Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/UNKbAcEAJHWJC-HG72D-vYqbVfQ.roa
File: UNKbAcEAJHWJC-HG72D-vYqbVfQ.roa (raw, json)
Hash identifier: m35AjrcjrDzhORVJU0fjE54zFfVUjrq+cuZi9udA0+8=
Subject key identifier: 50:D2:9B:01:C1:00:24:75:89:0B:E1:C6:EF:60:FE:BD:8A:9B:55:F4
Certificate issuer: /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial: 0194244535BE3F4D3A546AECC2675612B2AB
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/UNKbAcEAJHWJC-HG72D-vYqbVfQ.roa
Signing time: Wed 01 Jan 2025 23:48:23 +0000
ROA not before: Wed 01 Jan 2025 23:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 45.83.185.0/24 maxlen: 24
45.94.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:35:be:3f:4d:3a:54:6a:ec:c2:67:56:12:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Validity
Not Before: Jan 1 23:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50d29b01c1002475890be1c6ef60febd8a9b55f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:c4:8d:b3:41:35:bf:37:9d:a7:e2:ba:9a:
33:19:a7:c5:82:49:89:de:ec:13:34:62:16:a7:d3:
de:ca:b4:26:fe:0c:b5:e6:0e:88:55:b6:1f:19:02:
48:09:18:82:f8:ae:e7:69:54:ea:4b:d2:00:74:87:
5c:52:1a:bd:f1:f4:b1:4f:23:f5:c2:d7:0e:8c:06:
dc:b9:bc:5f:74:93:37:b9:f5:f9:c3:7c:8a:df:4c:
6d:b6:be:d2:c2:38:73:52:cc:13:59:92:b7:1f:a2:
33:5f:d9:35:b6:84:16:22:9c:7a:ab:c6:85:de:5b:
fc:fb:9a:12:b4:12:96:5a:0e:13:74:7c:d4:7b:98:
db:7c:3e:87:4b:7a:03:58:82:07:4b:7e:16:ee:7c:
11:8d:65:cb:e3:a3:71:6b:62:ec:af:37:f4:25:eb:
87:02:db:19:54:54:e8:82:cb:9c:71:27:63:b6:cb:
79:3a:af:94:2b:1e:89:60:f9:ba:61:29:0a:7d:8e:
05:07:6c:27:66:9c:be:0b:6f:7a:ae:62:a6:e9:0b:
dd:c8:c4:a5:66:6e:8a:be:e1:cb:c7:c4:2f:33:71:
c0:72:b6:5e:9b:e7:c0:57:84:a6:23:92:07:59:9b:
c2:2d:57:b0:4e:6a:04:60:71:64:a9:a6:8a:23:89:
24:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D2:9B:01:C1:00:24:75:89:0B:E1:C6:EF:60:FE:BD:8A:9B:55:F4
X509v3 Authority Key Identifier:
keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/UNKbAcEAJHWJC-HG72D-vYqbVfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.185.0/24
45.94.25.0/24
Signature Algorithm: sha256WithRSAEncryption
84:40:73:6a:51:1e:6a:5f:74:1f:9d:57:60:76:2b:be:93:d4:
50:be:81:13:8d:fb:a6:a2:f3:7b:8c:93:3d:b5:00:44:cb:b1:
08:99:5a:52:4b:38:fa:99:6e:5a:74:f1:3d:5c:00:e7:3f:6b:
20:a2:5a:12:f1:36:78:78:17:07:ad:92:ed:be:0a:25:87:38:
3a:26:cd:24:78:32:6f:a9:f7:f2:1c:7e:75:aa:51:39:ae:99:
91:f4:88:71:dc:9d:b8:7c:30:ac:99:da:51:de:91:df:d8:a9:
56:b3:69:e6:83:4b:af:9c:35:a1:ad:59:44:9a:b2:bd:98:df:
56:fa:e6:01:8a:03:8f:bb:8f:e7:ee:6a:69:05:2f:b2:a0:da:
24:be:c8:72:07:ba:9e:97:48:3e:f8:98:ad:87:c4:09:6d:2d:
8e:2a:d3:c2:bc:4b:57:fd:61:41:e2:ee:de:5a:32:47:bb:2e:
35:57:3e:07:f1:df:bd:d2:f9:3b:c7:2a:95:a2:c9:e2:1c:dc:
71:47:eb:2f:49:5d:15:2d:6b:bf:25:72:3a:b6:18:b9:92:51:
6a:00:99:22:8c:0c:8a:db:94:86:49:07:04:67:f8:69:8b:ac:
10:03:30:11:5c:e6:52:d3:37:9f:d8:ce:6b:a5:80:f7:38:bd:
58:0f:46:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRTW+P006VGrswmdWErKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjUwMTAxMjM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQyOWIwMWMxMDAyNDc1ODkwYmUxYzZlZjYwZmViZDhhOWI1NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy/EjbNBNb83nafiupozGafFgkmJ
3uwTNGIWp9PeyrQm/gy15g6IVbYfGQJICRiC+K7naVTqS9IAdIdcUhq98fSxTyP1
wtcOjAbcubxfdJM3ufX5w3yK30xttr7SwjhzUswTWZK3H6IzX9k1toQWIpx6q8aF
3lv8+5oStBKWWg4TdHzUe5jbfD6HS3oDWIIHS34W7nwRjWXL46Nxa2Lsrzf0JeuH
AtsZVFTogsuccSdjtst5Oq+UKx6JYPm6YSkKfY4FB2wnZpy+C296rmKm6QvdyMSl
Zm6KvuHLx8QvM3HAcrZem+fAV4SmI5IHWZvCLVewTmoEYHFkqaaKI4kkjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDSmwHBACR1iQvhxu9g/r2Km1X0MB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvVU5LYkFjRUFKSFdKQy1IRzcyRC12WXFiVmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVO5AwQA
LV4ZMA0GCSqGSIb3DQEBCwUAA4IBAQCEQHNqUR5qX3QfnVdgdiu+k9RQvoETjfum
ovN7jJM9tQBEy7EImVpSSzj6mW5adPE9XADnP2sgoloS8TZ4eBcHrZLtvgolhzg6
Js0keDJvqffyHH51qlE5rpmR9Ihx3J24fDCsmdpR3pHf2KlWs2nmg0uvnDWhrVlE
mrK9mN9W+uYBigOPu4/n7mppBS+yoNokvshyB7qel0g++Jith8QJbS2OKtPCvEtX
/WFB4u7eWjJHuy41Vz4H8d+90vk7xyqVosniHNxxR+svSV0VLWu/JXI6thi5klFq
AJkijAyK25SGSQcEZ/hpi6wQAzARXOZS0zef2M5rpYD3OL1YD0bw
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:35 2025 by rpki-client