Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/RUBK6YgAvaDdWQcnoq_c2QP-xe4.roa
File: RUBK6YgAvaDdWQcnoq_c2QP-xe4.roa (raw, json)
Hash identifier: Uqv+aEnH2dA3s4zAi+ZXrmM5vUYHFe7H5OkNDJW1qSI=
Subject key identifier: 45:40:4A:E9:88:00:BD:A0:DD:59:07:27:A2:AF:DC:D9:03:FE:C5:EE
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 01942143B21EF73FCD2DA6003E5849967BD3
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/RUBK6YgAvaDdWQcnoq_c2QP-xe4.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20649
IP address blocks: 78.111.97.0/24 maxlen: 24
78.111.98.0/24 maxlen: 24
78.111.106.0/24 maxlen: 24
80.93.208.0/24 maxlen: 24
80.93.212.0/24 maxlen: 24
80.93.213.0/24 maxlen: 24
80.93.216.0/24 maxlen: 24
217.195.192.0/24 maxlen: 24
217.195.196.0/24 maxlen: 24
217.195.198.0/24 maxlen: 24
217.195.203.0/24 maxlen: 24
217.195.204.0/24 maxlen: 24
217.195.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 09:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b2:1e:f7:3f:cd:2d:a6:00:3e:58:49:96:7b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45404ae98800bda0dd590727a2afdcd903fec5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:7c:80:67:4d:ca:4f:94:be:66:fc:bd:db:
48:10:d7:11:4f:3d:28:3d:88:f2:43:55:4f:05:27:
a1:64:fa:62:35:19:ad:c4:4b:84:c0:7e:d1:1d:87:
f3:27:8c:bb:06:ee:15:e7:98:ef:35:e8:58:81:13:
0f:6c:25:06:98:57:55:2e:b4:85:02:25:1b:60:5a:
b4:88:a2:fc:e4:b9:c5:52:78:d5:88:a7:5c:1e:ac:
e7:0c:b6:b2:01:ba:6c:c1:8f:f5:6d:72:12:4d:2e:
1f:27:c0:d5:c5:2f:19:e3:72:ff:14:b0:3c:6c:82:
48:7b:a0:bb:b6:fc:78:41:fe:f0:37:e0:a6:69:7f:
44:ea:fb:f3:a2:4b:f4:91:0a:34:3f:e3:e5:31:51:
c8:c0:2b:11:f9:37:da:1d:d7:5d:6a:22:07:bf:5b:
c0:49:44:05:01:df:09:db:4f:ba:85:68:59:fb:cb:
4f:6f:1c:3e:36:22:06:87:3d:66:e4:15:50:69:e8:
9c:2e:70:41:99:19:16:fa:53:6d:83:fc:87:ea:c1:
c1:ce:5a:0a:50:a1:13:1e:48:fe:30:52:90:a9:e0:
70:79:6c:24:f0:78:53:82:2b:a1:98:e4:75:47:74:
d6:85:e2:26:be:80:d6:d6:31:77:04:6b:09:4d:de:
38:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:40:4A:E9:88:00:BD:A0:DD:59:07:27:A2:AF:DC:D9:03:FE:C5:EE
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/RUBK6YgAvaDdWQcnoq_c2QP-xe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.97.0-78.111.98.255
78.111.106.0/24
80.93.208.0/24
80.93.212.0/23
80.93.216.0/24
217.195.192.0/24
217.195.196.0/24
217.195.198.0/24
217.195.203.0-217.195.204.255
217.195.206.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ca:52:05:c7:81:34:62:52:8c:51:97:82:ee:4e:f5:a6:35:
2e:f7:13:2f:98:24:07:d7:a7:aa:1e:4e:30:a2:1e:fd:0d:f0:
36:23:df:f2:c8:24:84:53:b0:12:af:88:83:65:25:06:09:0d:
75:e0:23:b5:e0:e8:10:31:0c:8c:78:6a:24:6b:35:9e:93:a4:
e2:8c:23:a3:ec:7e:38:df:d4:32:0c:6b:aa:3c:ae:6a:6a:3b:
66:96:31:d7:48:2e:ae:e5:ea:c2:ce:06:57:76:f1:c0:6d:9f:
ca:22:16:14:7d:99:17:d2:1f:d3:2c:96:26:5e:84:07:4e:ec:
97:69:c4:22:74:96:58:b6:df:23:1d:73:f4:a1:e2:3a:14:c5:
ea:1f:fb:63:0d:80:91:7e:31:00:06:d4:69:c9:f1:2a:30:50:
ac:ff:87:09:97:cc:57:01:e6:c8:37:a9:eb:90:c6:7f:35:51:
1c:20:99:a3:f8:0d:68:40:ce:1d:4f:5e:0e:b2:4e:ff:95:77:
90:14:2f:e9:a3:8e:d8:78:30:9b:2c:59:03:84:e6:25:f6:27:
4e:e7:26:25:c3:6a:eb:70:5d:e4:9c:d4:3c:dc:bb:9f:dc:cb:
bd:32:87:70:77:9f:c7:36:eb:9a:0f:ad:6e:16:fb:d0:60:dc:
db:3f:68:21
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQhQ7Ie9z/NLaYAPlhJlnvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MjBlYWRiMmUxNTYyYjRlMmU0ZjQ4MDc3MmMzNjg4N2E3
NzdmMjQwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQwNGFlOTg4MDBiZGEwZGQ1OTA3MjdhMmFmZGNkOTAzZmVjNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCp8gGdNyk+Uvmb8vdtIENcRTz0o
PYjyQ1VPBSehZPpiNRmtxEuEwH7RHYfzJ4y7Bu4V55jvNehYgRMPbCUGmFdVLrSF
AiUbYFq0iKL85LnFUnjViKdcHqznDLayAbpswY/1bXISTS4fJ8DVxS8Z43L/FLA8
bIJIe6C7tvx4Qf7wN+CmaX9E6vvzokv0kQo0P+PlMVHIwCsR+TfaHdddaiIHv1vA
SUQFAd8J20+6hWhZ+8tPbxw+NiIGhz1m5BVQaeicLnBBmRkW+lNtg/yH6sHBzloK
UKETHkj+MFKQqeBweWwk8HhTgiuhmOR1R3TWheImvoDW1jF3BGsJTd44SQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEVASumIAL2g3VkHJ6Kv3NkD/sXuMB8GA1UdIwQY
MBaAFAYg6tsuFWK04uT0gHcsNoh6d38kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQt
YTVmZGI1NzBmZTlhLzEvUlVCSzZZZ0F2YURkV1Fjbm9xX2MyUVAteGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQtYTVmZGI1NzBmZTlh
LzEvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBABOb2ED
BABOb2IDBABOb2oDBABQXdADBAFQXdQDBABQXdgDBADZw8ADBADZw8QDBADZw8Yw
DAMEANnDywMEANnDzAMEANnDzjANBgkqhkiG9w0BAQsFAAOCAQEAPcpSBceBNGJS
jFGXgu5O9aY1LvcTL5gkB9enqh5OMKIe/Q3wNiPf8sgkhFOwEq+Ig2UlBgkNdeAj
teDoEDEMjHhqJGs1npOk4owjo+x+ON/UMgxrqjyuamo7ZpYx10guruXqws4GV3bx
wG2fyiIWFH2ZF9If0yyWJl6EB07sl2nEInSWWLbfIx1z9KHiOhTF6h/7Yw2AkX4x
AAbUacnxKjBQrP+HCZfMVwHmyDep65DGfzVRHCCZo/gNaEDOHU9eDrJO/5V3kBQv
6aOO2HgwmyxZA4TmJfYnTucmJcNq63Bd5JzUPNy7n9zLvTKHcHefxzbrmg+tbhb7
0GDc2z9oIQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:23:05 2025 by rpki-client