Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/uU_t_lLPvr24v5Pbz0SrTkKY6nY.roa
File: uU_t_lLPvr24v5Pbz0SrTkKY6nY.roa (raw, json)
Hash identifier: rwGPe+ujcUEDQ0W4o5koNGMN3c7lcHfvYPIWubsi9Xo=
Subject key identifier: B9:4F:ED:FE:52:CF:BE:BD:B8:BF:93:DB:CF:44:AB:4E:42:98:EA:76
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 0194252230F579451BE5622C78BCADF70B59
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/uU_t_lLPvr24v5Pbz0SrTkKY6nY.roa
Signing time: Thu 02 Jan 2025 03:49:45 +0000
ROA not before: Thu 02 Jan 2025 03:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202520
IP address blocks: 83.168.68.0/23 maxlen: 24
83.168.94.0/24 maxlen: 24
83.168.95.0/24 maxlen: 24
83.168.105.0/24 maxlen: 24
83.168.106.0/24 maxlen: 24
83.168.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:30:f5:79:45:1b:e5:62:2c:78:bc:ad:f7:0b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jan 2 03:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b94fedfe52cfbebdb8bf93dbcf44ab4e4298ea76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:1c:1f:55:e7:3a:2f:ed:4d:56:91:41:0e:
f4:c7:7d:1d:fd:23:22:3e:74:31:61:3d:f4:d9:e2:
40:95:73:dc:68:ba:15:5a:57:6c:8f:c7:f3:5c:15:
14:a2:09:ff:63:96:23:cd:11:cf:9d:ce:a2:25:7c:
8e:ff:9e:57:bb:64:ae:54:32:d4:9f:d1:23:3b:b1:
2b:e0:46:cb:1a:e8:15:f3:76:40:dd:53:bd:1f:53:
fb:69:f5:0e:e2:52:b3:73:07:9c:b7:e9:a1:24:7f:
3c:2d:87:d4:70:33:f8:3e:3e:40:32:ab:4e:a4:8b:
d5:00:66:73:b1:5f:d2:d9:9e:4e:7d:44:d2:81:09:
93:f2:c7:16:a7:d6:78:a9:0d:bb:81:f5:35:e7:10:
b5:c6:2c:d0:aa:74:81:52:35:f7:05:39:e1:00:c1:
e1:6b:e7:7f:50:df:c3:49:8f:fd:1b:1e:cb:41:50:
05:00:5c:45:7f:fc:b1:98:a5:66:f6:33:b8:97:1d:
21:de:8d:43:6d:cf:27:be:39:cc:dd:7b:dc:b1:48:
48:ba:28:0f:37:05:78:13:ef:43:5c:9f:a8:7b:e0:
dd:d4:60:2e:61:78:22:8a:2e:72:e7:e3:83:ef:2b:
ee:9a:45:34:db:a3:25:2d:7a:2b:ff:ac:38:88:ec:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4F:ED:FE:52:CF:BE:BD:B8:BF:93:DB:CF:44:AB:4E:42:98:EA:76
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/uU_t_lLPvr24v5Pbz0SrTkKY6nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.68.0/23
83.168.94.0/23
83.168.105.0-83.168.107.255
Signature Algorithm: sha256WithRSAEncryption
bf:5a:1d:bd:5a:69:a5:39:47:30:d6:d1:18:3a:b6:d1:db:8c:
2b:e4:79:54:75:9b:72:01:bc:10:77:7c:97:e5:0e:ae:6f:ad:
a3:62:7c:88:03:7b:a6:4d:c0:60:49:0c:79:43:c9:ec:65:c7:
23:62:1a:ca:a3:dd:63:85:e7:f9:75:e3:9e:55:42:bc:e0:c5:
7b:25:bc:07:00:80:2c:45:f2:54:f3:c3:66:0c:2a:55:38:17:
57:a1:b7:16:cc:74:28:9b:04:85:e4:43:bc:6b:1c:ea:50:68:
54:31:d3:d7:21:11:04:93:c4:89:8e:5a:e0:08:d4:42:15:d4:
e8:f2:06:b6:64:5f:c2:d5:b7:7f:41:41:ab:c8:d0:d3:aa:3c:
92:e1:0a:ca:b8:8c:a3:0f:c1:3a:4b:bc:4e:48:d8:32:67:5c:
58:ca:b5:a8:a0:2e:bc:bb:7e:ed:6c:66:48:04:13:06:52:46:
68:f4:92:24:bf:2c:79:af:b1:58:ab:3a:ed:31:38:e8:5a:8c:
b9:7e:60:21:3e:5d:cc:14:42:45:b5:81:46:c9:1a:f4:8d:f9:
d7:a2:3d:28:11:b6:bb:d9:2b:fa:97:75:33:79:40:9a:96:31:
b4:7c:d6:f4:c9:ff:47:b2:4d:85:7b:fa:98:0a:5d:d1:bc:54:
4f:58:ff:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQlIjD1eUUb5WIseLyt9wtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwMTAyMDM0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRmZWRmZTUyY2ZiZWJkYjhiZjkzZGJjZjQ0YWI0ZTQyOThlYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkIcH1XnOi/tTVaRQQ70x30d/SMi
PnQxYT302eJAlXPcaLoVWldsj8fzXBUUogn/Y5YjzRHPnc6iJXyO/55Xu2SuVDLU
n9EjO7Er4EbLGugV83ZA3VO9H1P7afUO4lKzcwect+mhJH88LYfUcDP4Pj5AMqtO
pIvVAGZzsV/S2Z5OfUTSgQmT8scWp9Z4qQ27gfU15xC1xizQqnSBUjX3BTnhAMHh
a+d/UN/DSY/9Gx7LQVAFAFxFf/yxmKVm9jO4lx0h3o1Dbc8nvjnM3XvcsUhIuigP
NwV4E+9DXJ+oe+Dd1GAuYXgiii5y5+OD7yvumkU026MlLXor/6w4iOxVHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLlP7f5Sz769uL+T289Eq05CmOp2MB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvdVVfdF9sTFB2cjI0djVQYnowU3JUa0tZNm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBU6hEAwQB
U6heMAwDBABTqGkDBAJTqGgwDQYJKoZIhvcNAQELBQADggEBAL9aHb1aaaU5RzDW
0Rg6ttHbjCvkeVR1m3IBvBB3fJflDq5vraNifIgDe6ZNwGBJDHlDyexlxyNiGsqj
3WOF5/l1455VQrzgxXslvAcAgCxF8lTzw2YMKlU4F1ehtxbMdCibBIXkQ7xrHOpQ
aFQx09chEQSTxImOWuAI1EIV1OjyBrZkX8LVt39BQavI0NOqPJLhCsq4jKMPwTpL
vE5I2DJnXFjKtaigLry7fu1sZkgEEwZSRmj0kiS/LHmvsVirOu0xOOhajLl+YCE+
XcwUQkW1gUbJGvSN+deiPSgRtrvZK/qXdTN5QJqWMbR81vTJ/0eyTYV7+pgKXdG8
VE9Y/yw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:00 2025 by rpki-client