Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/UxM6DupfvrTiE9Ym5QgQzISnMNk.roa
File: UxM6DupfvrTiE9Ym5QgQzISnMNk.roa (raw, json)
Hash identifier: RfjYqd31h9TXarIc1kWDtlc68P4m+jSBxb+HHdHsfRc=
Subject key identifier: 53:13:3A:0E:EA:5F:BE:B4:E2:13:D6:26:E5:08:10:CC:84:A7:30:D9
Certificate issuer: /CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
Certificate serial: 01941F8C60A2B6B3B252086F67FFCCCE4E9D
Authority key identifier: DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/UxM6DupfvrTiE9Ym5QgQzISnMNk.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 553
IP address blocks: 141.79.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 19:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:60:a2:b6:b3:b2:52:08:6f:67:ff:cc:ce:4e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53133a0eea5fbeb4e213d626e50810cc84a730d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:ed:6e:44:53:99:0f:b7:92:b3:c8:67:92:
ab:4d:77:4f:dc:81:61:65:70:9b:6f:82:ab:cc:4b:
3f:5b:3b:38:24:9f:01:8f:6e:b8:de:ed:f2:6f:3b:
14:0b:56:e4:a5:2b:13:f6:91:50:cd:01:58:fe:d1:
4a:6e:db:16:1c:7d:f2:8b:c2:e5:ed:da:bb:a0:c6:
6a:41:89:f8:ec:a8:9d:87:45:a9:75:44:c5:90:52:
b1:49:db:1d:6c:83:10:f6:f7:79:2e:3b:e6:2f:03:
66:ea:30:19:08:2a:2f:5d:7b:b4:ee:da:8c:91:76:
1e:35:1a:75:4f:95:f6:c3:b5:51:2a:cc:1e:aa:ad:
64:34:3e:f6:cf:a9:62:b0:b8:ab:13:5e:c1:a0:82:
b5:16:a6:16:a8:36:98:af:1f:73:b3:e5:29:bd:40:
87:af:b7:b5:02:6f:32:35:f0:8c:25:d7:76:c7:02:
9c:22:1d:8c:fa:99:4f:c7:15:a6:fe:af:3b:2a:79:
8c:20:a1:e0:10:40:65:bc:90:30:db:62:c3:5e:db:
00:86:a9:09:22:b1:d8:94:2a:2b:01:b5:b3:33:46:
20:cb:d1:68:92:27:8b:5a:f4:7f:8d:d2:8c:54:ff:
2b:3b:34:97:10:6c:8b:8b:b5:ee:d8:d0:08:e0:6f:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:13:3A:0E:EA:5F:BE:B4:E2:13:D6:26:E5:08:10:CC:84:A7:30:D9
X509v3 Authority Key Identifier:
keyid:DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/UxM6DupfvrTiE9Ym5QgQzISnMNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:d2:ae:3f:58:81:8d:f0:e8:54:97:f9:1d:02:21:b9:0d:30:
47:57:6c:2f:a2:46:39:c9:24:cd:fa:a1:03:72:d6:8d:17:1d:
ff:7b:c4:cd:e3:e8:84:67:86:05:b7:9f:2c:06:c9:ee:e8:d2:
5b:e1:f7:db:32:f0:55:45:e2:4c:76:e1:7a:5c:54:2b:eb:95:
d6:e6:55:b9:d4:ab:8f:09:a7:ef:25:f2:8e:3b:ef:1a:32:97:
e7:9d:5f:3d:c4:25:07:77:42:6e:2f:c2:5c:da:c3:ee:fa:65:
69:9e:fb:df:c3:05:53:7b:6a:d4:f0:b7:04:59:ae:ac:5c:d8:
0a:d2:aa:05:ab:af:3e:84:f5:ed:d3:44:9c:e7:6e:23:ee:6b:
22:50:ea:db:fb:97:aa:77:5b:e5:d2:76:d8:d7:13:bf:d9:3f:
04:21:d1:66:fb:76:55:7c:97:1b:de:07:cb:7d:66:9a:f7:3d:
ba:40:af:12:d2:bc:a7:42:d9:d5:82:e3:58:32:60:19:9c:7c:
c7:1a:59:63:ef:fb:c9:4d:4d:69:45:9e:f8:b1:2b:55:b2:9b:
9b:6d:09:fa:4a:ff:9d:2c:f1:38:80:0d:ff:db:f1:79:f6:64:
9b:37:b1:f0:05:ad:40:d6:9e:22:4c:bd:88:3a:96:8e:15:a0:
e5:a1:6f:01
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQfjGCitrOyUghvZ//Mzk6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2FjYWFmOGFjMTNhOTY0YWIzZDQ2MTkzNTg0MWM4ZTFj
OTNiODAwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzEzM2EwZWVhNWZiZWI0ZTIxM2Q2MjZlNTA4MTBjYzg0YTczMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxrtbkRTmQ+3krPIZ5KrTXdP3IFh
ZXCbb4KrzEs/Wzs4JJ8Bj2643u3ybzsUC1bkpSsT9pFQzQFY/tFKbtsWHH3yi8Ll
7dq7oMZqQYn47Kidh0WpdUTFkFKxSdsdbIMQ9vd5LjvmLwNm6jAZCCovXXu07tqM
kXYeNRp1T5X2w7VRKsweqq1kND72z6lisLirE17BoIK1FqYWqDaYrx9zs+UpvUCH
r7e1Am8yNfCMJdd2xwKcIh2M+plPxxWm/q87KnmMIKHgEEBlvJAw22LDXtsAhqkJ
IrHYlCorAbWzM0Ygy9FokieLWvR/jdKMVP8rOzSXEGyLi7Xu2NAI4G8pMQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFFMTOg7qX7604hPWJuUIEMyEpzDZMB8GA1UdIwQY
MBaAFNvKyq+KwTqWSrPUYZNYQcjhyTuAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhyS3I0ckJPcFpLczlSaGsxaEJ5T0hKTzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81NzM3YjAtYmIyNC00ZTkyLWIxOWQt
NWU2NWM3ZDYxYjllLzEvVXhNNkR1cGZ2clRpRTlZbTVRZ1F6SVNuTU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81NzM3YjAtYmIyNC00ZTkyLWIxOWQtNWU2NWM3ZDYxYjll
LzEvMjhyS3I0ckJPcFpLczlSaGsxaEJ5T0hKTzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjU8wDQYJ
KoZIhvcNAQELBQADggEBAGXSrj9YgY3w6FSX+R0CIbkNMEdXbC+iRjnJJM36oQNy
1o0XHf97xM3j6IRnhgW3nywGye7o0lvh99sy8FVF4kx24XpcVCvrldbmVbnUq48J
p+8l8o477xoyl+edXz3EJQd3Qm4vwlzaw+76ZWme+9/DBVN7atTwtwRZrqxc2ArS
qgWrrz6E9e3TRJznbiPuayJQ6tv7l6p3W+XSdtjXE7/ZPwQh0Wb7dlV8lxveB8t9
Zpr3PbpArxLSvKdC2dWC41gyYBmcfMcaWWPv+8lNTWlFnvixK1Wym5ttCfpK/50s
8TiADf/b8Xn2ZJs3sfAFrUDWniJMvYg6lo4VoOWhbwE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:27:07 2025 by rpki-client