Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/uDBXK8T_CYBhR7j4qUX3KNaOzNA.roa
File: uDBXK8T_CYBhR7j4qUX3KNaOzNA.roa (raw, json)
Hash identifier: l69OGXgxbADqBf3n8PsE9PC3wGQv9qukdYrOEUN64Sw=
Subject key identifier: B8:30:57:2B:C4:FF:09:80:61:47:B8:F8:A9:45:F7:28:D6:8E:CC:D0
Certificate issuer: /CN=5259e000c991f78f243fde5980cd5cef649409e6
Certificate serial: 01941F8CA69DCF0846202A7956C1E078B175
Authority key identifier: 52:59:E0:00:C9:91:F7:8F:24:3F:DE:59:80:CD:5C:EF:64:94:09:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/uDBXK8T_CYBhR7j4qUX3KNaOzNA.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35292
IP address blocks: 78.31.168.0/21 maxlen: 24
87.239.136.0/21 maxlen: 24
193.47.73.0/24 maxlen: 24
2001:678:2a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a6:9d:cf:08:46:20:2a:79:56:c1:e0:78:b1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5259e000c991f78f243fde5980cd5cef649409e6
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b830572bc4ff09806147b8f8a945f728d68eccd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:91:7e:71:8b:aa:b1:2d:2e:d5:1f:05:12:
fd:10:f5:39:c7:13:00:9a:33:a3:38:c5:82:1c:a3:
1e:3d:c6:eb:2a:47:48:32:f7:72:5f:11:1b:02:dd:
48:0e:3a:f4:d1:2f:41:16:05:ac:3e:cb:ab:ab:34:
63:16:fd:a5:2f:2a:04:59:b8:db:82:ec:1d:f2:62:
50:e9:ce:21:d6:ce:44:34:f6:74:f2:92:71:c7:9d:
6d:d0:f9:30:a4:2a:ee:23:6d:7a:f9:06:9d:41:e3:
64:da:a1:4b:45:f4:04:76:47:17:28:14:71:a6:5e:
3e:e0:28:17:d2:d0:49:7f:f3:e7:88:49:45:ef:c2:
d5:e8:eb:5a:fb:1a:e6:eb:93:13:87:cf:b5:c9:41:
99:fe:f6:66:2b:d5:ed:da:72:a6:6b:a9:99:11:43:
ce:b3:c2:8f:c9:aa:f9:25:58:8c:89:52:3b:19:78:
61:e4:cc:59:cc:e1:32:a3:08:1a:34:d1:63:a4:6d:
f3:b8:fe:5b:ee:40:6e:dc:13:95:fe:31:3d:8b:9a:
a7:da:ce:d4:fa:d8:7d:16:03:fb:01:f9:ae:ac:84:
fc:1f:d2:99:3d:66:9c:cf:0f:32:b9:6e:85:98:6b:
b0:1d:a0:5c:53:fa:ee:3d:e9:e8:dc:d2:83:bf:50:
4a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:30:57:2B:C4:FF:09:80:61:47:B8:F8:A9:45:F7:28:D6:8E:CC:D0
X509v3 Authority Key Identifier:
keyid:52:59:E0:00:C9:91:F7:8F:24:3F:DE:59:80:CD:5C:EF:64:94:09:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/uDBXK8T_CYBhR7j4qUX3KNaOzNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.168.0/21
87.239.136.0/21
193.47.73.0/24
IPv6:
2001:678:2a0::/48
Signature Algorithm: sha256WithRSAEncryption
15:ec:19:38:8a:7d:63:81:5d:6e:0c:69:59:d6:b5:b4:b5:8c:
e0:d3:e8:19:3d:cb:33:f9:5a:4a:7c:71:b1:33:8a:62:2d:52:
90:2a:cc:f5:81:89:b5:00:83:00:6b:0b:c5:e6:3a:ed:8e:47:
8b:97:9a:6e:a6:1d:f2:15:0a:e5:20:2a:0c:4e:97:ee:e1:0e:
48:9a:f3:c1:6d:77:0f:41:19:ab:37:ee:5c:e1:2d:b9:4d:ee:
4d:d8:ac:81:c2:74:d3:4b:97:6b:78:6d:88:0f:28:d6:71:c9:
e5:50:3e:f9:e1:d3:34:1b:e3:b9:02:4f:e0:07:c4:cd:74:e7:
a6:cc:2c:d7:fb:05:41:64:44:de:8b:4f:d5:f5:d8:d4:fb:e7:
c2:b0:f0:67:1d:8d:79:b3:32:c0:29:a0:0a:7b:26:45:9d:59:
51:6c:49:d9:6b:1c:71:7b:ca:76:c6:98:bd:eb:b5:25:3c:89:
85:e0:c9:e6:ae:8a:3f:53:51:0b:70:44:0f:e4:21:a5:da:80:
48:f9:7d:bc:09:fb:36:a5:d5:2f:25:de:92:59:cd:34:05:f7:
63:f4:4d:10:7e:77:6d:33:11:f4:b0:e8:dc:40:8f:a4:9e:64:
a9:9b:ac:17:f3:ca:bc:29:ca:60:2d:72:9b:b1:8e:cb:b0:2b:
23:f8:be:f6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQfjKadzwhGICp5VsHgeLF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTllMDAwYzk5MWY3OGYyNDNmZGU1OTgwY2Q1Y2VmNjQ5
NDA5ZTYwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMwNTcyYmM0ZmYwOTgwNjE0N2I4ZjhhOTQ1ZjcyOGQ2OGVjY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrORfnGLqrEtLtUfBRL9EPU5xxMA
mjOjOMWCHKMePcbrKkdIMvdyXxEbAt1IDjr00S9BFgWsPsurqzRjFv2lLyoEWbjb
guwd8mJQ6c4h1s5ENPZ08pJxx51t0PkwpCruI216+QadQeNk2qFLRfQEdkcXKBRx
pl4+4CgX0tBJf/PniElF78LV6Ota+xrm65MTh8+1yUGZ/vZmK9Xt2nKma6mZEUPO
s8KPyar5JViMiVI7GXhh5MxZzOEyowgaNNFjpG3zuP5b7kBu3BOV/jE9i5qn2s7U
+th9FgP7AfmurIT8H9KZPWaczw8yuW6FmGuwHaBcU/ruPeno3NKDv1BKUQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLgwVyvE/wmAYUe4+KlF9yjWjszQMB8GA1UdIwQY
MBaAFFJZ4ADJkfePJD/eWYDNXO9klAnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxuZ0FNbVI5NDhrUDk1WmdNMWM3MlNVQ2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjk4ZTQtMDFlNS00Yjg4LWJiZjEt
MDQ4M2QxYzAxYjI1LzEvdURCWEs4VF9DWUJoUjdqNHFVWDNLTmFPek5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjk4ZTQtMDFlNS00Yjg4LWJiZjEtMDQ4M2QxYzAxYjI1
LzEvVWxuZ0FNbVI5NDhrUDk1WmdNMWM3MlNVQ2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDTh+oAwQD
V++IAwQAwS9JMA8EAgACMAkDBwAgAQZ4AqAwDQYJKoZIhvcNAQELBQADggEBABXs
GTiKfWOBXW4MaVnWtbS1jODT6Bk9yzP5Wkp8cbEzimItUpAqzPWBibUAgwBrC8Xm
Ou2OR4uXmm6mHfIVCuUgKgxOl+7hDkia88Ftdw9BGas37lzhLblN7k3YrIHCdNNL
l2t4bYgPKNZxyeVQPvnh0zQb47kCT+AHxM1056bMLNf7BUFkRN6LT9X12NT758Kw
8GcdjXmzMsApoAp7JkWdWVFsSdlrHHF7ynbGmL3rtSU8iYXgyeauij9TUQtwRA/k
IaXagEj5fbwJ+zal1S8l3pJZzTQF92P0TRB+d20zEfSw6NxAj6SeZKmbrBfzyrwp
ymAtcpuxjsuwKyP4vvY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:17:40 2025 by rpki-client