Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/u-lGXvBrrOtS45APR_Waw4axrTc.roa
File: u-lGXvBrrOtS45APR_Waw4axrTc.roa (raw, json)
Hash identifier: W3bOvfQ0kiPnMkAC0M/+bR7qhmdbihjJm/WhE44sz9U=
Subject key identifier: BB:E9:46:5E:F0:6B:AC:EB:52:E3:90:0F:47:F5:9A:C3:86:B1:AD:37
Certificate issuer: /CN=5fa386e97656d648ab5381b29666414081b00084
Certificate serial: 0194228E409FA5A05576A3603E63E32556AC
Authority key identifier: 5F:A3:86:E9:76:56:D6:48:AB:53:81:B2:96:66:41:40:81:B0:00:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X6OG6XZW1kirU4GylmZBQIGwAIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/u-lGXvBrrOtS45APR_Waw4axrTc.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34254
IP address blocks: 83.142.184.0/21 maxlen: 21
185.70.180.0/22 maxlen: 22
185.232.116.0/24 maxlen: 24
2a04:400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/X6OG6XZW1kirU4GylmZBQIGwAIQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/X6OG6XZW1kirU4GylmZBQIGwAIQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X6OG6XZW1kirU4GylmZBQIGwAIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:40:9f:a5:a0:55:76:a3:60:3e:63:e3:25:56:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fa386e97656d648ab5381b29666414081b00084
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbe9465ef06baceb52e3900f47f59ac386b1ad37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5b:83:65:28:58:b6:c1:d7:4d:d4:22:d7:94:
fb:75:d2:bc:94:91:6c:f1:f9:99:9b:f8:c8:b4:07:
f4:f3:33:00:d4:e9:5c:85:ec:ba:3e:b6:6c:ae:8d:
4e:a8:7b:d2:2e:a1:11:91:22:d3:d8:7d:c2:81:99:
d8:db:96:80:9c:51:f1:37:1d:58:34:f6:96:c2:e4:
58:6b:5d:d4:c3:bc:c6:49:2e:16:a6:2e:4e:bf:2a:
50:3f:17:27:6d:cc:ff:fd:12:23:be:86:0e:a0:89:
39:60:3c:a3:31:05:19:bb:4a:52:cf:f0:a8:17:a8:
19:b8:49:d3:c8:04:63:f5:3e:eb:7e:29:41:9b:22:
28:0f:dd:a7:fa:f8:5a:ba:8f:73:d1:e1:e7:65:42:
14:fe:be:90:5e:08:50:13:10:a9:7c:14:8d:d2:fd:
d0:b1:25:fe:d1:75:71:fc:3f:e1:68:37:92:80:a9:
aa:de:b8:09:41:36:11:bd:0c:d5:e8:cf:07:99:67:
b6:b9:d7:b0:13:7c:73:50:2d:f1:7b:fc:ff:4b:30:
5c:52:f1:4f:a5:16:13:22:a9:f8:05:21:55:fc:8a:
8f:13:ca:6f:43:89:ed:f8:e5:18:9b:58:3a:98:1e:
3c:56:51:dc:50:96:74:86:09:e3:64:db:bf:89:cc:
2d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E9:46:5E:F0:6B:AC:EB:52:E3:90:0F:47:F5:9A:C3:86:B1:AD:37
X509v3 Authority Key Identifier:
keyid:5F:A3:86:E9:76:56:D6:48:AB:53:81:B2:96:66:41:40:81:B0:00:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X6OG6XZW1kirU4GylmZBQIGwAIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/u-lGXvBrrOtS45APR_Waw4axrTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5505e0-2e8a-4c75-8118-950ce39a977c/1/X6OG6XZW1kirU4GylmZBQIGwAIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.184.0/21
185.70.180.0/22
185.232.116.0/24
IPv6:
2a04:400::/29
Signature Algorithm: sha256WithRSAEncryption
85:9e:9f:71:3c:fc:93:3a:95:17:f4:9e:e0:79:e8:8a:d6:1a:
80:74:4b:46:b0:26:34:79:06:d5:33:2c:78:86:d5:bd:02:06:
a1:b1:41:90:cb:b7:e5:e7:e6:93:d6:53:38:52:9e:b8:79:cb:
53:ce:69:4c:d7:04:75:1d:d5:7c:c5:17:f8:57:ce:bd:3d:d3:
5f:7b:25:bb:0a:f8:08:dc:05:ec:ec:77:da:45:91:c4:14:a5:
c9:08:e3:a4:63:24:03:e8:31:44:4a:3d:4d:e9:ab:3d:02:84:
aa:e3:69:ee:2f:dd:b8:20:3f:58:70:8d:88:6d:7f:10:95:a3:
12:63:36:77:96:cb:6c:c9:57:75:37:83:f4:68:15:88:83:00:
98:19:6e:88:6e:a1:13:8d:82:39:bb:1c:7d:c2:55:d9:54:f3:
74:4a:97:58:64:f0:ee:29:3f:94:64:78:e5:e6:20:7c:9e:1b:
e8:94:22:4e:77:8b:c6:ba:d1:08:5e:e7:ec:b8:a3:30:ef:05:
d7:a2:c7:75:91:d7:6d:c7:53:2a:19:0d:bc:b9:43:a5:7d:e7:
02:65:63:59:59:68:8e:f1:00:73:9b:1d:d5:6f:f3:70:c9:73:
78:81:2b:6e:4a:e3:6d:30:04:4a:fd:e4:32:66:14:30:29:de:
00:d0:0f:8e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijkCfpaBVdqNgPmPjJVasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYTM4NmU5NzY1NmQ2NDhhYjUzODFiMjk2NjY0MTQwODFi
MDAwODQwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmU5NDY1ZWYwNmJhY2ViNTJlMzkwMGY0N2Y1OWFjMzg2YjFhZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVuDZShYtsHXTdQi15T7ddK8lJFs
8fmZm/jItAf08zMA1Olchey6PrZsro1OqHvSLqERkSLT2H3CgZnY25aAnFHxNx1Y
NPaWwuRYa13Uw7zGSS4Wpi5OvypQPxcnbcz//RIjvoYOoIk5YDyjMQUZu0pSz/Co
F6gZuEnTyARj9T7rfilBmyIoD92n+vhauo9z0eHnZUIU/r6QXghQExCpfBSN0v3Q
sSX+0XVx/D/haDeSgKmq3rgJQTYRvQzV6M8HmWe2udewE3xzUC3xe/z/SzBcUvFP
pRYTIqn4BSFV/IqPE8pvQ4nt+OUYm1g6mB48VlHcUJZ0hgnjZNu/icwteQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLvpRl7wa6zrUuOQD0f1msOGsa03MB8GA1UdIwQY
MBaAFF+jhul2VtZIq1OBspZmQUCBsACEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDZPRzZYWlcxa2lyVTRHeWxtWkJRSUd3QUlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81NTA1ZTAtMmU4YS00Yzc1LTgxMTgt
OTUwY2UzOWE5NzdjLzEvdS1sR1h2QnJyT3RTNDVBUFJfV2F3NGF4clRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81NTA1ZTAtMmU4YS00Yzc1LTgxMTgtOTUwY2UzOWE5Nzdj
LzEvWDZPRzZYWlcxa2lyVTRHeWxtWkJRSUd3QUlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU464AwQC
uUa0AwQAueh0MA0EAgACMAcDBQMqBAQAMA0GCSqGSIb3DQEBCwUAA4IBAQCFnp9x
PPyTOpUX9J7geeiK1hqAdEtGsCY0eQbVMyx4htW9AgahsUGQy7fl5+aT1lM4Up64
ectTzmlM1wR1HdV8xRf4V869PdNfeyW7CvgI3AXs7HfaRZHEFKXJCOOkYyQD6DFE
Sj1N6as9AoSq42nuL924ID9YcI2IbX8QlaMSYzZ3lstsyVd1N4P0aBWIgwCYGW6I
bqETjYI5uxx9wlXZVPN0SpdYZPDuKT+UZHjl5iB8nhvolCJOd4vGutEIXufsuKMw
7wXXosd1kddtx1MqGQ28uUOlfecCZWNZWWiO8QBzmx3Vb/NwyXN4gStuSuNtMARK
/eQyZhQwKd4A0A+O
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:15 2025 by rpki-client