Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/U0r3hhSWvJREMqLZH2Hpa3q15Vc.roa
File: U0r3hhSWvJREMqLZH2Hpa3q15Vc.roa (raw, json)
Hash identifier: ddXvERc2U8k9QtkbhiwQPmEstoMSyktp+JN206s3ypM=
Subject key identifier: 53:4A:F7:86:14:96:BC:94:44:32:A2:D9:1F:61:E9:6B:7A:B5:E5:57
Certificate issuer: /CN=870a207f8d0fd26330bcd59fa8473549dc92dee9
Certificate serial: 019420D5D0F62392D951B1D5FD9F78AC361F
Authority key identifier: 87:0A:20:7F:8D:0F:D2:63:30:BC:D5:9F:A8:47:35:49:DC:92:DE:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwogf40P0mMwvNWfqEc1SdyS3uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/U0r3hhSWvJREMqLZH2Hpa3q15Vc.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44319
IP address blocks: 185.255.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/hwogf40P0mMwvNWfqEc1SdyS3uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/hwogf40P0mMwvNWfqEc1SdyS3uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwogf40P0mMwvNWfqEc1SdyS3uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d0:f6:23:92:d9:51:b1:d5:fd:9f:78:ac:36:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870a207f8d0fd26330bcd59fa8473549dc92dee9
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=534af7861496bc944432a2d91f61e96b7ab5e557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d0:b7:0b:d2:10:70:ee:ad:6a:6c:60:85:d8:
24:1f:25:80:80:00:fd:38:d0:05:04:f9:0d:98:24:
16:34:bd:44:3b:ca:7a:4a:37:44:d5:bf:42:00:9a:
28:dc:bb:8a:f0:da:d7:06:1c:5e:29:00:5f:bc:d4:
2a:34:5b:d3:06:5c:b3:1e:1c:66:a0:74:da:93:a5:
92:bb:e6:50:44:46:63:f9:dc:f3:40:a2:a0:e8:9f:
7c:e8:3f:ad:3b:b3:47:b8:0d:6c:8c:f8:3d:70:d7:
b8:d3:8b:6b:f6:a4:00:34:03:d3:5f:26:b9:60:98:
27:ba:49:45:a5:55:0a:7b:8e:31:62:ed:05:54:59:
59:e7:9d:11:75:dc:2c:e9:6b:d8:21:21:25:50:9e:
0b:8f:5d:1f:5b:56:3d:78:3d:5a:03:c1:28:61:22:
37:29:65:e1:89:0f:82:c4:f3:ae:cb:6f:a6:a9:98:
6d:07:c5:98:88:aa:dc:39:bf:4b:1d:2e:a7:8b:b2:
d9:64:dd:b3:f0:37:91:f7:04:4b:44:40:74:03:ba:
77:12:6f:a9:96:a4:64:21:3d:4b:c4:cf:9d:1f:50:
e8:c3:ed:2b:1d:c5:fb:b9:76:04:cd:3d:d9:08:55:
2a:a6:2e:6c:9d:0e:dd:9b:e6:c7:b2:ff:3f:cd:13:
fc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4A:F7:86:14:96:BC:94:44:32:A2:D9:1F:61:E9:6B:7A:B5:E5:57
X509v3 Authority Key Identifier:
keyid:87:0A:20:7F:8D:0F:D2:63:30:BC:D5:9F:A8:47:35:49:DC:92:DE:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwogf40P0mMwvNWfqEc1SdyS3uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/U0r3hhSWvJREMqLZH2Hpa3q15Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/hwogf40P0mMwvNWfqEc1SdyS3uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.172.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:ea:8e:1b:d9:60:86:29:9b:de:40:a0:da:3c:8a:5b:8e:9f:
40:4a:ba:89:cb:1c:2f:9a:96:4b:ea:78:11:db:96:12:2d:d2:
22:79:bd:fc:20:48:3d:8c:1f:12:b6:a8:80:98:24:97:0f:e9:
a3:67:e2:ff:ca:29:55:81:35:c6:43:d8:e8:47:7b:ab:c8:86:
65:b8:65:ec:0d:27:b9:35:08:9f:da:71:db:95:b5:50:d4:7b:
52:a0:3d:fc:59:79:f4:51:3e:d9:54:d8:29:6a:64:20:7b:72:
14:b6:48:b5:3b:01:ee:34:7a:ba:af:be:c9:87:7b:ee:f2:f7:
23:e1:c7:05:ba:d7:e6:cd:2b:18:b6:02:3a:b9:54:ca:03:43:
f3:1c:f0:08:fa:51:02:51:37:a5:38:64:c3:08:be:8b:e3:6a:
23:ac:08:30:9f:39:62:2a:ad:aa:fa:29:b2:22:1b:d1:22:8f:
b6:eb:49:6e:2b:10:1b:fd:2b:f7:05:0b:d2:b6:96:27:7f:1c:
93:83:00:0d:8f:5d:fc:ef:05:b7:af:d9:08:bc:6d:fe:f7:9e:
ff:44:e1:d9:70:7b:7e:d7:c8:9e:2b:e9:b2:e4:c3:63:d9:8b:
52:bd:ed:f9:16:2f:e9:5e:5c:cd:36:54:cf:07:7a:f8:c8:56:
41:69:df:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dD2I5LZUbHV/Z94rDYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGEyMDdmOGQwZmQyNjMzMGJjZDU5ZmE4NDczNTQ5ZGM5
MmRlZTkwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRhZjc4NjE0OTZiYzk0NDQzMmEyZDkxZjYxZTk2YjdhYjVlNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdC3C9IQcO6tamxghdgkHyWAgAD9
ONAFBPkNmCQWNL1EO8p6SjdE1b9CAJoo3LuK8NrXBhxeKQBfvNQqNFvTBlyzHhxm
oHTak6WSu+ZQREZj+dzzQKKg6J986D+tO7NHuA1sjPg9cNe404tr9qQANAPTXya5
YJgnuklFpVUKe44xYu0FVFlZ550Rddws6WvYISElUJ4Lj10fW1Y9eD1aA8EoYSI3
KWXhiQ+CxPOuy2+mqZhtB8WYiKrcOb9LHS6ni7LZZN2z8DeR9wRLREB0A7p3Em+p
lqRkIT1LxM+dH1Dow+0rHcX7uXYEzT3ZCFUqpi5snQ7dm+bHsv8/zRP8uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNK94YUlryURDKi2R9h6Wt6teVXMB8GA1UdIwQY
MBaAFIcKIH+ND9JjMLzVn6hHNUnckt7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdvZ2Y0MFAwbU13dk5XZnFFYzFTZHlTM3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wYmRiNzgtN2U2My00NzBlLWEzOWQt
ZjAwYTE5Mzg4ODFmLzEvVTByM2hoU1d2SlJFTXFMWkgySHBhM3ExNVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wYmRiNzgtN2U2My00NzBlLWEzOWQtZjAwYTE5Mzg4ODFm
LzEvaHdvZ2Y0MFAwbU13dk5XZnFFYzFTZHlTM3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf+sMA0G
CSqGSIb3DQEBCwUAA4IBAQCN6o4b2WCGKZveQKDaPIpbjp9ASrqJyxwvmpZL6ngR
25YSLdIieb38IEg9jB8StqiAmCSXD+mjZ+L/yilVgTXGQ9joR3uryIZluGXsDSe5
NQif2nHblbVQ1HtSoD38WXn0UT7ZVNgpamQge3IUtki1OwHuNHq6r77Jh3vu8vcj
4ccFutfmzSsYtgI6uVTKA0PzHPAI+lECUTelOGTDCL6L42ojrAgwnzliKq2q+imy
IhvRIo+260luKxAb/Sv3BQvStpYnfxyTgwANj1387wW3r9kIvG3+957/ROHZcHt+
18ieK+my5MNj2YtSve35Fi/pXlzNNlTPB3r4yFZBad9W
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:38 2025 by rpki-client