Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/UK9YjHWc92sXiUJt3VZoNIq4t0k.roa
File: UK9YjHWc92sXiUJt3VZoNIq4t0k.roa (raw, json)
Hash identifier: igI+4irUGdklUjezFA8tc/PWzUHzep3VbVTtAZ5nupE=
Subject key identifier: 50:AF:58:8C:75:9C:F7:6B:17:89:42:6D:DD:56:68:34:8A:B8:B7:49
Certificate issuer: /CN=7d59659636089e32324697629c218da38a2b673d
Certificate serial: 01942369A35349D585781B1F5C55F2C0E134
Authority key identifier: 7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/UK9YjHWc92sXiUJt3VZoNIq4t0k.roa
Signing time: Wed 01 Jan 2025 19:48:33 +0000
ROA not before: Wed 01 Jan 2025 19:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 185.94.28.0/24 maxlen: 24
202.61.208.0/24 maxlen: 24
202.61.209.0/24 maxlen: 24
202.61.210.0/24 maxlen: 24
202.61.211.0/24 maxlen: 24
202.61.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/fVllljYInjIyRpdinCGNo4orZz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/fVllljYInjIyRpdinCGNo4orZz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a3:53:49:d5:85:78:1b:1f:5c:55:f2:c0:e1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d59659636089e32324697629c218da38a2b673d
Validity
Not Before: Jan 1 19:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50af588c759cf76b1789426ddd5668348ab8b749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:30:f8:93:56:52:1d:57:fd:bc:9c:d4:6a:
6c:42:90:46:8e:bd:90:5b:e4:51:07:38:e4:de:d0:
26:30:c7:de:37:41:d1:e8:44:8b:34:de:33:57:d4:
22:70:be:32:7e:c6:fb:0b:65:1b:94:09:c6:b3:71:
65:ef:98:fa:72:79:9a:a6:09:1a:22:f1:62:39:70:
a7:40:22:7c:37:88:00:a5:7c:30:a8:53:b2:c3:85:
15:33:9c:29:ad:e9:3b:de:20:b4:01:6a:c6:23:fe:
5e:27:34:eb:84:0a:9c:91:57:f3:ae:cd:79:35:f9:
e6:df:fa:0e:7b:31:3b:1a:38:ea:6d:26:88:89:36:
c8:92:ed:0e:08:49:a2:4c:b3:3f:10:e0:d5:59:30:
79:c7:84:4a:13:cd:a2:e5:b6:0a:ee:57:45:10:b5:
a2:c0:f7:98:53:f5:f6:b6:e7:fc:c9:9f:cc:d0:0e:
b3:45:52:f5:26:39:6d:84:9a:0d:2f:0e:40:61:2f:
18:ec:b8:19:f4:62:42:18:bf:37:0c:f5:34:8a:e1:
ef:45:41:a8:3f:98:88:a2:97:08:69:d3:94:2a:31:
ef:8f:55:35:fe:ca:a2:c8:b9:f9:a9:9c:f3:b8:80:
31:5a:c4:83:07:b7:c5:60:ae:66:ff:0d:83:23:07:
cb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AF:58:8C:75:9C:F7:6B:17:89:42:6D:DD:56:68:34:8A:B8:B7:49
X509v3 Authority Key Identifier:
keyid:7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/UK9YjHWc92sXiUJt3VZoNIq4t0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/fVllljYInjIyRpdinCGNo4orZz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.28.0/24
202.61.208.0-202.61.213.255
Signature Algorithm: sha256WithRSAEncryption
05:8d:e3:cc:14:07:76:dc:a5:96:ea:7a:3f:f5:17:77:82:51:
51:de:f8:bc:b6:b5:8f:4b:20:76:51:e1:cf:e9:fc:a2:d9:c3:
67:f5:fb:6a:a3:03:03:11:72:80:12:9f:b1:22:39:64:f5:cd:
71:e6:1e:77:c9:a6:5f:47:a7:ab:c6:b1:9a:f6:fe:f4:31:af:
75:71:6e:73:68:26:18:32:e0:dc:9f:89:d7:c5:0f:74:b6:19:
a1:50:30:2f:45:5b:d4:47:cd:11:46:dc:56:de:49:fe:08:5c:
80:4d:e0:48:2f:41:f9:f5:da:e9:2f:4a:33:a2:ab:05:2d:48:
8b:04:e3:60:5f:06:95:61:12:b6:19:c6:9a:6a:4f:29:ee:55:
8c:87:ba:37:09:56:c7:73:a4:f3:5b:f0:2b:9e:db:ec:05:46:
44:54:0e:d0:8b:1a:fa:b8:a5:fd:a7:7a:7d:e4:ca:23:8a:2f:
7d:f9:e6:ed:5a:07:dd:ec:b4:b9:dd:8e:5c:05:72:78:6e:ec:
2e:f1:0b:8e:a2:8d:c3:d0:0d:d5:7a:1d:af:8d:73:5c:0b:cb:
f7:94:ef:c8:6a:ad:94:60:7e:86:72:c2:02:85:b1:86:12:89:
cf:c8:07:d2:42:b8:3f:6a:e4:2b:77:75:8b:66:c9:5c:db:20:
a4:04:a4:df
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQjaaNTSdWFeBsfXFXywOE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTk2NTk2MzYwODllMzIzMjQ2OTc2MjljMjE4ZGEzOGEy
YjY3M2QwHhcNMjUwMTAxMTk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFmNTg4Yzc1OWNmNzZiMTc4OTQyNmRkZDU2NjgzNDhhYjhiNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+Qw+JNWUh1X/byc1GpsQpBGjr2Q
W+RRBzjk3tAmMMfeN0HR6ESLNN4zV9QicL4yfsb7C2UblAnGs3Fl75j6cnmapgka
IvFiOXCnQCJ8N4gApXwwqFOyw4UVM5wprek73iC0AWrGI/5eJzTrhAqckVfzrs15
Nfnm3/oOezE7GjjqbSaIiTbIku0OCEmiTLM/EODVWTB5x4RKE82i5bYK7ldFELWi
wPeYU/X2tuf8yZ/M0A6zRVL1JjlthJoNLw5AYS8Y7LgZ9GJCGL83DPU0iuHvRUGo
P5iIopcIadOUKjHvj1U1/sqiyLn5qZzzuIAxWsSDB7fFYK5m/w2DIwfLLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFCvWIx1nPdrF4lCbd1WaDSKuLdJMB8GA1UdIwQY
MBaAFH1ZZZY2CJ4yMkaXYpwhjaOKK2c9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZsbGxqWUluakl5UnBkaW5DR05vNG9yWnowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82NTJlZjAtYWUzMC00NWJhLTk5NzAt
NmMxY2Y3MjVkOGY3LzEvVUs5WWpIV2M5MnNYaVVKdDNWWm9OSXE0dDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82NTJlZjAtYWUzMC00NWJhLTk5NzAtNmMxY2Y3MjVkOGY3
LzEvZlZsbGxqWUluakl5UnBkaW5DR05vNG9yWnowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuV4cMAwD
BATKPdADBAHKPdQwDQYJKoZIhvcNAQELBQADggEBAAWN48wUB3bcpZbqej/1F3eC
UVHe+Ly2tY9LIHZR4c/p/KLZw2f1+2qjAwMRcoASn7EiOWT1zXHmHnfJpl9Hp6vG
sZr2/vQxr3VxbnNoJhgy4NyfidfFD3S2GaFQMC9FW9RHzRFG3FbeSf4IXIBN4Egv
Qfn12ukvSjOiqwUtSIsE42BfBpVhErYZxppqTynuVYyHujcJVsdzpPNb8Cue2+wF
RkRUDtCLGvq4pf2nen3kyiOKL3355u1aB93stLndjlwFcnhu7C7xC46ijcPQDdV6
Ha+Nc1wLy/eU78hqrZRgfoZywgKFsYYSic/IB9JCuD9q5Ct3dYtmyVzbIKQEpN8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:28 2025 by rpki-client