Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ud6GmSlR-flHxtrq58PR4zDwQWY.roa
File: Ud6GmSlR-flHxtrq58PR4zDwQWY.roa (raw, json)
Hash identifier: Wr8tQYvTfGv0BtpRAtuFtH3EEIr0b+KmaVkZ8HfLx40=
Subject key identifier: 51:DE:86:99:29:51:F9:F9:47:C6:DA:EA:E7:C3:D1:E3:30:F0:41:66
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01952882EA1DD1FF6A0A0AF62D64C2C9CE78
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ud6GmSlR-flHxtrq58PR4zDwQWY.roa
Signing time: Fri 21 Feb 2025 12:37:03 +0000
ROA not before: Fri 21 Feb 2025 12:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 79.99.150.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.226.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 23:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:82:ea:1d:d1:ff:6a:0a:0a:f6:2d:64:c2:c9:ce:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 21 12:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51de86992951f9f947c6daeae7c3d1e330f04166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:73:4b:1d:c9:10:9c:3e:23:48:fe:cd:d8:b0:
83:4c:df:1b:be:77:a9:92:d9:c8:7e:bc:d8:ba:8c:
63:a4:7e:9b:c8:79:0f:52:81:b9:13:35:cb:ea:06:
7b:79:a2:44:77:06:75:b7:59:54:06:42:b0:c8:8f:
33:69:81:1c:1f:64:15:30:21:0c:4d:7c:bd:78:6d:
b2:fe:a5:cb:ed:24:21:5b:1d:fb:2f:86:29:07:52:
79:85:dc:43:8d:9e:96:16:28:49:35:5f:78:0c:05:
05:0b:1c:53:7c:87:0b:3b:2b:ce:a5:cd:11:b6:cf:
2b:91:0f:9e:b7:e9:cf:43:ae:c1:31:c6:7e:04:82:
75:e1:a2:ff:02:89:1a:d2:31:95:c7:bd:e0:59:2d:
ec:ed:4f:15:1b:ae:45:57:5f:4e:00:c5:71:69:14:
76:17:17:09:4f:cb:64:c2:e1:0f:22:3f:af:da:d6:
ca:a9:11:32:b0:fe:7a:f2:ac:4c:bb:5d:e9:ee:1e:
fc:3a:50:56:9e:f6:2f:51:fa:7c:25:ef:39:34:99:
c0:07:46:25:2e:d5:5e:34:29:b6:c2:e2:4e:f9:70:
8f:80:1c:01:fd:b6:e1:40:6b:c4:06:8c:7e:02:76:
1a:7f:49:3b:42:95:ce:0a:f6:27:f4:e2:31:fb:38:
f4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DE:86:99:29:51:F9:F9:47:C6:DA:EA:E7:C3:D1:E3:30:F0:41:66
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ud6GmSlR-flHxtrq58PR4zDwQWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.150.0/23
82.152.55.0/24
82.163.0.0/24
82.163.10.0/23
89.213.226.0/24
109.176.30.0/24
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
13:96:3d:e7:f5:e7:9c:0f:6a:58:65:ce:df:92:87:84:5a:46:
f4:8b:36:ad:9e:7e:24:2e:0c:22:b1:2f:ca:86:aa:83:fb:19:
00:22:15:f5:4a:d3:c3:a9:8e:ce:f6:f0:ca:c3:f2:57:93:76:
b7:54:f5:cc:42:c7:f0:97:18:0a:e3:96:3e:ae:2c:47:9b:70:
31:c1:af:33:e7:6b:08:ad:25:ca:4b:00:47:97:ea:eb:b3:03:
0f:55:3d:13:35:f3:9c:4a:fd:f7:0b:0d:03:a9:91:59:d7:d7:
52:03:67:0d:80:e3:66:18:b7:71:50:da:67:ec:57:2e:78:e1:
cd:ae:1e:6c:00:fd:99:bf:c2:d6:e1:8a:4a:25:3e:2d:89:31:
5d:f0:4f:b4:41:58:9d:92:23:ec:a2:f7:0d:d6:8e:9d:7a:91:
82:4c:37:46:cd:1e:96:0e:c0:05:45:ff:a1:86:20:ee:7c:95:
26:d1:22:b5:46:04:0b:07:63:7f:51:61:53:5a:56:c5:24:5d:
ce:53:77:02:24:ae:56:70:4b:9e:3f:ed:b2:ac:f7:95:20:3b:
d6:3a:3d:ab:20:63:26:67:d8:21:15:b8:f6:8b:5e:de:97:6d:
fb:31:03:0a:1a:1a:1f:c6:f0:31:04:30:4c:e8:44:52:1d:81:
3f:d9:fe:83
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZUoguod0f9qCgr2LWTCyc54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjIxMTIzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWRlODY5OTI5NTFmOWY5NDdjNmRhZWFlN2MzZDFlMzMwZjA0MTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3NLHckQnD4jSP7N2LCDTN8bvnep
ktnIfrzYuoxjpH6byHkPUoG5EzXL6gZ7eaJEdwZ1t1lUBkKwyI8zaYEcH2QVMCEM
TXy9eG2y/qXL7SQhWx37L4YpB1J5hdxDjZ6WFihJNV94DAUFCxxTfIcLOyvOpc0R
ts8rkQ+et+nPQ67BMcZ+BIJ14aL/Aoka0jGVx73gWS3s7U8VG65FV19OAMVxaRR2
FxcJT8tkwuEPIj+v2tbKqREysP568qxMu13p7h78OlBWnvYvUfp8Je85NJnAB0Yl
LtVeNCm2wuJO+XCPgBwB/bbhQGvEBox+AnYaf0k7QpXOCvYn9OIx+zj0xwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFHehpkpUfn5R8ba6ufD0eMw8EFmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVWQ2R21TbFItZmxIeHRycTU4UFI0ekR3UVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBT2OWAwQA
Upg3AwQAUqMAAwQBUqMKAwQAWdXiAwQAbbAeAwQAbbDQMA0GCSqGSIb3DQEBCwUA
A4IBAQATlj3n9eecD2pYZc7fkoeEWkb0izatnn4kLgwisS/KhqqD+xkAIhX1StPD
qY7O9vDKw/JXk3a3VPXMQsfwlxgK45Y+rixHm3Axwa8z52sIrSXKSwBHl+rrswMP
VT0TNfOcSv33Cw0DqZFZ19dSA2cNgONmGLdxUNpn7FcueOHNrh5sAP2Zv8LW4YpK
JT4tiTFd8E+0QVidkiPsovcN1o6depGCTDdGzR6WDsAFRf+hhiDufJUm0SK1RgQL
B2N/UWFTWlbFJF3OU3cCJK5WcEueP+2yrPeVIDvWOj2rIGMmZ9ghFbj2i17el237
MQMKGhofxvAxBDBM6ERSHYE/2f6D
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:16:45 2025 by rpki-client