGOtYzPMYkuiHqvdxq1M8Jg2EeSSgXOfJKdyfh2EamwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFIPTFSW6Zyo6ep/6lXcRhkniQfMB8GA1UdIwQY
MBaAFLQYZ3q/Oq7gNs1K3XfWYZb83kxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEJobmVyODZydUEyelVyZGQ5WmhsdnplVEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9kYTI1YzktNGZlMS00NWRhLThlNzQt
MmJlYTM0Yjg5MzhiLzEvc1VnOU1WSmJwbktqcDZuX3FWZHhHR1NlSkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9kYTI1YzktNGZlMS00NWRhLThlNzQtMmJlYTM0Yjg5Mzhi
LzEvdEJobmVyODZydUEyelVyZGQ5WmhsdnplVEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99VMA0G
CSqGSIb3DQEBCwUAA4IBAQCx/3wLb9qRXRp2jo4sVwvL3AK/1S+fAazfgFC4T4KR
tLB1s+fQEzfcfrHhK4gA/04bsdBzxq7dvUCNAYo9HayclE6UjTh8eND5aEKCyYsC
vPVl4FY6Q4FigMXFZFNvRU3ordEgIA9e8e3xkLyOE2rHBtdvhcKG4STwJOW3YIju
GPWb3m0M+nueqO/ZYfmr+OvBAGJZSpkKUTdU9IQhfYHbL1Q0W3z/nWwT2S5nhITn
nG7nNaM2Slg7UdLyKqGO0O/+q9GbNlkduRnBwKYdqGjBORRFzzZBQbIYtsEFmGji
nSjnHUh60WePVaf4ilCe/S4Xp2DJQ4+JRWkn+Xvm8DGC
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:57:25 2025 by rpki-client