Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/oUbphFvh_H2EgLkqqhGVtJvsWdA.roa
File: oUbphFvh_H2EgLkqqhGVtJvsWdA.roa (raw, json)
Hash identifier: YcXAdQPNOD/ei8uQHqKqayZyCGAzNtCVZnzz77qI+x0=
Subject key identifier: A1:46:E9:84:5B:E1:FC:7D:84:80:B9:2A:AA:11:95:B4:9B:EC:59:D0
Certificate issuer: /CN=996a5f948435acb112a66e2563792263ec8b657e
Certificate serial: 0194266C39F20911E23AAA130EDBD62262DB
Authority key identifier: 99:6A:5F:94:84:35:AC:B1:12:A6:6E:25:63:79:22:63:EC:8B:65:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWpflIQ1rLESpm4lY3kiY-yLZX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/oUbphFvh_H2EgLkqqhGVtJvsWdA.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203616
IP address blocks: 185.129.80.0/23 maxlen: 23
185.129.80.0/24 maxlen: 24
185.129.81.0/24 maxlen: 24
185.129.82.0/23 maxlen: 23
185.129.82.0/24 maxlen: 24
185.129.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/mWpflIQ1rLESpm4lY3kiY-yLZX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/mWpflIQ1rLESpm4lY3kiY-yLZX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWpflIQ1rLESpm4lY3kiY-yLZX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:39:f2:09:11:e2:3a:aa:13:0e:db:d6:22:62:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996a5f948435acb112a66e2563792263ec8b657e
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a146e9845be1fc7d8480b92aaa1195b49bec59d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:4c:a5:63:7f:46:e4:5c:98:5b:10:0f:8c:
7f:9b:6d:f2:2e:53:6f:04:6e:cc:b7:bd:7f:5c:53:
8d:45:63:81:c1:58:ba:79:6a:7d:4b:fe:7b:2b:1c:
32:ee:b5:13:62:ae:62:ba:c4:23:12:a8:98:fb:1b:
82:e3:f3:a9:b3:cd:a7:37:21:52:e0:16:c4:97:f1:
42:c3:a9:a2:bf:f6:cb:e6:81:a4:be:b0:6a:7b:75:
4b:43:d6:5f:e3:84:50:25:41:e0:40:98:d1:64:17:
6f:74:8d:e0:d1:a7:0a:9c:52:13:b7:c8:c2:7c:f0:
2c:a8:4f:1e:b9:e2:df:f7:b1:b5:da:1f:75:5c:19:
58:43:ca:2a:b2:ce:c1:f6:6d:09:28:40:84:c8:22:
a5:26:8d:ca:4f:16:77:46:cb:29:48:c6:34:7c:25:
02:87:0c:29:38:c0:7b:d2:28:c5:77:56:ab:26:e6:
ca:40:7f:82:c1:5a:09:37:3b:dc:0b:82:6e:31:73:
0f:79:25:a9:98:7d:08:53:5e:37:9b:ab:8b:4e:6a:
c2:02:d4:40:b3:7d:10:d4:7b:20:22:ad:b5:fd:c5:
2a:aa:b1:b0:6b:16:c6:61:ef:42:44:d5:53:5a:26:
77:73:9c:48:8d:91:85:b0:5a:a1:c3:7a:a1:fb:53:
5f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:46:E9:84:5B:E1:FC:7D:84:80:B9:2A:AA:11:95:B4:9B:EC:59:D0
X509v3 Authority Key Identifier:
keyid:99:6A:5F:94:84:35:AC:B1:12:A6:6E:25:63:79:22:63:EC:8B:65:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWpflIQ1rLESpm4lY3kiY-yLZX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/oUbphFvh_H2EgLkqqhGVtJvsWdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/eb0fea-b0db-4886-ba0d-67c796aa97e9/1/mWpflIQ1rLESpm4lY3kiY-yLZX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.80.0/22
Signature Algorithm: sha256WithRSAEncryption
25:db:db:e6:3c:0b:9d:cd:ca:26:67:2c:cb:23:a6:36:44:8c:
69:20:4d:22:58:4e:d7:c3:ef:83:3f:ff:20:47:d0:fa:f1:f7:
2f:54:8d:32:d8:66:f4:55:a8:dc:65:28:16:8f:a3:a7:8c:72:
4b:65:23:c7:0c:ac:92:14:61:fd:88:8a:e8:71:4b:41:3a:85:
f0:d4:30:7b:d1:49:65:b9:0c:77:5a:d5:8d:ef:03:93:58:cc:
67:55:f9:e2:a8:25:b8:5b:48:fa:9c:9a:4d:23:cf:19:43:54:
9b:ab:5d:55:af:88:b0:27:db:d3:ae:13:c2:0f:20:e3:fb:f2:
99:91:62:5a:f7:d3:65:7d:e9:05:b4:21:cb:fe:4e:46:f4:74:
16:a1:ba:40:8c:17:80:49:14:91:00:3a:ce:18:8d:a4:84:b4:
c8:63:ce:bb:e8:8c:3c:e3:83:8d:8f:98:93:48:4e:f2:ec:20:
e9:2d:7b:02:70:57:47:0c:75:0e:01:ef:f3:c8:8f:8b:a1:1e:
0d:c6:10:e9:f4:e2:35:d7:16:16:63:d8:59:9e:7d:84:83:60:
a9:aa:de:f2:f7:4e:40:6d:8a:d0:02:63:0d:bb:89:6e:26:ac:
6f:9d:96:da:45:66:75:bd:ae:9c:49:5a:68:50:82:b4:5b:58:
39:21:17:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbDnyCRHiOqoTDtvWImLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NmE1Zjk0ODQzNWFjYjExMmE2NmUyNTYzNzkyMjYzZWM4
YjY1N2UwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ2ZTk4NDViZTFmYzdkODQ4MGI5MmFhYTExOTViNDliZWM1OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjghMpWN/RuRcmFsQD4x/m23yLlNv
BG7Mt71/XFONRWOBwVi6eWp9S/57Kxwy7rUTYq5iusQjEqiY+xuC4/Ops82nNyFS
4BbEl/FCw6miv/bL5oGkvrBqe3VLQ9Zf44RQJUHgQJjRZBdvdI3g0acKnFITt8jC
fPAsqE8eueLf97G12h91XBlYQ8oqss7B9m0JKECEyCKlJo3KTxZ3RsspSMY0fCUC
hwwpOMB70ijFd1arJubKQH+CwVoJNzvcC4JuMXMPeSWpmH0IU143m6uLTmrCAtRA
s30Q1HsgIq21/cUqqrGwaxbGYe9CRNVTWiZ3c5xIjZGFsFqhw3qh+1NfRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFG6YRb4fx9hIC5KqoRlbSb7FnQMB8GA1UdIwQY
MBaAFJlqX5SENayxEqZuJWN5ImPsi2V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdwZmxJUTFyTEVTcG00bFkza2lZLXlMWlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9lYjBmZWEtYjBkYi00ODg2LWJhMGQt
NjdjNzk2YWE5N2U5LzEvb1VicGhGdmhfSDJFZ0xrcXFoR1Z0SnZzV2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9lYjBmZWEtYjBkYi00ODg2LWJhMGQtNjdjNzk2YWE5N2U5
LzEvbVdwZmxJUTFyTEVTcG00bFkza2lZLXlMWlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYFQMA0G
CSqGSIb3DQEBCwUAA4IBAQAl29vmPAudzcomZyzLI6Y2RIxpIE0iWE7Xw++DP/8g
R9D68fcvVI0y2Gb0VajcZSgWj6OnjHJLZSPHDKySFGH9iIrocUtBOoXw1DB70Ull
uQx3WtWN7wOTWMxnVfniqCW4W0j6nJpNI88ZQ1Sbq11Vr4iwJ9vTrhPCDyDj+/KZ
kWJa99NlfekFtCHL/k5G9HQWobpAjBeASRSRADrOGI2khLTIY8676Iw844ONj5iT
SE7y7CDpLXsCcFdHDHUOAe/zyI+LoR4NxhDp9OI11xYWY9hZnn2Eg2Cpqt7y905A
bYrQAmMNu4luJqxvnZbaRWZ1va6cSVpoUIK0W1g5IRej
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:47:14 2025 by rpki-client