Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/U32_Sc22WvD7Fv16LTG7iyrHJKk.roa
File: U32_Sc22WvD7Fv16LTG7iyrHJKk.roa (raw, json)
Hash identifier: HDMDgZcXReJr66n8qO4cBkBwOaGGNGz+zcAfJfe/HW0=
Subject key identifier: 53:7D:BF:49:CD:B6:5A:F0:FB:16:FD:7A:2D:31:BB:8B:2A:C7:24:A9
Certificate issuer: /CN=8ead45e317257e170a2030e79b0f5f74406a7842
Certificate serial: 01942067E972CF9FEB3402ADD166828ADBD1
Authority key identifier: 8E:AD:45:E3:17:25:7E:17:0A:20:30:E7:9B:0F:5F:74:40:6A:78:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jq1F4xclfhcKIDDnmw9fdEBqeEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/U32_Sc22WvD7Fv16LTG7iyrHJKk.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 92.119.244.0/24 maxlen: 24
92.119.245.0/24 maxlen: 24
92.119.246.0/24 maxlen: 24
92.119.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/jq1F4xclfhcKIDDnmw9fdEBqeEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/jq1F4xclfhcKIDDnmw9fdEBqeEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/jq1F4xclfhcKIDDnmw9fdEBqeEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e9:72:cf:9f:eb:34:02:ad:d1:66:82:8a:db:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ead45e317257e170a2030e79b0f5f74406a7842
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=537dbf49cdb65af0fb16fd7a2d31bb8b2ac724a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e0:0c:2a:61:a0:3d:1f:2e:3b:d5:17:5d:76:
32:f4:05:ab:97:63:6e:c6:20:aa:a0:b1:50:48:bc:
cd:c6:34:8a:39:23:48:99:78:61:c5:1c:39:6c:5e:
8c:74:cb:a8:f5:67:0f:b7:1f:f2:ae:cc:65:2e:35:
05:d4:57:40:03:da:11:db:d5:00:99:f1:eb:2a:29:
4b:73:47:8d:b4:cf:a5:ec:4f:f8:7e:86:4e:3d:08:
c0:5b:af:ac:fd:60:5f:de:1e:68:93:65:d6:a6:5d:
12:68:64:9b:e3:fc:ca:4d:e2:5e:86:29:89:8f:06:
46:54:61:89:48:9e:0c:76:88:12:b9:8d:9a:e8:3d:
6e:64:c5:c0:60:48:f8:2e:1d:ee:8f:ab:44:ff:07:
37:a4:b7:cc:18:96:12:f5:eb:5f:d3:d2:06:62:8c:
3b:f1:b1:2a:de:0e:75:f5:55:d9:9a:a4:e5:e9:dd:
77:28:a2:27:a2:f6:c7:17:5f:0a:1e:a5:0c:3a:be:
7f:90:24:3f:48:12:13:7b:c3:59:56:dc:67:4b:d6:
c0:33:91:70:5c:eb:b3:c2:c3:a1:e4:6f:50:c9:c4:
2a:bf:b5:f9:4b:c3:56:f1:62:a0:05:df:01:ad:06:
2c:de:4b:80:96:2f:5a:dc:f1:a9:46:5b:6f:9b:50:
08:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7D:BF:49:CD:B6:5A:F0:FB:16:FD:7A:2D:31:BB:8B:2A:C7:24:A9
X509v3 Authority Key Identifier:
keyid:8E:AD:45:E3:17:25:7E:17:0A:20:30:E7:9B:0F:5F:74:40:6A:78:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jq1F4xclfhcKIDDnmw9fdEBqeEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/U32_Sc22WvD7Fv16LTG7iyrHJKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/81eaf6-66cf-4b21-8ffb-08bdcd533b61/1/jq1F4xclfhcKIDDnmw9fdEBqeEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.244.0/22
Signature Algorithm: sha256WithRSAEncryption
00:08:a4:84:70:a4:7a:25:0c:65:e9:55:ae:8e:f5:0c:35:20:
77:8a:e7:51:6f:64:75:6c:7e:77:d2:11:d0:7f:b9:99:c8:ad:
eb:37:2b:70:56:be:9a:90:b8:04:01:da:76:7c:28:5b:a4:e0:
30:50:e7:2a:02:40:b5:8c:14:51:9b:84:5d:cd:20:23:11:68:
d9:36:1c:5c:87:dc:ed:9e:40:b8:22:fd:f3:dc:d6:c8:eb:c9:
5d:2b:09:52:6e:73:77:0f:b6:30:47:15:bb:07:d9:0c:16:bd:
c4:37:3b:4e:f6:92:8b:d5:28:33:4c:c9:39:98:00:4c:bc:42:
07:70:1b:1d:9f:d5:1a:c6:a3:ef:48:f6:c9:bb:ff:c4:27:fa:
05:2f:a2:e1:ca:0a:ca:c2:8d:33:60:6b:0c:2b:34:3f:00:d3:
da:7e:9f:1b:45:93:a2:06:ff:01:1e:21:d7:23:3f:59:d1:31:
ea:fd:28:70:a3:dd:e6:03:e8:fb:0c:7b:bc:cc:2e:41:88:99:
fc:fe:0f:8a:5e:f2:5f:90:89:f7:ad:e2:ba:0d:c2:d0:6c:e3:
f8:5b:f2:ed:87:8b:a2:03:bb:43:f5:b6:7a:65:05:81:56:2b:
f1:40:5a:7e:28:fd:fb:a5:7d:d3:24:6a:f6:29:19:bd:97:df:
3a:67:c4:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+lyz5/rNAKt0WaCitvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWQ0NWUzMTcyNTdlMTcwYTIwMzBlNzliMGY1Zjc0NDA2
YTc4NDIwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdkYmY0OWNkYjY1YWYwZmIxNmZkN2EyZDMxYmI4YjJhYzcyNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquAMKmGgPR8uO9UXXXYy9AWrl2Nu
xiCqoLFQSLzNxjSKOSNImXhhxRw5bF6MdMuo9WcPtx/yrsxlLjUF1FdAA9oR29UA
mfHrKilLc0eNtM+l7E/4foZOPQjAW6+s/WBf3h5ok2XWpl0SaGSb4/zKTeJehimJ
jwZGVGGJSJ4MdogSuY2a6D1uZMXAYEj4Lh3uj6tE/wc3pLfMGJYS9etf09IGYow7
8bEq3g519VXZmqTl6d13KKInovbHF18KHqUMOr5/kCQ/SBITe8NZVtxnS9bAM5Fw
XOuzwsOh5G9QycQqv7X5S8NW8WKgBd8BrQYs3kuAli9a3PGpRltvm1AI2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN9v0nNtlrw+xb9ei0xu4sqxySpMB8GA1UdIwQY
MBaAFI6tReMXJX4XCiAw55sPX3RAanhCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanExRjR4Y2xmaGNLSUREbm13OWZkRUJxZUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84MWVhZjYtNjZjZi00YjIxLThmZmIt
MDhiZGNkNTMzYjYxLzEvVTMyX1NjMjJXdkQ3RnYxNkxURzdpeXJISktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84MWVhZjYtNjZjZi00YjIxLThmZmItMDhiZGNkNTMzYjYx
LzEvanExRjR4Y2xmaGNLSUREbm13OWZkRUJxZUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXHf0MA0G
CSqGSIb3DQEBCwUAA4IBAQAACKSEcKR6JQxl6VWujvUMNSB3iudRb2R1bH530hHQ
f7mZyK3rNytwVr6akLgEAdp2fChbpOAwUOcqAkC1jBRRm4RdzSAjEWjZNhxch9zt
nkC4Iv3z3NbI68ldKwlSbnN3D7YwRxW7B9kMFr3ENztO9pKL1SgzTMk5mABMvEIH
cBsdn9UaxqPvSPbJu//EJ/oFL6LhygrKwo0zYGsMKzQ/ANPafp8bRZOiBv8BHiHX
Iz9Z0THq/Shwo93mA+j7DHu8zC5BiJn8/g+KXvJfkIn3reK6DcLQbOP4W/Lth4ui
A7tD9bZ6ZQWBVivxQFp+KP37pX3TJGr2KRm9l986Z8Tc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:10 2025 by rpki-client