Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/pUDcLqhd8k-OHqhDTMHEWLFxtNI.roa
File: pUDcLqhd8k-OHqhDTMHEWLFxtNI.roa (raw, json)
Hash identifier: zmsnQNHG6rnZC/5WP217xaq98ZpVSxzIVkPlWZUUiFE=
Subject key identifier: A5:40:DC:2E:A8:5D:F2:4F:8E:1E:A8:43:4C:C1:C4:58:B1:71:B4:D2
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0195578887D85EC58FC5D217723D36B31ED9
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/pUDcLqhd8k-OHqhDTMHEWLFxtNI.roa
Signing time: Sun 02 Mar 2025 15:45:19 +0000
ROA not before: Sun 02 Mar 2025 15:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 2a01:ecc0:2c1::/48 maxlen: 48
2a01:ecc0:340::/42 maxlen: 42
2a01:ecc0:380::/42 maxlen: 42
2a01:ecc0:3c0::/42 maxlen: 42
2a01:ecc0:400::/42 maxlen: 42
2a01:ecc0:440::/42 maxlen: 42
2a01:ecc0:480::/42 maxlen: 42
2a01:ecc0:4c0::/42 maxlen: 42
2a01:ecc0:500::/42 maxlen: 42
2a01:ecc0:540::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:57:88:87:d8:5e:c5:8f:c5:d2:17:72:3d:36:b3:1e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Mar 2 15:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a540dc2ea85df24f8e1ea8434cc1c458b171b4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:65:2a:5e:a5:5f:3f:73:c0:b0:41:60:dd:
1a:5d:e2:17:de:75:00:ba:5b:d9:4f:ae:f4:71:80:
4e:59:66:b3:27:0e:58:cf:82:9a:2b:01:9c:f0:45:
62:d6:30:89:5d:e3:7a:08:5b:06:64:c1:a0:1b:02:
e7:79:a5:f7:3d:9a:24:82:3f:53:65:6b:09:50:b4:
29:e3:73:cd:77:5f:9c:e2:4e:3d:1a:54:e5:10:b7:
fc:2f:ce:18:f8:a4:c7:75:6b:59:d5:ff:c1:db:13:
bd:6c:3c:6d:20:f2:a8:9d:98:46:4f:52:7c:22:34:
cd:c6:ec:84:33:78:4e:63:9d:16:18:18:eb:51:7f:
5a:9f:9b:c7:1a:d7:ae:70:de:39:87:ae:69:23:72:
d8:00:5a:b1:b8:c0:bb:a4:d3:c7:82:39:52:1b:75:
56:b9:c3:6d:6d:b6:e6:b0:93:13:85:05:74:20:6d:
36:7e:0b:42:de:aa:e9:25:38:b9:a3:08:7b:df:30:
29:c5:6a:24:fa:48:a2:3f:20:fb:14:64:0a:4a:ea:
48:2c:8b:06:6f:ff:5a:a4:73:0a:4d:be:8b:ba:b8:
ed:49:4e:68:22:6d:8d:7c:82:8a:a9:80:e5:54:ff:
2e:98:a7:81:eb:47:c8:95:31:8c:60:94:ab:3c:29:
cc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:40:DC:2E:A8:5D:F2:4F:8E:1E:A8:43:4C:C1:C4:58:B1:71:B4:D2
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/pUDcLqhd8k-OHqhDTMHEWLFxtNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:2c1::/48
2a01:ecc0:340::-2a01:ecc0:57f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:63:3c:75:da:5d:7d:df:ad:aa:5c:88:8d:f3:51:fe:c4:2f:
1e:30:80:42:be:6e:e9:7c:75:1f:19:ce:1b:cc:ae:2a:fa:4d:
80:dc:63:e6:ef:42:a4:cd:d2:a9:8d:b4:be:fd:a8:ca:1c:41:
55:dd:47:23:1a:07:d6:55:1b:b1:f1:a5:60:72:46:9b:4f:19:
50:74:52:8b:b7:92:66:10:d8:a1:38:94:9c:86:57:9e:08:55:
c2:f7:74:31:fe:fe:96:fa:32:d4:98:2a:90:e8:ee:d6:6b:f3:
7e:fe:c0:26:59:cc:64:31:f2:0c:0b:dc:f8:d7:e3:cd:cb:2f:
f8:c9:25:6c:f1:8e:d3:7f:91:9e:c0:a2:76:fb:09:ec:44:4f:
c1:e2:48:bc:ec:0a:f0:48:2c:5f:20:d9:f5:c1:58:73:c4:9e:
af:16:7d:b3:1a:20:8a:ac:f8:28:c4:7d:67:b9:8f:51:69:09:
1c:d2:67:05:c6:d2:ca:f6:55:4e:2d:be:c2:09:14:c2:6f:5f:
fb:d0:3a:0d:89:14:1a:4f:3e:82:91:fd:8b:e5:7d:1a:33:2e:
ff:fa:4b:99:ad:d5:fe:52:06:36:2a:27:9b:c6:82:61:bc:d3:
22:99:f0:ac:85:17:35:9c:b0:b9:a6:c3:d0:04:8c:01:e3:59:
4c:cf:c5:7e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZVXiIfYXsWPxdIXcj02sx7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwMzAyMTU0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQwZGMyZWE4NWRmMjRmOGUxZWE4NDM0Y2MxYzQ1OGIxNzFiNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteFlKl6lXz9zwLBBYN0aXeIX3nUA
ulvZT670cYBOWWazJw5Yz4KaKwGc8EVi1jCJXeN6CFsGZMGgGwLneaX3PZokgj9T
ZWsJULQp43PNd1+c4k49GlTlELf8L84Y+KTHdWtZ1f/B2xO9bDxtIPKonZhGT1J8
IjTNxuyEM3hOY50WGBjrUX9an5vHGteucN45h65pI3LYAFqxuMC7pNPHgjlSG3VW
ucNtbbbmsJMThQV0IG02fgtC3qrpJTi5owh73zApxWok+kiiPyD7FGQKSupILIsG
b/9apHMKTb6LurjtSU5oIm2NfIKKqYDlVP8umKeB60fIlTGMYJSrPCnM9QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKVA3C6oXfJPjh6oQ0zBxFixcbTSMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvcFVEY0xxaGQ4ay1PSHFoRFRNSEVXTEZ4dE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgHswALB
MBIDBwYqAezAA0ADBwcqAezABQAwDQYJKoZIhvcNAQELBQADggEBAHhjPHXaXX3f
rapciI3zUf7ELx4wgEK+bul8dR8ZzhvMrir6TYDcY+bvQqTN0qmNtL79qMocQVXd
RyMaB9ZVG7HxpWByRptPGVB0Uou3kmYQ2KE4lJyGV54IVcL3dDH+/pb6MtSYKpDo
7tZr837+wCZZzGQx8gwL3PjX483LL/jJJWzxjtN/kZ7Aonb7CexET8HiSLzsCvBI
LF8g2fXBWHPEnq8WfbMaIIqs+CjEfWe5j1FpCRzSZwXG0sr2VU4tvsIJFMJvX/vQ
Og2JFBpPPoKR/YvlfRozLv/6S5mt1f5SBjYqJ5vGgmG80yKZ8KyFFzWcsLmmw9AE
jAHjWUzPxX4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:37:11 2025 by rpki-client