Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/uSLH-6azWyM6_toWim6PNb4arp4.roa
File: uSLH-6azWyM6_toWim6PNb4arp4.roa (raw, json)
Hash identifier: imwU+Zb8TWocoYkIF0ZGoxJDK+doen6jZopoR2zFVWE=
Subject key identifier: B9:22:C7:FB:A6:B3:5B:23:3A:FE:DA:16:8A:6E:8F:35:BE:1A:AE:9E
Certificate issuer: /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial: 0194221F7FCE433F42DA52EA4861F6AF66DA
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/uSLH-6azWyM6_toWim6PNb4arp4.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15806
IP address blocks: 137.191.224.0/19 maxlen: 24
193.178.64.0/19 maxlen: 24
193.178.96.0/20 maxlen: 24
2a01:88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7f:ce:43:3f:42:da:52:ea:48:61:f6:af:66:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b922c7fba6b35b233afeda168a6e8f35be1aae9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:78:7a:27:1c:12:fd:0a:76:23:2f:dc:77:
e0:a8:20:da:de:d0:64:b0:10:0f:41:ec:55:06:5a:
92:ab:1f:50:f4:0d:0e:1c:4d:fb:f3:fe:db:85:5f:
3f:12:82:0f:ad:ce:c9:5e:c6:7e:d9:2f:5a:c5:94:
74:0d:ee:c0:da:95:2a:6c:61:eb:36:e8:2e:34:4d:
e7:73:3f:2c:a4:1d:79:4f:08:35:85:85:cd:40:15:
8d:95:d4:99:10:0b:98:1c:e9:50:0f:fa:e1:67:6e:
56:df:e3:08:f6:a4:c7:b9:7b:c2:00:a7:f7:9d:d7:
f1:47:6f:b4:98:53:16:44:e7:9e:65:d4:b9:29:ae:
4c:33:a5:22:63:91:6b:4c:4b:c6:90:e8:ca:fc:54:
67:d9:5d:16:0e:63:e6:7f:55:26:bb:03:9c:8b:b1:
1b:1e:9a:57:54:63:83:f5:d1:75:94:02:b9:87:b9:
96:ca:09:0b:25:fd:5d:00:9d:be:8a:69:dc:bf:25:
d7:b0:be:5e:3d:75:41:c9:a5:9e:f2:09:96:51:68:
c2:67:9f:e9:cf:4c:f6:eb:f6:d7:eb:51:08:fe:56:
a7:fb:0e:a7:c8:c0:1a:14:f2:2f:61:41:3a:85:ee:
b3:87:0d:cd:d1:ca:ef:80:28:93:49:3a:bd:3b:39:
77:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:22:C7:FB:A6:B3:5B:23:3A:FE:DA:16:8A:6E:8F:35:BE:1A:AE:9E
X509v3 Authority Key Identifier:
keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/uSLH-6azWyM6_toWim6PNb4arp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.191.224.0/19
193.178.64.0-193.178.111.255
IPv6:
2a01:88::/32
Signature Algorithm: sha256WithRSAEncryption
48:5e:15:c3:d3:06:b7:a4:82:82:6c:4d:80:71:f4:3c:7d:10:
5c:36:88:5c:43:f0:81:6d:72:5b:a6:03:38:23:ad:74:8e:22:
80:58:60:57:bc:7f:5f:79:6f:37:fa:19:43:6e:3b:c5:a2:99:
c4:5f:6b:96:8b:0f:c2:24:94:46:6c:b6:47:59:f3:ed:f2:09:
56:ba:c6:82:7f:db:95:07:a5:c8:92:53:ea:04:e7:3d:73:33:
4f:c2:29:b3:d5:0c:fe:57:ff:70:e9:98:93:67:99:f8:03:13:
0d:78:cc:62:d6:6e:9a:10:d0:4d:de:14:b1:6f:e7:59:b1:67:
e2:64:2d:2c:78:5a:46:6b:45:0d:b6:55:0a:32:43:70:11:a3:
81:dd:58:24:35:fe:ff:83:ee:d8:d6:93:ad:86:fe:d3:94:05:
d4:65:72:1a:62:9d:a4:9f:e5:92:a1:75:4c:56:00:e7:a0:dc:
06:9a:5c:49:b8:c2:af:85:df:ec:56:90:08:a6:dd:3a:ae:0d:
ad:37:e3:ab:d6:94:29:95:1a:d1:12:a7:10:db:a8:26:2c:84:
b3:46:79:39:fe:93:ed:0d:e3:34:fb:de:1f:04:8a:c7:56:3b:
c1:cc:80:dc:04:65:05:be:1c:07:3c:10:39:c1:f7:8c:dd:59:
a7:e5:af:25
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQiH3/OQz9C2lLqSGH2r2baMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNhMDRhN2QwZWIyZGY0N2RhZjBjMzlmYmE3NWUzNjVj
ODg1M2QwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIyYzdmYmE2YjM1YjIzM2FmZWRhMTY4YTZlOGYzNWJlMWFhZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5d4eiccEv0KdiMv3HfgqCDa3tBk
sBAPQexVBlqSqx9Q9A0OHE378/7bhV8/EoIPrc7JXsZ+2S9axZR0De7A2pUqbGHr
NuguNE3ncz8spB15Twg1hYXNQBWNldSZEAuYHOlQD/rhZ25W3+MI9qTHuXvCAKf3
ndfxR2+0mFMWROeeZdS5Ka5MM6UiY5FrTEvGkOjK/FRn2V0WDmPmf1UmuwOci7Eb
HppXVGOD9dF1lAK5h7mWygkLJf1dAJ2+imncvyXXsL5ePXVByaWe8gmWUWjCZ5/p
z0z26/bX61EI/lan+w6nyMAaFPIvYUE6he6zhw3N0crvgCiTSTq9Ozl3iwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLkix/ums1sjOv7aFopujzW+Gq6eMB8GA1UdIwQY
MBaAFGxzoEp9DrLfR9rww5+6deNlyIU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMt
Zjk2MzMyOTJjOTc3LzEvdVNMSC02YXpXeU02X3RvV2ltNlBOYjRhcnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMtZjk2MzMyOTJjOTc3
LzEvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFib/gMAwD
BAbBskADBATBsmAwDQQCAAIwBwMFACoBAIgwDQYJKoZIhvcNAQELBQADggEBAEhe
FcPTBrekgoJsTYBx9Dx9EFw2iFxD8IFtclumAzgjrXSOIoBYYFe8f195bzf6GUNu
O8WimcRfa5aLD8IklEZstkdZ8+3yCVa6xoJ/25UHpciSU+oE5z1zM0/CKbPVDP5X
/3DpmJNnmfgDEw14zGLWbpoQ0E3eFLFv51mxZ+JkLSx4WkZrRQ22VQoyQ3ARo4Hd
WCQ1/v+D7tjWk62G/tOUBdRlchpinaSf5ZKhdUxWAOeg3AaaXEm4wq+F3+xWkAim
3TquDa0346vWlCmVGtESpxDbqCYshLNGeTn+k+0N4zT73h8EisdWO8HMgNwEZQW+
HAc8EDnB94zdWaflryU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:53:52 2025 by rpki-client