Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/U8FQsy0_ygrjfzDfPCuVUPjhxFI.roa
File: U8FQsy0_ygrjfzDfPCuVUPjhxFI.roa (raw, json)
Hash identifier: VMdtwa4FkFy7nwi/xmcQtKtxXBN5sTN7YZIqy4ryF34=
Subject key identifier: 53:C1:50:B3:2D:3F:CA:0A:E3:7F:30:DF:3C:2B:95:50:F8:E1:C4:52
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F7BD8B43F28B509EE6FA7C5101484
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/U8FQsy0_ygrjfzDfPCuVUPjhxFI.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208333
IP address blocks: 2a01:e901:105::/48 maxlen: 48
2a01:e901:115::/48 maxlen: 48
2a01:e901:125::/48 maxlen: 48
2a01:e901:135::/48 maxlen: 48
2a01:e901:145::/48 maxlen: 48
2a01:e901:155::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7b:d8:b4:3f:28:b5:09:ee:6f:a7:c5:10:14:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53c150b32d3fca0ae37f30df3c2b9550f8e1c452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:18:ac:ad:4e:3e:f3:ca:dd:c2:64:54:12:3e:
cd:53:d9:77:b6:ea:d1:11:e3:6e:8c:2c:16:76:e6:
86:fd:82:a3:bb:41:77:b8:8d:91:2e:db:5c:ab:dc:
1c:c1:53:0a:83:30:49:5a:e2:57:9c:55:c5:74:e3:
b6:e9:05:3b:b9:83:98:2d:e5:77:b5:fa:3e:b0:bc:
f4:f6:df:d5:72:bc:f4:1a:47:6e:0b:ee:21:fa:30:
7f:74:0e:61:13:13:9a:47:c9:1c:ef:1d:c8:af:3b:
f7:59:f4:e8:44:52:f3:25:e3:de:ce:a0:46:2d:63:
e9:49:ec:56:77:b6:63:dd:37:ac:23:7a:55:a2:7c:
6c:c3:d9:93:37:44:b6:0f:3b:9a:60:8b:4c:00:06:
bc:ff:c3:e2:3d:1d:3e:a4:00:46:24:76:c4:3f:3c:
ea:17:6c:dc:34:6a:ac:98:00:e2:b6:f5:72:a7:35:
12:a9:a2:c7:05:9b:44:8c:24:d0:cb:59:5d:9c:c1:
9e:0a:01:a9:03:99:7f:ea:2b:98:cc:b5:3f:49:d4:
e5:b9:52:ed:ea:fd:16:01:d2:80:0c:aa:e8:d5:74:
0e:2f:c5:bf:f6:bb:dc:5c:e8:93:46:c4:91:e9:82:
72:fd:d9:36:40:50:2f:26:f4:95:a9:b4:04:04:d5:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C1:50:B3:2D:3F:CA:0A:E3:7F:30:DF:3C:2B:95:50:F8:E1:C4:52
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/U8FQsy0_ygrjfzDfPCuVUPjhxFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:105::/48
2a01:e901:115::/48
2a01:e901:125::/48
2a01:e901:135::/48
2a01:e901:145::/48
2a01:e901:155::/48
Signature Algorithm: sha256WithRSAEncryption
b4:e8:16:cf:f0:34:05:69:ae:89:76:8d:3c:f7:35:ea:e0:7a:
3f:16:e6:f9:7c:8d:b3:01:37:5b:f2:ec:88:ec:21:0f:c5:d0:
f3:74:d3:1a:af:bf:c3:52:98:26:1d:f0:7b:84:42:6f:87:f1:
6e:e4:c6:53:7b:b7:6a:59:84:e4:92:47:d4:95:a9:82:eb:71:
a2:8f:f9:fc:ff:15:06:4c:7b:cd:bf:07:d9:91:d4:9c:9d:bf:
f1:92:74:12:27:6e:bc:09:28:01:2c:3e:53:52:ca:81:f3:02:
86:33:d5:6b:3b:de:83:ca:aa:90:96:80:e2:3f:54:82:03:5e:
06:42:09:fc:90:58:cb:42:dc:ce:78:65:f2:e1:3a:e6:b1:3e:
ff:02:ee:b5:83:d0:90:dd:5b:73:09:f2:40:c3:ca:1f:73:d5:
71:73:77:ed:02:95:95:e2:be:d8:8d:82:aa:14:46:0f:1e:c6:
40:a2:21:7b:b6:f8:10:fc:3e:ce:69:88:bc:dc:06:a4:7d:a9:
eb:11:1a:5f:4c:ee:1f:48:b6:c0:c7:b7:65:a5:33:73:62:53:
13:72:93:47:2d:c1:b3:7a:8e:4b:89:75:e6:5e:6a:fd:6d:1a:
6f:0c:16:54:d6:9d:df:9d:a2:cc:b5:71:1b:a1:c9:45:52:a5:
66:92:26:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiH3vYtD8otQnub6fFEBSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2MxNTBiMzJkM2ZjYTBhZTM3ZjMwZGYzYzJiOTU1MGY4ZTFjNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxisrU4+88rdwmRUEj7NU9l3turR
EeNujCwWduaG/YKju0F3uI2RLttcq9wcwVMKgzBJWuJXnFXFdOO26QU7uYOYLeV3
tfo+sLz09t/Vcrz0GkduC+4h+jB/dA5hExOaR8kc7x3Irzv3WfToRFLzJePezqBG
LWPpSexWd7Zj3TesI3pVonxsw9mTN0S2DzuaYItMAAa8/8PiPR0+pABGJHbEPzzq
F2zcNGqsmADitvVypzUSqaLHBZtEjCTQy1ldnMGeCgGpA5l/6iuYzLU/SdTluVLt
6v0WAdKADKro1XQOL8W/9rvcXOiTRsSR6YJy/dk2QFAvJvSVqbQEBNWjlwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFPBULMtP8oK438w3zwrlVD44cRSMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvVThGUXN5MF95Z3JqZnpEZlBDdVZVUGpoeEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEF
AwcAKgHpAQEVAwcAKgHpAQElAwcAKgHpAQE1AwcAKgHpAQFFAwcAKgHpAQFVMA0G
CSqGSIb3DQEBCwUAA4IBAQC06BbP8DQFaa6Jdo089zXq4Ho/Fub5fI2zATdb8uyI
7CEPxdDzdNMar7/DUpgmHfB7hEJvh/Fu5MZTe7dqWYTkkkfUlamC63Gij/n8/xUG
THvNvwfZkdScnb/xknQSJ268CSgBLD5TUsqB8wKGM9VrO96DyqqQloDiP1SCA14G
Qgn8kFjLQtzOeGXy4TrmsT7/Au61g9CQ3VtzCfJAw8ofc9Vxc3ftApWV4r7YjYKq
FEYPHsZAoiF7tvgQ/D7OaYi83AakfanrERpfTO4fSLbAx7dlpTNzYlMTcpNHLcGz
eo5LiXXmXmr9bRpvDBZU1p3fnaLMtXEboclFUqVmkiao
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:21 2025 by rpki-client