Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/ut3Ia6-mOfUCkcqND1t7uvinIqc.roa
File: ut3Ia6-mOfUCkcqND1t7uvinIqc.roa (raw, json)
Hash identifier: aJkTC/NqOQ2/INKdyvEr1miuxsKpaWRMdWzEAJzyDDI=
Subject key identifier: BA:DD:C8:6B:AF:A6:39:F5:02:91:CA:8D:0F:5B:7B:BA:F8:A7:22:A7
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0194C2489E5AACBAF925ED1E6ADF038B8834
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/ut3Ia6-mOfUCkcqND1t7uvinIqc.roa
Signing time: Sat 01 Feb 2025 16:12:06 +0000
ROA not before: Sat 01 Feb 2025 16:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.164.0/22 maxlen: 22
212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c2:48:9e:5a:ac:ba:f9:25:ed:1e:6a:df:03:8b:88:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Feb 1 16:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baddc86bafa639f50291ca8d0f5b7bbaf8a722a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:c0:2f:47:2b:44:e7:c2:b7:29:f8:26:7a:
54:59:25:50:3e:be:77:17:82:9c:10:8c:61:26:1d:
6e:d8:8a:58:5a:10:8b:a4:f9:82:99:d0:31:0b:cf:
b4:3b:50:5a:5f:77:2c:76:41:4f:29:06:8f:c4:df:
05:69:c3:0b:ba:cf:35:91:72:23:11:01:ea:6d:de:
02:42:2f:64:ec:69:e5:e0:2f:d5:9d:90:a6:d9:2a:
95:64:86:c3:ac:77:c1:60:17:30:a7:5b:bc:6e:e1:
11:9c:e6:9f:e2:b2:00:27:8f:a8:74:60:1a:6b:87:
e9:93:72:83:14:8c:12:27:41:36:56:95:d4:49:65:
ec:9f:3c:aa:63:6c:e3:e3:01:e6:ee:d2:60:30:e8:
89:d2:5a:a4:be:52:9f:5d:cc:c8:08:02:9c:e6:61:
66:08:c1:1d:d2:73:4c:3e:0a:e8:fe:2b:17:c9:7a:
63:bc:d3:c0:b2:55:a6:30:29:3e:67:e2:a1:c7:52:
73:c7:09:f7:be:8f:d4:9d:d5:bc:c3:c7:63:23:ba:
85:ea:7b:fe:90:e1:65:16:b8:68:48:cb:56:86:e1:
25:87:4a:f1:92:23:92:44:e3:19:fc:45:af:6b:63:
73:e5:f6:72:c2:af:94:5e:13:63:25:ae:3f:bf:e5:
f6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DD:C8:6B:AF:A6:39:F5:02:91:CA:8D:0F:5B:7B:BA:F8:A7:22:A7
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/ut3Ia6-mOfUCkcqND1t7uvinIqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.171.255
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
19:14:4f:21:f6:84:26:c2:55:b0:0c:22:9b:f6:e9:1a:0c:51:
67:7a:f8:57:31:92:ff:2a:e9:7b:bb:c5:b5:7e:48:9a:fb:ec:
84:e6:4b:a7:d2:d6:ac:b5:3e:53:44:95:0a:97:f8:c3:58:8d:
79:b6:17:53:23:dc:d1:01:7c:03:4e:0c:44:1b:12:68:6a:c8:
b7:80:ab:a7:a8:c4:46:40:e4:57:f5:75:cb:c5:8e:26:fe:82:
b5:72:d8:87:f4:d3:c0:a1:c7:fe:09:bb:a8:b3:de:65:11:9f:
26:ba:a1:49:eb:a7:75:d7:1c:b0:2a:c8:8a:e3:5c:95:c8:f7:
5d:a7:0a:bb:41:5b:12:6a:96:9c:39:52:76:6b:71:2b:26:49:
b3:86:cc:e6:86:e4:f6:02:b2:15:cd:ea:c3:b6:2b:68:38:78:
b9:bc:44:ce:bc:f1:74:5a:e9:45:5d:7b:b8:2a:2e:1d:1f:ca:
60:8e:7c:40:ff:84:37:16:f7:38:ff:66:9b:a0:f3:7e:6a:c5:
61:7a:ca:09:67:0a:eb:d6:29:c6:13:9c:5e:d3:24:db:75:29:
1f:0e:fe:5d:57:24:24:48:30:ec:ab:32:a3:dc:13:2e:b8:58:
bb:df:8d:85:fc:98:cb:ab:3c:fe:d2:90:52:52:48:da:67:54:
a4:e2:ae:80
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTCSJ5arLr5Je0eat8Di4g0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwMjAxMTYxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRkYzg2YmFmYTYzOWY1MDI5MWNhOGQwZjViN2JiYWY4YTcyMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneLAL0crROfCtyn4JnpUWSVQPr53
F4KcEIxhJh1u2IpYWhCLpPmCmdAxC8+0O1BaX3csdkFPKQaPxN8FacMLus81kXIj
EQHqbd4CQi9k7Gnl4C/VnZCm2SqVZIbDrHfBYBcwp1u8buERnOaf4rIAJ4+odGAa
a4fpk3KDFIwSJ0E2VpXUSWXsnzyqY2zj4wHm7tJgMOiJ0lqkvlKfXczICAKc5mFm
CMEd0nNMPgro/isXyXpjvNPAslWmMCk+Z+Khx1Jzxwn3vo/UndW8w8djI7qF6nv+
kOFlFrhoSMtWhuElh0rxkiOSROMZ/EWva2Nz5fZywq+UXhNjJa4/v+X29QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLrdyGuvpjn1ApHKjQ9be7r4pyKnMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvdXQzSWE2LW1PZlVDa2NxTkQxdDd1dmluSXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALURKQD
BALURKgDBALURLwwDQYJKoZIhvcNAQELBQADggEBABkUTyH2hCbCVbAMIpv26RoM
UWd6+Fcxkv8q6Xu7xbV+SJr77ITmS6fS1qy1PlNElQqX+MNYjXm2F1Mj3NEBfANO
DEQbEmhqyLeAq6eoxEZA5Ff1dcvFjib+grVy2If008Chx/4Ju6iz3mURnya6oUnr
p3XXHLAqyIrjXJXI912nCrtBWxJqlpw5UnZrcSsmSbOGzOaG5PYCshXN6sO2K2g4
eLm8RM688XRa6UVde7gqLh0fymCOfED/hDcW9zj/Zpug835qxWF6yglnCuvWKcYT
nF7TJNt1KR8O/l1XJCRIMOyrMqPcEy64WLvfjYX8mMurPP7SkFJSSNpnVKTiroA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:32 2025 by rpki-client