Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uJACI7-1hCKnydJo2GCPPQ_wnDw.roa
File: uJACI7-1hCKnydJo2GCPPQ_wnDw.roa (raw, json)
Hash identifier: ii2Ogx+n/dFxvbb5q2NKNVo9trKDZPuZL9VUwEVcDMo=
Subject key identifier: B8:90:02:23:BF:B5:84:22:A7:C9:D2:68:D8:60:8F:3D:0F:F0:9C:3C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422201591E4A196A8ADA6475C4983012D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uJACI7-1hCKnydJo2GCPPQ_wnDw.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32002
IP address blocks: 185.165.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:15:91:e4:a1:96:a8:ad:a6:47:5c:49:83:01:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8900223bfb58422a7c9d268d8608f3d0ff09c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:13:fd:bc:37:29:63:5a:a3:b6:a0:2d:0c:b7:
d2:26:92:d2:2b:6f:0a:41:08:04:e1:25:b3:75:94:
3d:67:0b:07:07:2d:ad:b3:d3:69:7b:f6:ee:47:49:
50:a5:db:ad:14:45:90:ff:7c:ab:5e:a7:33:e0:4a:
a3:58:53:bd:5f:ee:2a:09:7d:8a:f9:9b:48:b2:af:
68:26:07:a6:a6:49:9c:d2:3f:fe:50:92:1c:30:cb:
30:c4:22:15:0e:fc:a8:d9:98:84:cd:38:4f:65:0c:
c6:f7:2e:70:29:73:65:20:5b:e5:f4:89:f1:e3:b7:
93:17:66:8f:53:80:27:4a:88:f2:da:1b:68:92:c3:
96:c4:5c:9c:0a:92:fc:8d:82:dc:d9:98:4c:1c:d6:
72:53:82:4c:81:57:bb:04:05:39:ab:8c:6b:b7:b1:
a3:ae:32:33:37:cb:86:c1:ea:d9:ae:12:a7:7b:76:
dc:8f:d6:92:ab:b1:3e:9c:20:ed:d7:d8:8d:a7:3b:
bd:28:4c:ef:d5:6e:14:05:4b:62:aa:74:bd:cf:36:
25:85:49:f1:76:14:14:fc:fb:3b:89:8d:4a:7b:b2:
9e:30:b8:d5:f7:54:38:67:0b:81:39:fb:e0:93:68:
ec:c9:b3:5b:fb:bb:93:96:f3:e2:f2:23:61:f7:31:
fa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:90:02:23:BF:B5:84:22:A7:C9:D2:68:D8:60:8F:3D:0F:F0:9C:3C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uJACI7-1hCKnydJo2GCPPQ_wnDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.44.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:fb:cb:0e:ab:69:62:f7:bc:b5:4e:05:3e:19:68:a8:75:30:
b3:f8:04:1c:17:d4:22:73:1e:4d:73:4d:36:7d:99:cf:ed:e2:
fc:78:39:56:6a:92:79:5a:d2:89:2f:f7:a8:bc:b9:ff:6c:8c:
75:6f:ab:97:60:03:08:27:e0:c7:ac:51:37:d5:e4:ce:53:71:
43:46:0b:e9:8b:53:cc:53:c5:a6:1f:39:b7:44:84:10:aa:20:
1d:6f:3e:41:e6:16:75:a4:a4:3d:e5:4b:33:8b:4f:e1:34:f8:
6a:e9:20:5a:00:dd:5c:b4:95:83:01:e3:ab:48:f2:74:97:6b:
36:b6:5c:de:23:e3:a7:a1:2b:74:6d:10:e6:8d:af:09:07:91:
e1:42:79:00:21:d3:e0:f5:69:4f:0f:f0:87:4b:74:bc:c8:6f:
b0:00:95:3e:9e:2c:80:fe:78:82:12:ae:7a:36:32:b3:b5:75:
f7:19:89:03:c7:ce:1d:05:33:9c:58:cc:62:de:07:1b:b8:d0:
10:4e:38:d9:b0:ad:87:2b:4f:62:70:ac:b0:f6:24:66:31:63:
cc:fa:88:18:73:28:2c:b0:51:fd:82:ef:af:5e:8f:6e:53:12:
9a:ab:5a:0a:16:b1:f6:7b:ab:c9:e8:20:aa:f9:de:75:5c:68:
73:e4:5e:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBWR5KGWqK2mR1xJgwEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkwMDIyM2JmYjU4NDIyYTdjOWQyNjhkODYwOGYzZDBmZjA5YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xP9vDcpY1qjtqAtDLfSJpLSK28K
QQgE4SWzdZQ9ZwsHBy2ts9Npe/buR0lQpdutFEWQ/3yrXqcz4EqjWFO9X+4qCX2K
+ZtIsq9oJgempkmc0j/+UJIcMMswxCIVDvyo2ZiEzThPZQzG9y5wKXNlIFvl9Inx
47eTF2aPU4AnSojy2htoksOWxFycCpL8jYLc2ZhMHNZyU4JMgVe7BAU5q4xrt7Gj
rjIzN8uGwerZrhKne3bcj9aSq7E+nCDt19iNpzu9KEzv1W4UBUtiqnS9zzYlhUnx
dhQU/Ps7iY1Ke7KeMLjV91Q4ZwuBOfvgk2jsybNb+7uTlvPi8iNh9zH65wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLiQAiO/tYQip8nSaNhgjz0P8Jw8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdUpBQ0k3LTFoQ0tueWRKbzJHQ1BQUV93bkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUsMA0G
CSqGSIb3DQEBCwUAA4IBAQCO+8sOq2li97y1TgU+GWiodTCz+AQcF9Qicx5Nc002
fZnP7eL8eDlWapJ5WtKJL/eovLn/bIx1b6uXYAMIJ+DHrFE31eTOU3FDRgvpi1PM
U8WmHzm3RIQQqiAdbz5B5hZ1pKQ95Uszi0/hNPhq6SBaAN1ctJWDAeOrSPJ0l2s2
tlzeI+OnoSt0bRDmja8JB5HhQnkAIdPg9WlPD/CHS3S8yG+wAJU+niyA/niCEq56
NjKztXX3GYkDx84dBTOcWMxi3gcbuNAQTjjZsK2HK09icKyw9iRmMWPM+ogYcygs
sFH9gu+vXo9uUxKaq1oKFrH2e6vJ6CCq+d51XGhz5F5w
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:36:24 2025 by rpki-client