Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uVCGbxwXhXNYR4adE3tFeK_Bd84.roa
File: uVCGbxwXhXNYR4adE3tFeK_Bd84.roa (raw, json)
Hash identifier: nJTdUthAuuE0z+CVNafieebro2C2IE+zEICoDr2xS3Y=
Subject key identifier: B9:50:86:6F:1C:17:85:73:58:47:86:9D:13:7B:45:78:AF:C1:77:CE
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6CD676147C269046712640F829F43
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uVCGbxwXhXNYR4adE3tFeK_Bd84.roa
Signing time: Wed 01 Jan 2025 21:47:47 +0000
ROA not before: Wed 01 Jan 2025 21:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213250
IP address blocks: 89.42.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:cd:67:61:47:c2:69:04:67:12:64:0f:82:9f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b950866f1c1785735847869d137b4578afc177ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ee:bf:18:cc:2a:6b:b5:3f:61:5a:ca:9d:48:
cf:55:67:0e:65:4d:c3:70:de:7e:fb:4e:a5:f6:72:
a0:fd:31:00:7e:47:51:68:7f:3d:09:cf:20:17:d0:
68:87:c7:cf:81:d5:00:35:06:2c:04:98:be:fb:31:
b8:24:83:70:14:b3:70:9c:43:bb:b5:78:a4:de:07:
4c:91:12:64:16:cc:06:ba:e2:1d:23:27:89:cf:75:
73:f9:94:f8:5c:c4:d0:4a:3a:b2:4a:b9:e9:49:b2:
af:4f:e2:b5:2f:5a:1c:21:51:9f:ba:84:e2:e0:0d:
b4:23:42:a0:3d:20:44:41:ca:f3:41:82:54:4d:bf:
3a:3e:e3:76:24:81:1f:9e:a0:c6:76:fc:bd:63:aa:
2e:f0:69:2e:b2:02:1e:fd:4b:63:d4:04:e4:aa:f7:
12:88:ac:d3:ab:b1:4e:57:fb:00:e1:ff:9b:bb:69:
83:c8:2a:e0:34:99:07:24:77:95:b5:1e:e6:83:b0:
4e:68:6f:d8:4a:b9:16:83:85:16:43:af:df:6e:bc:
c1:2a:ee:89:94:b0:6a:d6:37:d6:50:fd:9b:07:55:
59:2c:19:71:ff:8f:bf:24:96:b7:a1:ca:55:2d:76:
36:9b:03:b9:a4:ef:fc:2d:a8:2a:34:a1:03:db:6c:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:50:86:6F:1C:17:85:73:58:47:86:9D:13:7B:45:78:AF:C1:77:CE
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uVCGbxwXhXNYR4adE3tFeK_Bd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.88.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b0:ac:e1:84:90:b6:24:f0:0b:14:dd:d3:67:e9:49:90:c0:
40:52:a3:8b:9a:e2:65:f5:e6:c9:00:d8:b3:de:f7:13:94:9a:
ed:93:1b:6e:d9:52:66:f6:0f:5d:26:3b:1a:61:63:a0:16:5f:
1c:0e:37:cc:0e:59:1b:89:2d:9d:45:a3:a3:84:15:93:a7:5e:
e1:9e:29:33:55:d4:c6:33:88:21:2f:19:17:3c:ba:6d:ef:57:
2b:ea:d6:79:0d:70:cd:44:6b:7d:34:a8:3f:fb:e3:58:7f:26:
0b:33:0e:86:a1:e6:1d:68:89:3e:5d:a5:84:bd:68:d3:34:9a:
05:de:26:57:42:e1:9f:15:70:8a:d2:43:cc:8f:52:c9:75:43:
54:30:a7:cb:25:19:5d:6c:e1:50:12:06:f3:c9:85:54:a8:71:
d5:71:83:0a:6c:b8:a8:05:4d:1b:23:25:41:a8:2b:2f:d5:b2:
fa:c2:2d:24:39:c9:83:2f:2f:e2:4f:40:3a:f1:a4:3b:98:31:
d0:ed:22:ca:30:29:56:69:ca:59:2a:a1:34:22:5f:3c:b2:83:
9c:08:d3:30:e9:51:85:e2:c6:2b:43:c6:0b:0e:54:5e:35:71:
36:9b:27:66:c7:95:1e:bf:fb:b6:10:03:65:ee:46:88:7d:58:
ae:92:13:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1s1nYUfCaQRnEmQPgp9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUwODY2ZjFjMTc4NTczNTg0Nzg2OWQxMzdiNDU3OGFmYzE3N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu6/GMwqa7U/YVrKnUjPVWcOZU3D
cN5++06l9nKg/TEAfkdRaH89Cc8gF9Boh8fPgdUANQYsBJi++zG4JINwFLNwnEO7
tXik3gdMkRJkFswGuuIdIyeJz3Vz+ZT4XMTQSjqySrnpSbKvT+K1L1ocIVGfuoTi
4A20I0KgPSBEQcrzQYJUTb86PuN2JIEfnqDGdvy9Y6ou8GkusgIe/Utj1ATkqvcS
iKzTq7FOV/sA4f+bu2mDyCrgNJkHJHeVtR7mg7BOaG/YSrkWg4UWQ6/fbrzBKu6J
lLBq1jfWUP2bB1VZLBlx/4+/JJa3ocpVLXY2mwO5pO/8LagqNKED22zywQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlQhm8cF4VzWEeGnRN7RXivwXfOMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdVZDR2J4d1hoWE5ZUjRhZEUzdEZlS19CZDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpYMA0G
CSqGSIb3DQEBCwUAA4IBAQBMsKzhhJC2JPALFN3TZ+lJkMBAUqOLmuJl9ebJANiz
3vcTlJrtkxtu2VJm9g9dJjsaYWOgFl8cDjfMDlkbiS2dRaOjhBWTp17hnikzVdTG
M4ghLxkXPLpt71cr6tZ5DXDNRGt9NKg/++NYfyYLMw6GoeYdaIk+XaWEvWjTNJoF
3iZXQuGfFXCK0kPMj1LJdUNUMKfLJRldbOFQEgbzyYVUqHHVcYMKbLioBU0bIyVB
qCsv1bL6wi0kOcmDLy/iT0A68aQ7mDHQ7SLKMClWacpZKqE0Il88soOcCNMw6VGF
4sYrQ8YLDlReNXE2mydmx5Uev/u2EANl7kaIfViukhMw
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:21:54 2025 by rpki-client