Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/uHKayVI4xsHMQjxG3UFmVrivhjw.roa
File: uHKayVI4xsHMQjxG3UFmVrivhjw.roa (raw, json)
Hash identifier: kr7dUfDVN0h2sJ/IIqmABaJqnYUQdNpJ4GSNplfefh4=
Subject key identifier: B8:72:9A:C9:52:38:C6:C1:CC:42:3C:46:DD:41:66:56:B8:AF:86:3C
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B256EC97B4CFE01B924DC92485ED04
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/uHKayVI4xsHMQjxG3UFmVrivhjw.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9056
IP address blocks: 194.149.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:56:ec:97:b4:cf:e0:1b:92:4d:c9:24:85:ed:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8729ac95238c6c1cc423c46dd416656b8af863c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:b8:70:25:90:09:03:5f:00:a9:5c:c2:e5:
84:ee:b1:ab:9e:03:9d:32:9a:7c:86:ab:8d:9d:8b:
60:c9:df:80:ad:35:d0:86:50:73:b8:05:45:55:7d:
14:09:67:2f:c8:2f:45:c1:7b:eb:23:75:85:b6:87:
5d:8f:4d:82:a8:04:c0:47:a5:bb:29:2f:ed:76:03:
91:1a:80:b6:e1:f0:65:9b:ef:28:3e:d1:de:03:e5:
0f:96:81:0f:13:10:18:74:d0:58:b0:6d:05:69:df:
92:0c:58:14:59:3d:b7:1b:ad:1e:51:62:93:f7:6c:
d2:79:5e:5f:c4:b4:3b:ec:da:fd:b4:17:2f:a6:41:
33:99:18:be:ed:12:11:e0:52:82:16:c5:09:33:6c:
52:c0:d3:b8:a7:7f:04:eb:e9:38:44:bd:99:bd:4d:
42:43:b0:15:81:41:57:1b:1f:7b:23:b3:06:0c:44:
a6:1f:fd:2d:f3:c3:8c:30:3f:98:aa:1c:54:14:4c:
f7:5e:08:be:cc:f5:62:35:83:cb:e3:76:27:3b:e0:
88:3d:8c:69:bc:bf:06:64:48:b4:14:8b:f3:88:12:
01:7b:e3:ff:ae:bf:f5:2f:43:2b:69:74:ca:61:15:
1a:44:10:23:d6:23:69:c4:96:e6:44:b3:42:45:6d:
66:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:72:9A:C9:52:38:C6:C1:CC:42:3C:46:DD:41:66:56:B8:AF:86:3C
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/uHKayVI4xsHMQjxG3UFmVrivhjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.149.66.0/24
Signature Algorithm: sha256WithRSAEncryption
95:de:e8:21:6f:97:fb:ba:59:bb:78:ef:e1:91:96:e9:ce:cb:
78:ae:f3:5e:75:fa:65:d9:44:d2:65:fa:b0:9f:f8:aa:1f:ef:
ea:af:fd:8c:fb:8a:66:c5:e8:a6:34:16:03:98:4c:5e:71:e6:
e3:6f:59:bd:f4:ed:80:91:9c:06:50:26:0e:c4:24:43:33:c5:
29:9e:91:a5:82:21:e6:1e:e1:6d:13:6d:b4:af:cd:4e:60:fc:
2f:02:e1:74:c9:62:c8:2b:58:12:9e:be:a3:c9:b5:fe:ca:6c:
31:54:b1:9f:2f:86:42:6e:16:8e:bb:e1:7b:9d:97:b1:6d:71:
08:5c:41:31:0e:31:84:f7:bb:0b:11:1c:59:26:b1:c4:25:bc:
2f:16:a1:9f:6f:d5:6c:53:cb:da:df:25:c6:b1:1a:26:5f:c3:
dc:41:5c:b0:d2:23:68:9a:92:e4:2c:6d:d6:85:93:85:bb:35:
89:d7:cf:10:7e:56:d3:69:3c:8d:dc:9d:56:97:fa:15:3c:f8:
fa:1e:b2:47:2f:59:37:52:7c:20:bf:c8:75:bc:48:fe:6b:78:
1b:2c:0c:27:e1:e0:91:ff:cb:77:55:96:d3:97:26:91:72:33:
1e:45:7e:f9:10:1f:d8:7f:77:0c:92:df:dc:78:ae:5f:22:09:
54:b5:a4:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslbsl7TP4BuSTckkhe0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODcyOWFjOTUyMzhjNmMxY2M0MjNjNDZkZDQxNjY1NmI4YWY4NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsS4cCWQCQNfAKlcwuWE7rGrngOd
Mpp8hquNnYtgyd+ArTXQhlBzuAVFVX0UCWcvyC9FwXvrI3WFtoddj02CqATAR6W7
KS/tdgORGoC24fBlm+8oPtHeA+UPloEPExAYdNBYsG0Fad+SDFgUWT23G60eUWKT
92zSeV5fxLQ77Nr9tBcvpkEzmRi+7RIR4FKCFsUJM2xSwNO4p38E6+k4RL2ZvU1C
Q7AVgUFXGx97I7MGDESmH/0t88OMMD+YqhxUFEz3Xgi+zPViNYPL43YnO+CIPYxp
vL8GZEi0FIvziBIBe+P/rr/1L0MraXTKYRUaRBAj1iNpxJbmRLNCRW1mswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhymslSOMbBzEI8Rt1BZla4r4Y8MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdUhLYXlWSTR4c0hNUWp4RzNVRm1Wcml2aGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpVCMA0G
CSqGSIb3DQEBCwUAA4IBAQCV3ughb5f7ulm7eO/hkZbpzst4rvNedfpl2UTSZfqw
n/iqH+/qr/2M+4pmxeimNBYDmExecebjb1m99O2AkZwGUCYOxCRDM8UpnpGlgiHm
HuFtE220r81OYPwvAuF0yWLIK1gSnr6jybX+ymwxVLGfL4ZCbhaOu+F7nZexbXEI
XEExDjGE97sLERxZJrHEJbwvFqGfb9VsU8va3yXGsRomX8PcQVyw0iNompLkLG3W
hZOFuzWJ188QflbTaTyN3J1Wl/oVPPj6HrJHL1k3Unwgv8h1vEj+a3gbLAwn4eCR
/8t3VZbTlyaRcjMeRX75EB/Yf3cMkt/ceK5fIglUtaTj
-----END CERTIFICATE-----
Generated at Tue Apr 15 18:56:10 2025 by rpki-client