Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/u_9bExtD3dKmpG7MbV9XCNNSbhc.roa
File: u_9bExtD3dKmpG7MbV9XCNNSbhc.roa (raw, json)
Hash identifier: A6Ah4cscvQSZmmj47ZDhKi6/GjDHBt3LAd3FqHRi8Dg=
Subject key identifier: BB:FF:5B:13:1B:43:DD:D2:A6:A4:6E:CC:6D:5F:57:08:D3:52:6E:17
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 01942521949359F78CBE31B534866B041F33
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/u_9bExtD3dKmpG7MbV9XCNNSbhc.roa
Signing time: Thu 02 Jan 2025 03:49:05 +0000
ROA not before: Thu 02 Jan 2025 03:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33835
IP address blocks: 92.42.216.0/21 maxlen: 21
217.169.240.0/20 maxlen: 20
217.169.246.0/23 maxlen: 23
2a02:2440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:94:93:59:f7:8c:be:31:b5:34:86:6b:04:1f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jan 2 03:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbff5b131b43ddd2a6a46ecc6d5f5708d3526e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4b:90:88:a5:35:03:e7:d7:ea:4c:cb:30:a9:
08:00:bd:ff:9f:77:4c:7f:1f:68:4d:da:42:c1:47:
55:14:d6:37:52:cb:03:a0:db:38:a2:32:15:73:3f:
21:b4:ad:aa:eb:a1:7d:f7:92:ab:75:3c:10:16:08:
1c:a2:06:51:6d:94:82:02:cb:27:95:d3:ff:4f:6c:
f6:b8:dc:db:e3:75:4d:97:0e:7d:42:ad:48:80:1f:
76:a7:ad:b7:04:97:bc:e9:63:49:39:2d:2d:a9:de:
df:40:fa:9e:ad:0f:54:84:4f:3f:d2:aa:05:34:b3:
37:6c:fb:3a:ac:30:ab:a2:9a:a1:f9:fe:16:e4:bd:
34:44:67:a9:02:09:2e:8c:5f:18:8f:41:86:24:27:
c9:3c:75:7b:66:68:2c:e9:c2:76:df:be:5a:2e:5e:
95:36:5c:83:18:b3:03:f5:e1:c1:88:7b:10:65:ca:
e0:57:0a:7d:90:68:8b:e6:4b:e9:99:31:cf:52:ed:
61:57:9a:93:c7:31:4c:5e:a5:96:0f:4d:8a:ae:e6:
b6:5e:b3:57:30:98:0b:b8:e9:96:eb:83:01:a1:a6:
2f:bf:28:f0:ab:8e:34:ef:b5:68:05:69:a2:15:e4:
c1:b7:ad:95:68:88:b0:ff:39:80:f6:10:77:ca:b6:
f8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FF:5B:13:1B:43:DD:D2:A6:A4:6E:CC:6D:5F:57:08:D3:52:6E:17
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/u_9bExtD3dKmpG7MbV9XCNNSbhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.216.0/21
217.169.240.0/20
IPv6:
2a02:2440::/32
Signature Algorithm: sha256WithRSAEncryption
47:42:65:06:ae:52:8e:ed:91:fa:10:16:15:c4:df:26:ed:2d:
3d:45:53:26:c8:0d:c5:42:82:aa:8c:fb:f4:ae:a9:0d:b1:01:
b6:78:d1:23:15:7a:f8:aa:cd:6e:ff:bd:f5:61:7b:4d:c6:9c:
ea:8c:5d:02:71:a1:f2:9f:a9:64:8c:fe:82:26:26:93:34:54:
c6:8b:6c:c6:fc:f2:59:ce:26:af:23:2f:bb:e6:4a:2d:ff:4d:
c8:61:5a:57:7f:86:34:c5:a6:42:a2:70:3d:85:29:e7:05:de:
67:1f:13:f8:45:ec:59:ba:2b:ec:99:5c:b0:32:26:27:08:52:
88:a3:b3:e7:ee:6b:0e:a7:25:f7:d0:a7:71:ce:cd:4f:69:9f:
61:82:5f:62:3f:e1:5f:67:3e:42:6a:29:81:4b:ac:15:05:17:
d9:72:23:bc:41:3d:1d:64:29:99:18:db:ff:51:d2:a7:89:de:
ae:83:df:3f:9d:f0:6d:45:14:5f:35:25:9e:2e:3a:e6:28:27:
ec:c7:68:ac:59:61:dd:1f:ee:48:60:ef:45:14:72:39:da:57:
75:13:a7:ac:d1:68:06:7d:a1:62:ef:06:0e:32:a8:e5:d8:aa:
7d:1e:b7:dc:59:ed:a5:4c:b8:66:71:94:63:f4:4b:3d:39:16:
7d:2d:32:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIZSTWfeMvjG1NIZrBB8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj
MzUxNjEwHhcNMjUwMTAyMDM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZmNWIxMzFiNDNkZGQyYTZhNDZlY2M2ZDVmNTcwOGQzNTI2ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0uQiKU1A+fX6kzLMKkIAL3/n3dM
fx9oTdpCwUdVFNY3UssDoNs4ojIVcz8htK2q66F995KrdTwQFggcogZRbZSCAssn
ldP/T2z2uNzb43VNlw59Qq1IgB92p623BJe86WNJOS0tqd7fQPqerQ9UhE8/0qoF
NLM3bPs6rDCropqh+f4W5L00RGepAgkujF8Yj0GGJCfJPHV7Zmgs6cJ2375aLl6V
NlyDGLMD9eHBiHsQZcrgVwp9kGiL5kvpmTHPUu1hV5qTxzFMXqWWD02Krua2XrNX
MJgLuOmW64MBoaYvvyjwq44077VoBWmiFeTBt62VaIiw/zmA9hB3yrb4LQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLv/WxMbQ93SpqRuzG1fVwjTUm4XMB8GA1UdIwQY
MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et
MDJhYmY4NTcyZmNiLzEvdV85YkV4dEQzZEttcEc3TWJWOVhDTk5TYmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi
LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXCrYAwQE
2anwMA0EAgACMAcDBQAqAiRAMA0GCSqGSIb3DQEBCwUAA4IBAQBHQmUGrlKO7ZH6
EBYVxN8m7S09RVMmyA3FQoKqjPv0rqkNsQG2eNEjFXr4qs1u/731YXtNxpzqjF0C
caHyn6lkjP6CJiaTNFTGi2zG/PJZziavIy+75kot/03IYVpXf4Y0xaZConA9hSnn
Bd5nHxP4RexZuivsmVywMiYnCFKIo7Pn7msOpyX30Kdxzs1PaZ9hgl9iP+FfZz5C
aimBS6wVBRfZciO8QT0dZCmZGNv/UdKnid6ug98/nfBtRRRfNSWeLjrmKCfsx2is
WWHdH+5IYO9FFHI52ld1E6es0WgGfaFi7wYOMqjl2Kp9HrfcWe2lTLhmcZRj9Es9
ORZ9LTJo
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:25:58 2025 by rpki-client