Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/RuHKLSfWcgHGzOil4fAEzNXNsWY.roa
File: RuHKLSfWcgHGzOil4fAEzNXNsWY.roa (raw, json)
Hash identifier: Uc+hRokokGwptNiyfS8Yysvc/TqbHO5gZiF8l4C+938=
Subject key identifier: 46:E1:CA:2D:27:D6:72:01:C6:CC:E8:A5:E1:F0:04:CC:D5:CD:B1:66
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 019426D95DF5785F8D4C95C8D33B11373D1F
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/RuHKLSfWcgHGzOil4fAEzNXNsWY.roa
Signing time: Thu 02 Jan 2025 11:49:27 +0000
ROA not before: Thu 02 Jan 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 193.9.36.0/22 maxlen: 24
193.9.36.0/24 maxlen: 24
193.9.37.0/24 maxlen: 24
193.9.38.0/24 maxlen: 24
193.9.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5d:f5:78:5f:8d:4c:95:c8:d3:3b:11:37:3d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46e1ca2d27d67201c6cce8a5e1f004ccd5cdb166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6a:99:de:fc:57:f3:db:ba:24:ab:dc:82:a2:
c2:45:7c:26:15:80:17:3b:ed:2e:c1:ec:9a:aa:a8:
0e:e6:fb:3d:f7:ea:93:6a:15:db:40:47:87:24:02:
fd:06:57:a4:d3:3e:6f:54:b4:3a:3a:28:dd:e0:17:
24:54:66:84:e6:c3:8a:79:5d:ec:09:75:05:aa:26:
ed:a4:5f:5f:28:d5:30:9f:9c:45:90:66:14:e7:3a:
09:cf:0b:0c:38:e0:76:52:84:54:c6:37:24:36:32:
b5:5b:27:e8:9e:9e:0f:8c:06:be:86:9e:7a:7d:b6:
6a:d2:87:48:4b:b5:b9:8b:bf:78:c5:e3:f1:a6:cc:
1c:0f:8d:a9:3c:ef:17:cf:e8:c4:3e:3d:de:a2:97:
ea:c6:88:bc:ad:53:26:42:b6:c0:f7:09:e0:1a:72:
c8:3a:22:e0:fc:84:e2:15:01:74:39:a0:63:2b:44:
7d:c7:fe:0a:9c:5c:ee:20:cb:6c:3a:3f:8f:fc:b5:
5c:12:30:3d:b5:df:cf:b6:2a:94:03:55:ce:f5:43:
36:2f:44:30:4b:81:78:8f:f5:a8:7f:37:9e:e4:9e:
65:74:89:53:61:76:12:02:d9:28:f2:43:da:a9:ea:
8a:00:19:7a:30:f2:b3:96:82:83:ee:a8:a2:02:53:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E1:CA:2D:27:D6:72:01:C6:CC:E8:A5:E1:F0:04:CC:D5:CD:B1:66
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/RuHKLSfWcgHGzOil4fAEzNXNsWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.36.0/22
Signature Algorithm: sha256WithRSAEncryption
76:21:e5:97:a6:e8:c4:7c:56:ff:2d:8f:c6:a3:42:14:2e:8e:
c5:33:c0:d4:d4:d1:17:7b:0e:52:ec:91:08:10:8c:7b:2a:dc:
9c:53:47:81:7b:d5:3d:f1:ef:32:b7:2a:56:51:68:68:7c:d8:
8f:63:15:68:a6:7d:5b:c2:70:24:75:30:7a:a7:f2:5d:fd:29:
62:16:4a:6e:29:8b:c7:11:a2:f8:1c:8b:5b:65:7a:37:a8:bc:
21:31:73:d0:53:15:44:b4:6b:40:87:49:81:99:70:3a:46:73:
c3:43:c6:ef:87:78:59:a4:5c:53:23:69:cf:51:01:2e:bc:10:
eb:1f:49:90:c5:64:d9:a3:5f:81:59:5f:2c:a2:1e:22:5f:f5:
d9:ab:9e:3b:0b:f6:7d:3b:a8:b9:09:1e:dd:da:8a:df:ea:64:
ee:72:2d:81:fe:5b:c3:e1:f2:31:e5:60:5b:f7:89:4c:a0:80:
b3:c6:8e:26:38:48:0e:d3:c1:02:5c:1d:b0:27:54:56:6d:1b:
94:f3:19:3b:1b:13:29:08:18:02:a4:52:7b:20:08:d8:74:af:
de:bf:ea:01:36:04:d5:d1:49:8b:28:a0:fb:c2:a3:40:78:47:
12:99:2c:91:49:0a:d7:e1:61:69:47:49:5e:fa:be:81:40:93:
4e:83:60:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2V31eF+NTJXI0zsRNz0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmUxY2EyZDI3ZDY3MjAxYzZjY2U4YTVlMWYwMDRjY2Q1Y2RiMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WqZ3vxX89u6JKvcgqLCRXwmFYAX
O+0uweyaqqgO5vs99+qTahXbQEeHJAL9Blek0z5vVLQ6Oijd4BckVGaE5sOKeV3s
CXUFqibtpF9fKNUwn5xFkGYU5zoJzwsMOOB2UoRUxjckNjK1Wyfonp4PjAa+hp56
fbZq0odIS7W5i794xePxpswcD42pPO8Xz+jEPj3eopfqxoi8rVMmQrbA9wngGnLI
OiLg/ITiFQF0OaBjK0R9x/4KnFzuIMtsOj+P/LVcEjA9td/PtiqUA1XO9UM2L0Qw
S4F4j/Wofzee5J5ldIlTYXYSAtko8kPaqeqKABl6MPKzloKD7qiiAlP7PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbhyi0n1nIBxszopeHwBMzVzbFmMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvUnVIS0xTZldjZ0hHek9pbDRmQUV6TlhOc1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQkkMA0G
CSqGSIb3DQEBCwUAA4IBAQB2IeWXpujEfFb/LY/Go0IULo7FM8DU1NEXew5S7JEI
EIx7KtycU0eBe9U98e8ytypWUWhofNiPYxVopn1bwnAkdTB6p/Jd/SliFkpuKYvH
EaL4HItbZXo3qLwhMXPQUxVEtGtAh0mBmXA6RnPDQ8bvh3hZpFxTI2nPUQEuvBDr
H0mQxWTZo1+BWV8soh4iX/XZq547C/Z9O6i5CR7d2orf6mTuci2B/lvD4fIx5WBb
94lMoICzxo4mOEgO08ECXB2wJ1RWbRuU8xk7GxMpCBgCpFJ7IAjYdK/ev+oBNgTV
0UmLKKD7wqNAeEcSmSyRSQrX4WFpR0le+r6BQJNOg2B0
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:32:14 2025 by rpki-client