Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/u2p9YZ_LXa4YZ8T6-whJAsnzXuE.roa
File: u2p9YZ_LXa4YZ8T6-whJAsnzXuE.roa (raw, json)
Hash identifier: HvG5oZRfAf2DkODgozvYS7e+xqSp2NYm+qp3YwzyYdI=
Subject key identifier: BB:6A:7D:61:9F:CB:5D:AE:18:67:C4:FA:FB:08:49:02:C9:F3:5E:E1
Certificate issuer: /CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Certificate serial: 0194258FC861F675DB40FEBD35DEEE3A47DE
Authority key identifier: A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/u2p9YZ_LXa4YZ8T6-whJAsnzXuE.roa
Signing time: Thu 02 Jan 2025 05:49:27 +0000
ROA not before: Thu 02 Jan 2025 05:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51681
IP address blocks: 185.220.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c8:61:f6:75:db:40:fe:bd:35:de:ee:3a:47:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Validity
Not Before: Jan 2 05:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb6a7d619fcb5dae1867c4fafb084902c9f35ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:96:a4:3f:89:b6:b1:05:20:07:bf:89:ac:d5:
47:da:b2:c0:bb:16:90:e5:b1:44:12:9b:b8:51:c0:
53:bd:16:27:7a:8e:98:1a:03:3a:9e:6f:6c:27:e5:
53:5c:05:28:f7:2b:a3:2d:78:e7:1f:b6:bb:0d:73:
14:b0:08:e2:c8:f2:74:2c:ea:01:bf:87:7a:18:ff:
c7:d8:65:8b:07:67:82:15:79:0f:2a:f0:bc:af:da:
4d:f5:82:49:c9:bc:f6:2a:a4:f2:ca:86:d8:0d:ef:
d8:21:05:65:28:fd:f2:5d:68:24:4f:d4:de:c2:c2:
33:a4:29:e8:de:43:3f:16:dc:49:aa:d6:55:4b:31:
39:a4:13:9a:4c:c9:c5:0d:cd:99:22:c1:19:2b:b5:
5e:c1:13:fe:69:8f:b6:a4:31:aa:5c:d2:b9:6b:51:
2b:6f:cb:42:72:b8:c8:4b:81:2e:a0:8c:83:40:a4:
60:94:31:7f:e5:2a:a7:4b:d5:71:7e:4f:f4:bc:b2:
fa:2b:c5:3c:ad:95:ec:b3:76:61:09:98:08:78:e7:
f1:69:73:e9:87:50:62:40:4a:8f:a5:3e:7e:2d:a2:
be:4f:d7:1d:34:a4:60:be:00:36:fb:e8:d3:0d:84:
30:00:f6:9c:d9:d2:cb:90:dd:c5:d5:c6:59:2e:0c:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6A:7D:61:9F:CB:5D:AE:18:67:C4:FA:FB:08:49:02:C9:F3:5E:E1
X509v3 Authority Key Identifier:
keyid:A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/u2p9YZ_LXa4YZ8T6-whJAsnzXuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.11.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:71:a1:4d:77:c4:42:59:89:01:9d:e5:06:a3:61:72:ee:27:
73:53:ac:45:a3:43:ee:6f:7a:06:43:49:8d:ba:b9:42:b6:b4:
e0:41:c9:09:60:66:ae:bd:95:bd:c4:c9:81:ea:e6:be:00:11:
3b:b3:fb:c1:f4:cb:2a:85:1e:95:98:e0:69:78:f4:88:83:b0:
85:b7:f0:a7:5e:be:1d:fa:6e:b3:32:2c:28:a3:9e:16:11:1e:
d3:50:b6:1f:b4:08:cd:6e:8f:bc:70:87:92:4c:ba:11:86:2a:
b9:99:5d:3e:37:a3:2b:88:a9:c0:81:b5:f4:cc:7c:8f:ca:a6:
7f:50:bd:a9:79:08:a1:ec:fe:cf:4c:f3:6a:94:d3:c5:40:85:
39:76:48:b9:8b:0d:63:e0:ed:3d:c6:ee:02:b6:f5:6c:53:eb:
78:e6:95:ec:45:c9:31:ed:20:9b:8b:81:ac:0a:58:0b:56:cc:
4a:95:42:71:df:f7:72:b8:3c:95:d0:c7:8c:c1:60:e6:da:76:
4f:48:f5:01:d5:84:9f:9c:9f:e1:fb:9a:e8:0c:20:3c:c7:3a:
e7:ab:de:8e:ba:8b:6f:6c:47:f4:41:8f:1a:ed:93:77:d6:2f:
5f:a7:03:3c:0a:0a:ec:18:8a:47:21:97:ef:35:ab:9b:e0:bd:
07:27:cf:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8hh9nXbQP69Nd7uOkfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTUzYjNkNTYxMjIzNGZlMjYwZmU2MGJjN2NlMDI4MDYy
MjI3YTMwHhcNMjUwMTAyMDU0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZhN2Q2MTlmY2I1ZGFlMTg2N2M0ZmFmYjA4NDkwMmM5ZjM1ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpakP4m2sQUgB7+JrNVH2rLAuxaQ
5bFEEpu4UcBTvRYneo6YGgM6nm9sJ+VTXAUo9yujLXjnH7a7DXMUsAjiyPJ0LOoB
v4d6GP/H2GWLB2eCFXkPKvC8r9pN9YJJybz2KqTyyobYDe/YIQVlKP3yXWgkT9Te
wsIzpCno3kM/FtxJqtZVSzE5pBOaTMnFDc2ZIsEZK7VewRP+aY+2pDGqXNK5a1Er
b8tCcrjIS4EuoIyDQKRglDF/5SqnS9Vxfk/0vLL6K8U8rZXss3ZhCZgIeOfxaXPp
h1BiQEqPpT5+LaK+T9cdNKRgvgA2++jTDYQwAPac2dLLkN3F1cZZLgy5BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtqfWGfy12uGGfE+vsISQLJ817hMB8GA1UdIwQY
MBaAFKgVOz1WEiNP4mD+YLx84CgGIiejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUt
OWFhN2NkNjUwNWU1LzEvdTJwOVlaX0xYYTRZWjhUNi13aEpBc256WHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUtOWFhN2NkNjUwNWU1
LzEvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudwLMA0G
CSqGSIb3DQEBCwUAA4IBAQCdcaFNd8RCWYkBneUGo2Fy7idzU6xFo0Pub3oGQ0mN
urlCtrTgQckJYGauvZW9xMmB6ua+ABE7s/vB9MsqhR6VmOBpePSIg7CFt/CnXr4d
+m6zMiwoo54WER7TULYftAjNbo+8cIeSTLoRhiq5mV0+N6MriKnAgbX0zHyPyqZ/
UL2peQih7P7PTPNqlNPFQIU5dki5iw1j4O09xu4CtvVsU+t45pXsRckx7SCbi4Gs
ClgLVsxKlUJx3/dyuDyV0MeMwWDm2nZPSPUB1YSfnJ/h+5roDCA8xzrnq96Ouotv
bEf0QY8a7ZN31i9fpwM8CgrsGIpHIZfvNaub4L0HJ88Q
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:29:28 2025 by rpki-client