Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/rU4-fu2i_puERNzqsZusptLEhxw.roa
File: rU4-fu2i_puERNzqsZusptLEhxw.roa (raw, json)
Hash identifier: oUOtoTz5sCAfhIfBXkRUrvoxsTQJBic3IEPNnf2jOds=
Subject key identifier: AD:4E:3E:7E:ED:A2:FE:9B:84:44:DC:EA:B1:9B:AC:A6:D2:C4:87:1C
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0194244568F7427DB1CA24F9EF31D985C573
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/rU4-fu2i_puERNzqsZusptLEhxw.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 168.199.169.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.245.0/24 maxlen: 24
185.101.255.0/24 maxlen: 24
185.226.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:68:f7:42:7d:b1:ca:24:f9:ef:31:d9:85:c5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4e3e7eeda2fe9b8444dceab19baca6d2c4871c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:fd:d5:a6:b7:c9:d2:02:ce:56:c2:02:40:
c8:a9:3b:50:9f:8b:19:3c:a6:83:38:5b:4e:32:a5:
b3:16:c5:53:f9:9c:61:66:9b:13:b9:cd:5e:d3:f5:
a0:e0:11:d8:60:5c:a6:c3:2a:16:c8:c6:ea:71:d5:
ad:52:d3:ce:df:79:49:2d:a2:24:0a:f2:55:76:27:
1a:bb:28:31:7b:6a:57:fd:f3:49:e2:bf:09:5f:6e:
a9:5c:b7:61:1b:ad:5a:59:7f:74:16:07:a6:36:11:
19:7b:77:97:63:48:09:a8:7f:95:4a:9a:b2:5b:e0:
86:ce:84:40:1b:84:f3:5e:92:4d:58:3d:8d:8d:7a:
8c:6b:81:6d:de:01:47:97:67:66:6d:3a:c9:3d:f1:
18:f4:dd:bb:73:68:29:10:8e:b7:cd:32:1c:ad:01:
73:b6:81:93:de:7b:8d:2a:97:3f:eb:2d:3d:91:10:
23:51:a4:e2:0a:3f:ca:e8:36:93:e1:1f:9b:39:05:
57:32:d1:a6:8a:1a:23:d2:62:53:09:ae:cb:0b:ae:
f1:63:f9:d2:0d:f1:a6:f3:aa:aa:da:f5:c2:98:5e:
40:9b:a0:b6:b6:7a:5d:34:28:ca:61:36:0d:d6:98:
42:a5:40:4f:14:8f:be:f6:eb:36:71:1c:7b:ef:50:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4E:3E:7E:ED:A2:FE:9B:84:44:DC:EA:B1:9B:AC:A6:D2:C4:87:1C
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/rU4-fu2i_puERNzqsZusptLEhxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.169.0/24
168.199.234.0/24
168.199.245.0/24
185.101.255.0/24
185.226.207.0/24
Signature Algorithm: sha256WithRSAEncryption
37:11:43:62:cf:ea:6d:dc:82:3d:81:3b:99:54:12:1b:cc:9c:
1c:62:7a:a9:bc:be:63:7a:08:cf:24:4b:5d:e6:51:f9:ba:83:
16:56:14:61:d4:03:86:95:f2:f8:25:eb:77:dc:ae:0c:bb:3f:
5e:87:e3:12:82:f2:26:f1:77:71:05:42:e6:5e:86:f6:bd:c2:
3f:85:30:ef:73:fd:7c:91:6e:30:a8:f2:c5:b9:c7:db:6a:c0:
c4:7e:19:3b:aa:2b:d0:cb:4b:b6:64:3b:34:93:13:91:5d:f9:
d9:33:c0:7f:7e:15:ba:4c:b1:8a:1b:02:ba:ce:43:62:9e:7d:
a7:8f:b6:c1:25:80:c6:e6:3c:27:4e:b2:a2:52:e4:75:ac:9b:
37:8b:c0:00:17:7f:a5:b9:4e:8d:41:af:90:94:85:5d:67:f5:
54:d8:ba:4b:e0:80:26:1e:28:57:2e:2b:e0:8e:b1:80:64:76:
c0:a4:4c:3a:c6:ad:6b:1f:45:01:90:2c:0d:66:13:95:7b:43:
a3:ee:11:e0:c2:d1:b8:e6:dc:55:7b:35:e1:b6:62:d3:16:90:
00:43:33:81:f2:eb:37:50:51:f7:3e:e7:5e:9c:d2:f1:fe:b0:
05:5b:8d:2a:26:07:12:45:7f:ca:ff:11:55:70:75:c6:c2:fd:
cd:eb:26:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRWj3Qn2xyiT57zHZhcVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRlM2U3ZWVkYTJmZTliODQ0NGRjZWFiMTliYWNhNmQyYzQ4NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraD91aa3ydICzlbCAkDIqTtQn4sZ
PKaDOFtOMqWzFsVT+ZxhZpsTuc1e0/Wg4BHYYFymwyoWyMbqcdWtUtPO33lJLaIk
CvJVdicauygxe2pX/fNJ4r8JX26pXLdhG61aWX90FgemNhEZe3eXY0gJqH+VSpqy
W+CGzoRAG4TzXpJNWD2NjXqMa4Ft3gFHl2dmbTrJPfEY9N27c2gpEI63zTIcrQFz
toGT3nuNKpc/6y09kRAjUaTiCj/K6DaT4R+bOQVXMtGmihoj0mJTCa7LC67xY/nS
DfGm86qq2vXCmF5Am6C2tnpdNCjKYTYN1phCpUBPFI++9us2cRx771BVHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK1OPn7tov6bhETc6rGbrKbSxIccMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvclU0LWZ1MmlfcHVFUk56cXNadXNwdExFaHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAqMepAwQA
qMfqAwQAqMf1AwQAuWX/AwQAueLPMA0GCSqGSIb3DQEBCwUAA4IBAQA3EUNiz+pt
3II9gTuZVBIbzJwcYnqpvL5jegjPJEtd5lH5uoMWVhRh1AOGlfL4Jet33K4Muz9e
h+MSgvIm8XdxBULmXob2vcI/hTDvc/18kW4wqPLFucfbasDEfhk7qivQy0u2ZDs0
kxORXfnZM8B/fhW6TLGKGwK6zkNinn2nj7bBJYDG5jwnTrKiUuR1rJs3i8AAF3+l
uU6NQa+QlIVdZ/VU2LpL4IAmHihXLivgjrGAZHbApEw6xq1rH0UBkCwNZhOVe0Oj
7hHgwtG45txVezXhtmLTFpAAQzOB8us3UFH3PudenNLx/rAFW40qJgcSRX/K/xFV
cHXGwv3N6ybR
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:50:05 2025 by rpki-client