Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/uMipqaBEPsKFmFa7P6LE1GLvmcY.roa
File: uMipqaBEPsKFmFa7P6LE1GLvmcY.roa (raw, json)
Hash identifier: DeZN9WBuwTV7YL0ji91sXglOapll+9+y355iMo+VLtw=
Subject key identifier: B8:C8:A9:A9:A0:44:3E:C2:85:98:56:BB:3F:A2:C4:D4:62:EF:99:C6
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 0194266C06AFFF03B07769698071EE3C6286
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/uMipqaBEPsKFmFa7P6LE1GLvmcY.roa
Signing time: Thu 02 Jan 2025 09:50:01 +0000
ROA not before: Thu 02 Jan 2025 09:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 21
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 19
84.45.128.0/17 maxlen: 17
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 19
185.220.12.0/22 maxlen: 22
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:06:af:ff:03:b0:77:69:69:80:71:ee:3c:62:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Jan 2 09:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8c8a9a9a0443ec2859856bb3fa2c4d462ef99c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c4:61:dc:9e:95:0a:42:f6:bd:7f:35:c3:24:
9a:d3:c9:f9:58:ff:ec:02:36:84:bc:e8:83:79:4a:
38:ed:de:69:80:a8:da:61:e3:ae:d8:05:9e:c7:dc:
4a:59:3b:39:c7:68:ea:c8:2a:59:60:ff:f8:2e:0b:
9b:77:5c:25:2f:fc:f2:89:63:f9:5c:dc:9d:98:48:
51:b8:34:49:91:bf:15:d9:cf:0c:c8:93:62:9e:bb:
b0:84:00:ac:4e:e3:e7:83:f3:00:42:69:f5:3b:77:
e6:fa:3c:17:f7:73:87:e0:63:75:1c:7c:bc:00:7d:
f3:ee:db:9e:db:9b:f7:12:78:c9:6d:b4:35:e6:56:
39:e2:ed:ac:55:9f:d6:43:b6:70:11:5b:b3:06:e8:
af:2c:a5:ac:e5:60:3a:9d:32:56:5d:42:99:6a:68:
3d:ee:30:bf:e9:3b:1d:7b:df:c6:e7:e4:9d:2f:e4:
ea:62:c3:41:b1:74:d5:fe:37:b3:61:85:f8:e8:f3:
73:90:ca:a6:15:e6:41:96:f5:d2:10:58:a2:b8:0e:
e6:8c:2f:30:a2:6e:e2:54:9a:58:f9:66:63:4e:1f:
03:0a:9e:11:e0:ab:0b:18:8f:4b:8f:f2:0c:ba:1c:
d7:1a:d2:39:0a:15:f3:1c:cf:1b:13:71:1c:e1:81:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C8:A9:A9:A0:44:3E:C2:85:98:56:BB:3F:A2:C4:D4:62:EF:99:C6
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/uMipqaBEPsKFmFa7P6LE1GLvmcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
Signature Algorithm: sha256WithRSAEncryption
24:ff:f8:f0:96:ca:5b:7d:6f:17:a3:fb:63:e8:ff:16:73:29:
30:01:af:49:9c:4c:74:c1:4c:a9:51:f2:36:5d:28:80:10:7d:
f6:66:d1:49:a4:d6:6c:36:ae:df:bb:a1:ce:01:b6:17:57:dc:
6b:a5:2e:a9:f9:8f:8c:5c:ea:66:8a:b8:34:02:01:cf:71:c6:
32:6e:08:fe:91:60:ee:54:aa:bf:d5:2d:bc:9f:f0:95:0c:16:
af:40:bf:39:c8:7b:07:fe:28:68:64:33:83:62:55:3e:4e:a8:
6b:49:50:5d:27:73:fb:1c:8a:13:2d:9b:22:69:fe:88:8a:25:
5f:8d:19:e3:d7:36:6c:b5:58:13:b5:cc:82:22:6a:92:a0:3a:
f1:4c:76:22:73:f4:b3:ac:63:92:c1:2b:8e:56:d4:ed:d9:86:
2a:ec:b3:b2:c4:9a:0e:50:35:69:c2:93:af:bd:a1:cf:c7:29:
06:51:65:0c:4f:22:a0:28:78:db:7c:ef:92:39:ba:0d:2b:32:
40:60:0b:28:91:48:b7:80:b6:5b:29:a7:4d:4f:60:70:a8:42:
ce:dc:37:63:a7:da:4f:f6:b7:f7:f4:14:9b:1f:3d:cf:93:a2:
e2:1b:35:5e:54:d6:61:cb:13:a4:c1:b4:2f:46:dc:77:15:ba:
64:6d:c0:c7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQmbAav/wOwd2lpgHHuPGKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwMTAyMDk1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM4YTlhOWEwNDQzZWMyODU5ODU2YmIzZmEyYzRkNDYyZWY5OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8Rh3J6VCkL2vX81wySa08n5WP/s
AjaEvOiDeUo47d5pgKjaYeOu2AWex9xKWTs5x2jqyCpZYP/4Lgubd1wlL/zyiWP5
XNydmEhRuDRJkb8V2c8MyJNinruwhACsTuPng/MAQmn1O3fm+jwX93OH4GN1HHy8
AH3z7tue25v3EnjJbbQ15lY54u2sVZ/WQ7ZwEVuzBuivLKWs5WA6nTJWXUKZamg9
7jC/6Tsde9/G5+SdL+TqYsNBsXTV/jezYYX46PNzkMqmFeZBlvXSEFiiuA7mjC8w
om7iVJpY+WZjTh8DCp4R4KsLGI9Lj/IMuhzXGtI5ChXzHM8bE3Ec4YGqtwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLjIqamgRD7ChZhWuz+ixNRi75nGMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvdU1pcHFhQkVQc0tGbUZhN1A2TEUxR0x2bWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQDLv4AAwQG
PvnAAwMBTiADBARPj5ADBAVRH2ADBAdULYADAwBXfwMEBW3goAMEArncDAMDALwn
AwQFw0pgMA0EAgACMAcDBQMgAU1IMA0GCSqGSIb3DQEBCwUAA4IBAQAk//jwlspb
fW8Xo/tj6P8WcykwAa9JnEx0wUypUfI2XSiAEH32ZtFJpNZsNq7fu6HOAbYXV9xr
pS6p+Y+MXOpmirg0AgHPccYybgj+kWDuVKq/1S28n/CVDBavQL85yHsH/ihoZDOD
YlU+TqhrSVBdJ3P7HIoTLZsiaf6IiiVfjRnj1zZstVgTtcyCImqSoDrxTHYic/Sz
rGOSwSuOVtTt2YYq7LOyxJoOUDVpwpOvvaHPxykGUWUMTyKgKHjbfO+SOboNKzJA
YAsokUi3gLZbKadNT2BwqELO3Ddjp9pP9rf39BSbHz3Pk6LiGzVeVNZhyxOkwbQv
Rtx3FbpkbcDH
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:41 2025 by rpki-client