Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/UscJiSEPN7-PYnIHOgT8LNjrioo.roa
File: UscJiSEPN7-PYnIHOgT8LNjrioo.roa (raw, json)
Hash identifier: RVU014DpCH3z/tdVgprON9hggZk6wMumDABO2h4+Fx0=
Subject key identifier: 52:C7:09:89:21:0F:37:BF:8F:62:72:07:3A:04:FC:2C:D8:EB:8A:8A
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 019422FB4AABB7D334F2B5CB3EAB7221040A
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/UscJiSEPN7-PYnIHOgT8LNjrioo.roa
Signing time: Wed 01 Jan 2025 17:48:01 +0000
ROA not before: Wed 01 Jan 2025 17:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200168
IP address blocks: 185.35.212.0/22 maxlen: 24
195.254.172.0/23 maxlen: 23
2a04:6540::/32 maxlen: 32
2a04:6543::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:4a:ab:b7:d3:34:f2:b5:cb:3e:ab:72:21:04:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Jan 1 17:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52c70989210f37bf8f6272073a04fc2cd8eb8a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:4a:91:02:37:48:da:34:57:97:40:68:90:
c7:7f:5e:1c:41:4f:3b:cc:8e:d8:5f:36:1d:c5:b9:
24:29:d5:88:4c:77:5c:4d:b1:2d:4c:5a:fc:ec:76:
8e:8f:73:0a:2b:25:16:a9:17:23:b2:76:07:13:56:
cc:48:46:5a:34:51:87:10:9f:62:31:fe:6c:a5:8a:
48:80:42:33:ae:85:4c:fa:6c:7c:ea:1a:50:44:6b:
fe:e6:51:10:62:88:0f:8b:00:a6:ed:0e:f1:84:4f:
fc:c2:f7:8d:bf:69:67:94:4e:fd:58:85:b8:a8:dd:
76:7b:51:ce:44:79:7b:70:ba:c9:67:c1:16:da:b7:
6c:19:9b:d7:8c:bf:8b:80:d1:71:83:91:e0:74:69:
8f:36:01:75:a7:1b:65:3a:1f:f4:f8:2a:99:13:77:
bf:ef:83:88:8f:dc:64:ca:c2:26:13:7f:9d:91:e0:
95:1d:57:86:d3:08:96:64:8d:24:cb:3f:77:f7:76:
07:4e:f4:e3:13:a2:f3:91:bb:28:56:fa:ac:2e:b2:
6e:71:ad:51:55:f9:10:07:06:02:29:91:d8:a9:db:
ce:4a:3a:fc:87:ea:52:3e:61:c3:61:8c:dc:d5:ca:
f0:f5:35:28:88:d2:e5:0e:4e:31:68:a5:d0:de:0e:
cf:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C7:09:89:21:0F:37:BF:8F:62:72:07:3A:04:FC:2C:D8:EB:8A:8A
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/UscJiSEPN7-PYnIHOgT8LNjrioo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.212.0/22
195.254.172.0/23
IPv6:
2a04:6540::/32
2a04:6543::/32
Signature Algorithm: sha256WithRSAEncryption
21:72:83:c7:92:3f:6f:0e:51:8c:d3:d4:f9:cb:32:2d:73:b3:
7d:50:e8:77:7c:62:6a:d3:2e:ea:3c:c5:3e:18:fd:cb:89:91:
5c:88:3e:e0:02:bb:c4:6f:af:eb:b1:53:59:9d:23:6a:1c:f0:
74:87:dc:b5:aa:10:b9:ba:8d:e8:b6:16:45:10:db:18:ae:11:
eb:7b:ff:b3:e3:1f:48:02:2c:ef:6c:17:25:e1:6c:2c:53:0f:
ca:4e:32:7f:96:61:cb:40:3b:9b:1f:94:a2:75:a8:ab:33:00:
f6:39:1b:59:06:a5:08:26:97:8b:d5:87:ae:4b:c5:ea:67:4d:
85:ed:dc:a4:82:11:61:57:8f:cd:9d:d2:c6:65:ef:d3:8c:2e:
98:d4:63:8b:77:0e:7f:79:05:e6:6d:b3:01:de:10:f2:e5:18:
e9:9f:e9:39:d4:97:24:d7:76:fc:66:25:a8:2a:67:72:2a:44:
d3:cf:60:64:a9:4c:6d:d3:44:18:df:b7:ff:4b:74:29:2f:ef:
17:6b:7a:e2:2e:60:c4:9e:b1:4d:03:1d:35:d1:84:1f:8d:28:
68:fe:4f:ea:aa:c3:3e:50:79:d6:40:04:89:40:40:c3:40:01:
87:0c:80:b9:8a:9b:ff:98:91:86:da:46:5c:70:17:c0:d0:77:
a9:6a:e6:a4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQi+0qrt9M08rXLPqtyIQQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTFkNTI2MjU2MWE5ZGQ3MTNkZmEzOTE2M2RlYzg0OWZl
ZTQ2MzYwHhcNMjUwMTAxMTc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM3MDk4OTIxMGYzN2JmOGY2MjcyMDczYTA0ZmMyY2Q4ZWI4YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD9KkQI3SNo0V5dAaJDHf14cQU87
zI7YXzYdxbkkKdWITHdcTbEtTFr87HaOj3MKKyUWqRcjsnYHE1bMSEZaNFGHEJ9i
Mf5spYpIgEIzroVM+mx86hpQRGv+5lEQYogPiwCm7Q7xhE/8wveNv2lnlE79WIW4
qN12e1HORHl7cLrJZ8EW2rdsGZvXjL+LgNFxg5HgdGmPNgF1pxtlOh/0+CqZE3e/
74OIj9xkysImE3+dkeCVHVeG0wiWZI0kyz9393YHTvTjE6LzkbsoVvqsLrJuca1R
VfkQBwYCKZHYqdvOSjr8h+pSPmHDYYzc1crw9TUoiNLlDk4xaKXQ3g7PVwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFLHCYkhDze/j2JyBzoE/CzY64qKMB8GA1UdIwQY
MBaAFKuR1SYlYandcT36ORY97ISf7kY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQt
Mjc1MjQyYWE2Nzc1LzEvVXNjSmlTRVBONy1QWW5JSE9nVDhMTmpyaW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQtMjc1MjQyYWE2Nzc1
LzEvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSPUAwQB
w/6sMBQEAgACMA4DBQAqBGVAAwUAKgRlQzANBgkqhkiG9w0BAQsFAAOCAQEAIXKD
x5I/bw5RjNPU+csyLXOzfVDod3xiatMu6jzFPhj9y4mRXIg+4AK7xG+v67FTWZ0j
ahzwdIfctaoQubqN6LYWRRDbGK4R63v/s+MfSAIs72wXJeFsLFMPyk4yf5Zhy0A7
mx+UonWoqzMA9jkbWQalCCaXi9WHrkvF6mdNhe3cpIIRYVePzZ3SxmXv04wumNRj
i3cOf3kF5m2zAd4Q8uUY6Z/pOdSXJNd2/GYlqCpncipE089gZKlMbdNEGN+3/0t0
KS/vF2t64i5gxJ6xTQMdNdGEH40oaP5P6qrDPlB51kAEiUBAw0ABhwyAuYqb/5iR
htpGXHAXwNB3qWrmpA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:02:27 2025 by rpki-client