Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/uQl0h3i3b202uiSsE2ql_r0wnXQ.roa
File: uQl0h3i3b202uiSsE2ql_r0wnXQ.roa (raw, json)
Hash identifier: RIkzFeAhN9PoylnIf3cZdxJ8xVemWn5y0Bu19U5kI84=
Subject key identifier: B9:09:74:87:78:B7:6F:6D:36:BA:24:AC:13:6A:A5:FE:BD:30:9D:74
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01956D9695110F45DA49D5D7946F626909A4
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/uQl0h3i3b202uiSsE2ql_r0wnXQ.roa
Signing time: Thu 06 Mar 2025 22:32:19 +0000
ROA not before: Thu 06 Mar 2025 22:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
2a01:77c0:7135::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:96:95:11:0f:45:da:49:d5:d7:94:6f:62:69:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Mar 6 22:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b909748778b76f6d36ba24ac136aa5febd309d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:32:8d:2b:29:23:41:34:fd:d1:84:fd:cf:f9:
2d:61:96:07:0a:27:21:85:15:f1:54:f9:01:b8:89:
5f:b6:c2:83:c7:45:61:16:82:e6:3e:65:d7:80:d9:
2a:38:00:d0:cf:e7:e9:59:55:2b:bc:9b:9c:87:e2:
61:f5:d0:6f:2c:07:cc:48:58:87:4f:10:70:5b:03:
15:f6:b3:2a:1d:cd:1c:48:7f:58:c6:f7:4a:db:f5:
8b:9a:5e:f3:dc:9f:d6:41:d2:79:3c:a2:3a:4e:c4:
33:5f:40:fd:6f:81:f8:1b:76:2c:71:78:e0:5a:c9:
cc:c7:52:35:07:6e:05:bf:dc:9d:4f:43:f5:2b:06:
0d:10:33:4b:64:77:28:d3:7d:d0:7c:ce:28:65:74:
c2:63:90:9f:d7:49:ec:89:d9:de:1c:3f:ad:e1:2d:
b5:26:af:d0:35:08:a3:2b:bc:ca:3e:95:05:e7:4c:
4a:a1:fe:d7:67:55:e3:8b:e5:90:88:57:38:d7:b9:
26:f1:d6:13:32:98:f8:c8:3d:7b:a7:58:ab:0f:93:
1f:e4:28:1f:ab:3e:22:1a:8b:eb:0f:3d:53:64:70:
2a:51:17:44:4a:b9:8d:d1:32:94:bb:b3:d9:95:c9:
c9:c9:5a:14:04:7a:2a:93:07:21:c1:8e:c5:86:57:
3c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:09:74:87:78:B7:6F:6D:36:BA:24:AC:13:6A:A5:FE:BD:30:9D:74
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/uQl0h3i3b202uiSsE2ql_r0wnXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
2a01:77c0:7135::/48
Signature Algorithm: sha256WithRSAEncryption
1e:7a:3b:91:66:c2:f7:50:d5:f7:bf:75:b9:e2:1e:b6:e0:7d:
62:29:e4:b0:29:a1:3d:88:1d:31:28:55:21:cd:31:2f:12:00:
63:e7:9f:bb:79:2b:85:8a:7b:00:8b:b5:ef:cd:8d:a7:e4:96:
dd:8a:cf:8c:a9:29:19:29:37:b0:b6:b4:ff:83:e1:89:45:d9:
bb:db:4c:54:03:05:80:ba:09:e6:1d:c1:99:b4:18:20:ad:e1:
28:61:31:dd:55:5e:08:f7:98:9f:35:cf:22:56:2d:b8:34:0f:
55:c5:70:6d:fc:96:94:86:f6:47:11:11:16:b8:17:ec:8e:2a:
e6:f3:2a:93:a6:ed:dc:06:5e:d9:d1:f0:b1:32:71:4f:e0:7e:
a7:52:2f:9e:8e:31:a4:ac:d1:08:c5:e9:d1:33:3e:64:e6:d5:
92:60:62:9b:3d:af:39:e5:7e:f6:59:fc:b8:82:88:d0:26:e0:
eb:ed:99:68:1a:c4:0a:ac:dd:b9:e8:0a:02:88:66:fd:71:74:
34:d0:bc:2a:45:27:c3:96:bb:0a:91:24:9f:54:a3:cd:53:dc:
71:5d:36:ff:40:48:f8:78:b8:8d:0e:1c:ce:7f:aa:29:7d:2e:
d8:1c:6b:b1:75:b1:d8:77:1b:5c:71:db:a5:f4:f9:67:ae:1b:
ba:f4:83:e9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZVtlpURD0XaSdXXlG9iaQmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwMzA2MjIzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA5NzQ4Nzc4Yjc2ZjZkMzZiYTI0YWMxMzZhYTVmZWJkMzA5ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzKNKykjQTT90YT9z/ktYZYHCich
hRXxVPkBuIlftsKDx0VhFoLmPmXXgNkqOADQz+fpWVUrvJuch+Jh9dBvLAfMSFiH
TxBwWwMV9rMqHc0cSH9YxvdK2/WLml7z3J/WQdJ5PKI6TsQzX0D9b4H4G3YscXjg
WsnMx1I1B24Fv9ydT0P1KwYNEDNLZHco033QfM4oZXTCY5Cf10nsidneHD+t4S21
Jq/QNQijK7zKPpUF50xKof7XZ1Xji+WQiFc417km8dYTMpj4yD17p1irD5Mf5Cgf
qz4iGovrDz1TZHAqURdESrmN0TKUu7PZlcnJyVoUBHoqkwchwY7Fhlc84QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLkJdId4t29tNrokrBNqpf69MJ10MB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvdVFsMGgzaTNiMjAydWlTc0UycWxfcjB3blhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCucMAMBgE
AgACMBIDBwAqAXfAFhkDBwAqAXfAcTUwDQYJKoZIhvcNAQELBQADggEBAB56O5Fm
wvdQ1fe/dbniHrbgfWIp5LApoT2IHTEoVSHNMS8SAGPnn7t5K4WKewCLte/Njafk
lt2Kz4ypKRkpN7C2tP+D4YlF2bvbTFQDBYC6CeYdwZm0GCCt4ShhMd1VXgj3mJ81
zyJWLbg0D1XFcG38lpSG9kcRERa4F+yOKubzKpOm7dwGXtnR8LEycU/gfqdSL56O
MaSs0QjF6dEzPmTm1ZJgYps9rznlfvZZ/LiCiNAm4OvtmWgaxAqs3bnoCgKIZv1x
dDTQvCpFJ8OWuwqRJJ9Uo81T3HFdNv9ASPh4uI0OHM5/qil9Ltgca7F1sdh3G1xx
26X0+WeuG7r0g+k=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:23:08 2025 by rpki-client