Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/8UG5Qh7t6gkyV0rD8nZ1oL2Ckuo.roa
File: 8UG5Qh7t6gkyV0rD8nZ1oL2Ckuo.roa (raw, json)
Hash identifier: br/1geYk5+cZ7ZJEexlmKCcjPCyNtKTSm1+1iwPC7Z0=
Subject key identifier: F1:41:B9:42:1E:ED:EA:09:32:57:4A:C3:F2:76:75:A0:BD:82:92:EA
Certificate issuer: /CN=6e1d8dd31ae9e03af4d26e9da6e2dd86a03039a4
Certificate serial: 01965D43B03DC889A370ED71FA5D90BC1A41
Authority key identifier: 6E:1D:8D:D3:1A:E9:E0:3A:F4:D2:6E:9D:A6:E2:DD:86:A0:30:39:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/8UG5Qh7t6gkyV0rD8nZ1oL2Ckuo.roa
Signing time: Tue 22 Apr 2025 11:30:39 +0000
ROA not before: Tue 22 Apr 2025 11:30:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31319
IP address blocks: 193.43.106.0/24 maxlen: 24
193.43.107.0/24 maxlen: 24
193.43.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 04 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:43:b0:3d:c8:89:a3:70:ed:71:fa:5d:90:bc:1a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e1d8dd31ae9e03af4d26e9da6e2dd86a03039a4
Validity
Not Before: Apr 22 11:30:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f141b9421eedea0932574ac3f27675a0bd8292ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:50:52:19:07:47:86:8b:7e:e1:6a:9a:71:77:
7a:a0:2b:cc:7e:7d:50:cd:61:ae:d7:54:fc:9e:97:
0b:d5:a3:a8:d4:9b:c0:e9:4a:ca:6a:f9:42:a0:e1:
e1:ab:78:57:eb:45:02:e6:1a:11:11:98:53:71:9f:
bf:e8:f7:b6:b9:57:fe:c9:f0:60:e2:61:0b:b4:a9:
64:ad:1d:4a:35:8d:38:d3:83:76:47:22:c3:90:2e:
3a:d3:da:13:7b:b1:23:90:0b:4d:96:4e:f5:12:30:
c9:7d:32:61:ce:b0:21:60:26:8d:08:c6:cf:e7:d9:
eb:13:d5:8a:6e:d9:66:5d:05:ec:b3:6f:45:1b:b5:
72:24:65:54:3d:d3:b1:01:71:da:c0:50:bd:4e:6f:
bd:a8:82:fb:e6:9b:08:ab:69:c1:25:4b:d5:3a:f8:
96:25:50:9c:df:d4:7e:53:f2:87:11:28:db:2b:4e:
95:90:05:fd:a1:1e:40:f9:c8:d9:98:c7:9c:79:81:
31:cc:8d:28:fd:36:c2:62:27:22:17:ae:46:c9:c8:
2f:98:7f:a9:4e:46:43:f4:b5:2c:97:1a:75:bc:41:
58:b2:94:e2:ed:f9:7a:36:51:73:7d:78:70:2d:a7:
de:19:18:ff:c6:ae:56:6b:48:9a:c3:58:bc:49:96:
b9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:41:B9:42:1E:ED:EA:09:32:57:4A:C3:F2:76:75:A0:BD:82:92:EA
X509v3 Authority Key Identifier:
keyid:6E:1D:8D:D3:1A:E9:E0:3A:F4:D2:6E:9D:A6:E2:DD:86:A0:30:39:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/8UG5Qh7t6gkyV0rD8nZ1oL2Ckuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/a269aa-c9bf-42c1-ade3-ed85ce094a87/1/bh2N0xrp4Dr00m6dpuLdhqAwOaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.106.0-193.43.108.255
Signature Algorithm: sha256WithRSAEncryption
61:29:73:cd:3d:86:31:4d:99:8b:03:ba:19:0b:b5:64:8f:9a:
c6:79:cf:d4:2b:50:5c:a3:89:b4:9f:42:87:e9:c7:d2:0e:08:
8b:2d:e7:5e:43:b6:7b:8a:e1:bc:2a:d8:d4:9b:00:f0:cd:73:
48:4c:1e:c8:fe:01:c9:29:8f:e4:87:ea:b6:1e:b7:37:1a:0f:
e4:fc:fa:c6:9e:3a:05:b3:7f:56:52:43:b8:bc:d2:be:f8:f8:
ea:f9:36:11:8b:c1:19:23:76:df:11:a9:e5:5b:40:61:0c:0d:
a4:c7:69:9e:c8:5e:07:ee:0a:06:f7:46:0b:b9:ad:32:35:54:
19:30:f7:df:de:23:b6:39:9b:cc:59:38:35:fb:35:8c:24:dc:
60:ad:81:ef:7f:ec:43:83:e4:68:67:f4:f8:82:d0:06:19:61:
13:9a:8b:d2:c7:b7:95:44:c8:52:18:c3:6a:13:69:9b:4f:93:
71:03:d8:a4:9e:d3:fa:99:3d:b9:2c:b9:b6:60:8b:27:8b:69:
97:ad:ff:fc:34:2f:3f:98:bb:1d:13:7d:1e:6a:e2:d8:23:27:
81:e7:28:56:9c:30:42:3d:35:00:dc:86:5f:c3:b3:13:0d:4a:
ad:4d:6d:64:21:9d:bd:98:8b:e3:0f:49:6a:5a:44:ec:6d:85:
04:f3:83:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZdQ7A9yImjcO1x+l2QvBpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMWQ4ZGQzMWFlOWUwM2FmNGQyNmU5ZGE2ZTJkZDg2YTAz
MDM5YTQwHhcNMjUwNDIyMTEzMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQxYjk0MjFlZWRlYTA5MzI1NzRhYzNmMjc2NzVhMGJkODI5MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslBSGQdHhot+4WqacXd6oCvMfn1Q
zWGu11T8npcL1aOo1JvA6UrKavlCoOHhq3hX60UC5hoREZhTcZ+/6Pe2uVf+yfBg
4mELtKlkrR1KNY0404N2RyLDkC4609oTe7EjkAtNlk71EjDJfTJhzrAhYCaNCMbP
59nrE9WKbtlmXQXss29FG7VyJGVUPdOxAXHawFC9Tm+9qIL75psIq2nBJUvVOviW
JVCc39R+U/KHESjbK06VkAX9oR5A+cjZmMeceYExzI0o/TbCYiciF65GycgvmH+p
TkZD9LUslxp1vEFYspTi7fl6NlFzfXhwLafeGRj/xq5Wa0iaw1i8SZa5LwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPFBuUIe7eoJMldKw/J2daC9gpLqMB8GA1UdIwQY
MBaAFG4djdMa6eA69NJunabi3YagMDmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmgyTjB4cnA0RHIwMG02ZHB1TGRocUF3T2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hMjY5YWEtYzliZi00MmMxLWFkZTMt
ZWQ4NWNlMDk0YTg3LzEvOFVHNVFoN3Q2Z2t5VjByRDhuWjFvTDJDa3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hMjY5YWEtYzliZi00MmMxLWFkZTMtZWQ4NWNlMDk0YTg3
LzEvYmgyTjB4cnA0RHIwMG02ZHB1TGRocUF3T2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBK2oD
BADBK2wwDQYJKoZIhvcNAQELBQADggEBAGEpc809hjFNmYsDuhkLtWSPmsZ5z9Qr
UFyjibSfQofpx9IOCIst515DtnuK4bwq2NSbAPDNc0hMHsj+Ackpj+SH6rYetzca
D+T8+saeOgWzf1ZSQ7i80r74+Or5NhGLwRkjdt8RqeVbQGEMDaTHaZ7IXgfuCgb3
Rgu5rTI1VBkw99/eI7Y5m8xZODX7NYwk3GCtge9/7EOD5Ghn9PiC0AYZYROai9LH
t5VEyFIYw2oTaZtPk3ED2KSe0/qZPbksubZgiyeLaZet//w0Lz+Yux0TfR5q4tgj
J4HnKFacMEI9NQDchl/DsxMNSq1NbWQhnb2Yi+MPSWpaROxthQTzg+I=
-----END CERTIFICATE-----
Generated at Sat May 3 13:20:54 2025 by rpki-client