Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/u7FYseYTvFuik1kkZdQXan5NUT4.roa
File: u7FYseYTvFuik1kkZdQXan5NUT4.roa (raw, json)
Hash identifier: OILWNi9mv9AwF8S+yDdOr81iUCDmwjfaxbEGwvX0caY=
Subject key identifier: BB:B1:58:B1:E6:13:BC:5B:A2:93:59:24:65:D4:17:6A:7E:4D:51:3E
Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Certificate serial: 0194228E43854EF904F3C953174B100D86D2
Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/u7FYseYTvFuik1kkZdQXan5NUT4.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12859
IP address blocks: 195.8.208.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:43:85:4e:f9:04:f3:c9:53:17:4b:10:0d:86:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbb158b1e613bc5ba293592465d4176a7e4d513e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:cf:10:74:81:bc:83:89:72:20:0a:5a:de:
be:15:f8:7c:f2:99:e4:9e:f2:54:32:29:27:60:95:
a5:46:5e:9a:94:18:11:d5:b3:db:79:17:6d:aa:32:
8e:af:73:81:65:86:d7:0c:1f:c6:bf:6e:33:7a:a4:
96:da:4f:bd:1d:83:6a:b2:28:12:6b:9f:ba:1e:4e:
bd:ca:7b:97:3a:00:da:3e:ec:44:cd:c4:1d:a9:33:
16:64:7b:a9:fb:56:60:34:eb:77:82:0f:ef:44:ff:
03:6d:15:57:b7:4a:e7:71:ce:c3:d5:ce:77:41:e2:
a7:81:16:5a:64:a4:8f:de:e6:8a:75:e3:cd:0b:06:
9d:2a:76:ca:5a:7a:19:73:c0:64:52:7d:68:0d:ac:
0e:42:9d:fc:a9:c7:84:39:56:a8:e0:ef:8b:9a:01:
18:8c:aa:f3:8f:97:77:42:fc:ae:e5:4c:39:7c:26:
ab:03:01:d9:33:a8:59:19:3b:5b:82:ff:bb:86:d2:
43:ef:56:75:12:bc:d9:e8:cc:12:21:66:9a:75:3f:
22:8f:6c:d9:66:ca:0b:29:5f:ed:38:27:ff:9f:0e:
e1:90:5c:07:7d:28:1f:fa:d4:eb:51:f3:03:69:73:
06:b5:4e:5d:4b:a5:70:c3:8a:c6:ac:3f:3d:9b:9e:
e3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B1:58:B1:E6:13:BC:5B:A2:93:59:24:65:D4:17:6A:7E:4D:51:3E
X509v3 Authority Key Identifier:
keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/u7FYseYTvFuik1kkZdQXan5NUT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.208.0/23
Signature Algorithm: sha256WithRSAEncryption
44:82:f2:1d:83:32:25:80:0f:44:b5:58:31:a3:70:fb:94:a9:
70:5b:47:a9:34:cb:fc:aa:91:0b:c7:53:c2:fb:1b:c8:8f:15:
6e:96:4d:9c:c7:7d:f6:1c:6d:ce:59:31:df:d0:ea:fa:47:0b:
b7:bd:6a:b5:ff:f9:d0:ef:d7:73:41:fb:7b:68:e1:60:92:f1:
87:41:2d:1e:31:bb:4c:61:f5:8e:4f:21:f5:55:9d:20:09:63:
ff:4a:a1:8d:d0:2f:54:a0:dc:a6:8b:bf:fc:fc:e4:2c:ca:d5:
59:9a:2e:fa:81:23:79:9c:ac:fa:ac:56:f6:16:90:fb:3f:8f:
82:e1:2a:37:9c:24:04:3d:33:50:72:35:e2:86:f7:1f:22:51:
d7:ac:47:76:9f:7d:0b:97:a0:9a:3d:69:ad:a5:59:b4:af:81:
e6:50:37:cd:f0:fe:45:9e:6a:a5:1a:96:21:b3:b0:2f:99:46:
99:03:3b:99:bf:50:22:78:ef:12:54:93:78:26:46:49:ad:1b:
78:e2:30:3c:29:99:14:a3:d9:b4:fe:0c:d7:33:14:d4:0a:09:
47:ee:a6:e7:97:30:7d:18:8e:ce:1a:89:34:68:a2:b8:c0:18:
10:cc:7f:79:9d:b9:65:4b:bb:8c:fb:f6:e9:20:d0:6d:62:f9:
8e:10:30:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkOFTvkE88lTF0sQDYbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4
NGU4YzYwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIxNThiMWU2MTNiYzViYTI5MzU5MjQ2NWQ0MTc2YTdlNGQ1MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdjPEHSBvIOJciAKWt6+Ffh88pnk
nvJUMiknYJWlRl6alBgR1bPbeRdtqjKOr3OBZYbXDB/Gv24zeqSW2k+9HYNqsigS
a5+6Hk69ynuXOgDaPuxEzcQdqTMWZHup+1ZgNOt3gg/vRP8DbRVXt0rncc7D1c53
QeKngRZaZKSP3uaKdePNCwadKnbKWnoZc8BkUn1oDawOQp38qceEOVao4O+LmgEY
jKrzj5d3Qvyu5Uw5fCarAwHZM6hZGTtbgv+7htJD71Z1ErzZ6MwSIWaadT8ij2zZ
ZsoLKV/tOCf/nw7hkFwHfSgf+tTrUfMDaXMGtU5dS6Vww4rGrD89m57jxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuxWLHmE7xbopNZJGXUF2p+TVE+MB8GA1UdIwQY
MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt
YjBkNzJlOTEwZWZlLzEvdTdGWXNlWVR2RnVpazFra1pkUVhhbjVOVVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl
LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwjQMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgvIdgzIlgA9EtVgxo3D7lKlwW0epNMv8qpELx1PC
+xvIjxVulk2cx332HG3OWTHf0Or6Rwu3vWq1//nQ79dzQft7aOFgkvGHQS0eMbtM
YfWOTyH1VZ0gCWP/SqGN0C9UoNymi7/8/OQsytVZmi76gSN5nKz6rFb2FpD7P4+C
4So3nCQEPTNQcjXihvcfIlHXrEd2n30Ll6CaPWmtpVm0r4HmUDfN8P5FnmqlGpYh
s7AvmUaZAzuZv1AieO8SVJN4JkZJrRt44jA8KZkUo9m0/gzXMxTUCglH7qbnlzB9
GI7OGok0aKK4wBgQzH95nbllS7uM+/bpINBtYvmOEDA7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:03 2025 by rpki-client