Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/udEkF_6Cl582j3MhipXtkqh60QA.roa
File: udEkF_6Cl582j3MhipXtkqh60QA.roa (raw, json)
Hash identifier: KGfzfkRSS/8LMCpAd+TJJyVg600JQWb1fQuNDHspP4k=
Subject key identifier: B9:D1:24:17:FE:82:97:9F:36:8F:73:21:8A:95:ED:92:A8:7A:D1:00
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1D356B176CC9E0C0C76F8CFDA1DC5
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/udEkF_6Cl582j3MhipXtkqh60QA.roa
Signing time: Wed 01 Jan 2025 11:48:09 +0000
ROA not before: Wed 01 Jan 2025 11:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29582
IP address blocks: 84.1.154.0/24 maxlen: 24
84.2.74.0/24 maxlen: 24
188.6.241.0/24 maxlen: 24
195.228.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d3:56:b1:76:cc:9e:0c:0c:76:f8:cf:da:1d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d12417fe82979f368f73218a95ed92a87ad100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:2b:4f:7f:a7:09:ff:37:55:d0:cf:99:b7:
58:41:f5:5a:31:1e:05:8d:de:9d:fc:c1:ad:28:4d:
e2:05:11:27:33:ec:b7:64:99:72:1b:e7:6a:8e:dc:
6b:5a:f7:2a:75:e5:12:08:18:17:3d:e0:06:ac:26:
c7:3a:65:a1:68:f7:98:c3:10:33:44:36:21:ab:e1:
d8:bc:95:94:61:ed:71:44:fc:77:72:f7:2f:b3:ef:
d7:09:96:a3:00:b8:da:9f:2f:9b:f9:1b:0c:74:36:
51:e6:1a:fa:8c:73:23:74:09:70:db:64:d7:bc:fa:
ff:87:d2:4e:7e:e5:c4:af:15:c7:9f:92:e7:16:16:
1f:72:d7:f8:11:7d:a1:cb:9f:ee:c6:fa:27:db:24:
bc:ac:ce:47:93:53:63:5d:c5:9b:2b:83:5b:06:66:
3d:8f:7b:ee:3e:93:d8:3f:5b:be:a5:61:f6:4f:04:
63:78:64:5c:45:56:6a:c6:de:6c:1e:bb:e6:d4:fe:
29:cc:95:e1:58:06:4c:7f:cf:9f:d5:03:bf:45:ce:
e5:98:ad:99:0d:89:10:28:12:3f:f3:d7:24:76:af:
03:84:a6:d3:06:14:96:8c:80:44:6a:cf:19:46:3e:
57:11:36:f0:aa:a8:3c:d7:29:b8:69:c7:16:a5:73:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D1:24:17:FE:82:97:9F:36:8F:73:21:8A:95:ED:92:A8:7A:D1:00
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/udEkF_6Cl582j3MhipXtkqh60QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.154.0/24
84.2.74.0/24
188.6.241.0/24
195.228.1.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:95:9a:c0:f9:0f:24:97:f6:ab:52:2e:9b:91:d9:e7:55:a9:
39:12:34:ad:98:0f:18:ea:d1:39:ed:c9:10:eb:f6:f2:06:ae:
f3:6f:7c:25:cc:08:a9:d4:64:a5:3e:c0:b1:29:01:dd:ae:3c:
b6:a3:bb:40:77:df:47:af:66:44:2b:16:54:06:5d:01:2f:59:
44:a0:41:73:d3:dd:40:46:ba:83:1f:80:ab:1c:f9:62:21:48:
68:1f:ee:60:a8:bc:47:80:ca:05:6a:f4:a2:3e:42:5f:fc:99:
fb:e4:d0:2f:29:8f:0b:3f:0c:ea:19:95:84:65:56:13:11:a8:
01:e8:d8:ea:2f:a4:50:3a:c1:c8:79:04:80:1a:f7:aa:05:52:
98:04:d2:d7:99:aa:66:c9:69:01:c6:d2:b2:8b:7e:d8:ee:8c:
93:6a:3a:b3:83:a2:53:0d:62:ba:cb:26:4f:4a:cd:0b:17:54:
0f:d7:c9:ba:87:7a:f4:43:b7:b2:fd:49:75:30:75:a8:43:a0:
e1:b6:c0:7c:ae:8c:83:5f:a8:0e:59:ad:c0:72:59:13:db:50:
e1:43:20:16:dd:2f:ef:ea:43:15:78:97:b4:ea:7a:6c:4a:22:
81:6d:b5:2c:b1:d5:81:e1:7d:94:84:e1:2c:a3:07:8d:82:3d:
28:7b:aa:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsdNWsXbMngwMdvjP2h3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQxMjQxN2ZlODI5NzlmMzY4ZjczMjE4YTk1ZWQ5MmE4N2FkMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjQrT3+nCf83VdDPmbdYQfVaMR4F
jd6d/MGtKE3iBREnM+y3ZJlyG+dqjtxrWvcqdeUSCBgXPeAGrCbHOmWhaPeYwxAz
RDYhq+HYvJWUYe1xRPx3cvcvs+/XCZajALjany+b+RsMdDZR5hr6jHMjdAlw22TX
vPr/h9JOfuXErxXHn5LnFhYfctf4EX2hy5/uxvon2yS8rM5Hk1NjXcWbK4NbBmY9
j3vuPpPYP1u+pWH2TwRjeGRcRVZqxt5sHrvm1P4pzJXhWAZMf8+f1QO/Rc7lmK2Z
DYkQKBI/89ckdq8DhKbTBhSWjIBEas8ZRj5XETbwqqg81ym4accWpXPb3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLnRJBf+gpefNo9zIYqV7ZKoetEAMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdWRFa0ZfNkNsNTgyajNNaGlwWHRrcWg2MFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVAGaAwQA
VAJKAwQAvAbxAwQAw+QBMA0GCSqGSIb3DQEBCwUAA4IBAQB+lZrA+Q8kl/arUi6b
kdnnVak5EjStmA8Y6tE57ckQ6/byBq7zb3wlzAip1GSlPsCxKQHdrjy2o7tAd99H
r2ZEKxZUBl0BL1lEoEFz091ARrqDH4CrHPliIUhoH+5gqLxHgMoFavSiPkJf/Jn7
5NAvKY8LPwzqGZWEZVYTEagB6NjqL6RQOsHIeQSAGveqBVKYBNLXmapmyWkBxtKy
i37Y7oyTajqzg6JTDWK6yyZPSs0LF1QP18m6h3r0Q7ey/Ul1MHWoQ6DhtsB8royD
X6gOWa3AclkT21DhQyAW3S/v6kMVeJe06npsSiKBbbUssdWB4X2UhOEsoweNgj0o
e6og
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:30:07 2025 by rpki-client