Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bUw7vUVn4cQiT9NfW716xSywuCE.roa
File: bUw7vUVn4cQiT9NfW716xSywuCE.roa (raw, json)
Hash identifier: 0o28YQYCqCXv7+7/uFNPlbdyY5SL/GVENUzDTrCxP4I=
Subject key identifier: 6D:4C:3B:BD:45:67:E1:C4:22:4F:D3:5F:5B:BD:7A:C5:2C:B0:B8:21
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0194221F9D44B79E7940BD5F6F753E323BEA
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bUw7vUVn4cQiT9NfW716xSywuCE.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208582
IP address blocks: 185.51.8.0/22 maxlen: 24
185.211.60.0/22 maxlen: 24
2a01:aee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9d:44:b7:9e:79:40:bd:5f:6f:75:3e:32:3b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d4c3bbd4567e1c4224fd35f5bbd7ac52cb0b821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:9e:31:a5:79:a2:71:5e:9b:97:62:85:ac:
d4:b1:60:03:14:83:6a:65:37:1e:a3:67:8e:12:d5:
ee:e8:59:1d:21:0c:b1:e6:b2:a9:42:e0:51:96:08:
47:95:40:53:20:3f:0f:0c:1f:a1:ba:31:8b:e7:27:
21:c0:c3:2b:e1:d6:1a:99:04:0e:8e:65:ac:45:c6:
a7:39:79:37:ea:41:ae:41:4a:dd:91:1e:5f:82:85:
9f:7c:06:5d:60:72:e7:21:b9:b4:84:43:d7:7d:3d:
b9:89:f8:0f:81:63:ed:fb:5e:eb:26:ec:5d:04:91:
37:35:d1:c6:77:65:47:6a:af:d3:03:82:e1:89:3a:
65:1d:6c:ef:b4:f0:60:0c:ff:89:98:57:a3:fe:85:
3b:1a:91:ca:be:e4:7a:0f:78:c1:9d:e9:55:41:1b:
3a:79:fe:09:87:54:eb:d1:43:ab:88:66:2c:53:7c:
95:ed:37:08:f0:92:d3:e2:7a:b7:f5:64:3f:f2:af:
9b:41:1e:a9:30:49:85:18:df:f5:05:9e:8c:1a:c6:
75:7d:09:d6:7c:1e:17:da:59:e4:5f:d3:6c:88:7f:
26:c7:2d:a2:d4:eb:91:6e:89:10:10:bc:7d:48:d5:
fe:0c:6b:68:81:06:ef:98:40:77:9a:15:92:ca:d8:
e6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4C:3B:BD:45:67:E1:C4:22:4F:D3:5F:5B:BD:7A:C5:2C:B0:B8:21
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bUw7vUVn4cQiT9NfW716xSywuCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.8.0/22
185.211.60.0/22
IPv6:
2a01:aee0::/32
Signature Algorithm: sha256WithRSAEncryption
77:ae:04:31:ff:94:20:a2:78:2d:19:88:77:46:eb:52:9d:f1:
d1:10:6d:24:f9:1a:e0:40:f2:e5:56:7e:40:be:c0:2c:be:b0:
cb:81:ec:5b:0e:43:25:68:33:c7:40:da:26:60:f3:ab:ec:e3:
4b:71:c1:6b:bb:a2:68:a5:c7:27:63:fe:93:67:26:15:d3:d4:
76:90:f1:a3:5f:4d:ce:67:0b:66:21:f4:ee:47:ea:af:b3:3c:
86:f8:64:74:f7:82:c4:af:15:5c:42:61:65:2e:83:18:ee:cb:
ce:2d:94:a9:1f:b4:c3:fe:05:2e:f4:1c:38:b2:91:18:4e:0e:
bc:fd:04:51:b6:c3:60:5b:7c:bf:11:8e:2d:ac:de:ad:3c:52:
50:d5:8d:11:2c:ea:d6:00:6b:45:3d:4b:da:7a:4a:cd:72:36:
12:a9:3d:07:70:2d:3a:4b:95:d3:88:19:7d:0b:82:30:5b:4f:
06:f3:a0:b3:9c:f9:87:f1:ca:0d:f4:64:df:19:00:81:af:16:
64:60:d2:9d:d5:cb:6e:5c:16:99:fa:1c:9c:c5:64:26:50:e2:
8a:e7:39:d2:9f:52:4a:0e:51:53:73:a1:df:60:18:b4:90:29:
40:91:ac:ca:9e:47:4a:49:d2:72:e3:11:b6:61:a7:0e:9d:bf:
58:07:18:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH51Et555QL1fb3U+MjvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRjM2JiZDQ1NjdlMWM0MjI0ZmQzNWY1YmJkN2FjNTJjYjBiODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7CeMaV5onFem5dihazUsWADFINq
ZTceo2eOEtXu6FkdIQyx5rKpQuBRlghHlUBTID8PDB+hujGL5ychwMMr4dYamQQO
jmWsRcanOXk36kGuQUrdkR5fgoWffAZdYHLnIbm0hEPXfT25ifgPgWPt+17rJuxd
BJE3NdHGd2VHaq/TA4LhiTplHWzvtPBgDP+JmFej/oU7GpHKvuR6D3jBnelVQRs6
ef4Jh1Tr0UOriGYsU3yV7TcI8JLT4nq39WQ/8q+bQR6pMEmFGN/1BZ6MGsZ1fQnW
fB4X2lnkX9NsiH8mxy2i1OuRbokQELx9SNX+DGtogQbvmEB3mhWSytjmhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG1MO71FZ+HEIk/TX1u9esUssLghMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvYlV3N3ZVVm40Y1FpVDlOZlc3MTZ4U3l3dUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTMIAwQC
udM8MA0EAgACMAcDBQAqAa7gMA0GCSqGSIb3DQEBCwUAA4IBAQB3rgQx/5Qgongt
GYh3RutSnfHREG0k+RrgQPLlVn5AvsAsvrDLgexbDkMlaDPHQNomYPOr7ONLccFr
u6JopccnY/6TZyYV09R2kPGjX03OZwtmIfTuR+qvszyG+GR094LErxVcQmFlLoMY
7svOLZSpH7TD/gUu9Bw4spEYTg68/QRRtsNgW3y/EY4trN6tPFJQ1Y0RLOrWAGtF
PUvaekrNcjYSqT0HcC06S5XTiBl9C4IwW08G86CznPmH8coN9GTfGQCBrxZkYNKd
1ctuXBaZ+hycxWQmUOKK5znSn1JKDlFTc6HfYBi0kClAkazKnkdKSdJy4xG2YacO
nb9YBxgf
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:25:06 2025 by rpki-client