Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ux_GqYHXmZocuOppLlDDU7W7nJk.roa
File: ux_GqYHXmZocuOppLlDDU7W7nJk.roa (raw, json)
Hash identifier: IrC7X0/W+fjzN/PrVDL3lUuhJiDjnAPAkEsKq+cTMlk=
Subject key identifier: BB:1F:C6:A9:81:D7:99:9A:1C:B8:EA:69:2E:50:C3:53:B5:BB:9C:99
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 019547DAD9EB6D759C182D9A74622108C5BB
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ux_GqYHXmZocuOppLlDDU7W7nJk.roa
Signing time: Thu 27 Feb 2025 14:41:19 +0000
ROA not before: Thu 27 Feb 2025 14:41:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200313
IP address blocks: 45.142.2.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
185.217.136.0/24 maxlen: 24
185.224.218.0/24 maxlen: 24
185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.mft
rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:da:d9:eb:6d:75:9c:18:2d:9a:74:62:21:08:c5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 27 14:41:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb1fc6a981d7999a1cb8ea692e50c353b5bb9c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:48:9d:84:2b:07:d1:12:de:f8:5a:1b:19:
1c:9c:14:21:a5:c1:6c:22:e0:73:15:86:75:32:31:
6c:35:b4:e1:1c:b1:0c:6b:07:29:eb:7d:51:cb:6c:
ed:0a:73:93:f7:38:f1:72:06:93:c4:5d:7c:dd:38:
b9:86:13:27:21:38:96:b7:f5:0f:b7:22:20:55:fe:
78:35:4a:7a:2e:fd:90:a5:73:b6:99:40:1b:fd:80:
ae:ff:7a:e8:0c:1d:2a:11:de:22:02:a3:80:fe:74:
10:bb:47:d0:43:11:19:e9:c4:5c:2e:13:b0:a0:20:
9a:f4:d9:d3:b1:30:61:cf:11:3a:c7:78:d2:14:01:
c2:ee:b1:62:86:90:45:11:0c:38:7f:76:12:ec:e2:
f5:45:06:88:3c:cb:74:b9:3f:26:6f:ee:73:1f:68:
11:41:0a:23:4f:dd:a7:5f:18:8c:72:17:a9:4b:0b:
37:3e:33:05:23:c2:1f:4d:89:b1:8b:84:21:79:0f:
22:cf:8c:1c:9f:96:37:19:cb:f5:01:db:75:13:78:
c4:fe:5c:18:cd:c0:90:ba:b2:1c:9c:d7:e7:b8:74:
16:bd:65:bf:97:1d:fb:d1:7a:8e:15:c2:5e:76:6f:
f6:95:fc:81:9f:01:d1:00:38:ea:e5:36:46:da:1a:
48:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1F:C6:A9:81:D7:99:9A:1C:B8:EA:69:2E:50:C3:53:B5:BB:9C:99
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/ux_GqYHXmZocuOppLlDDU7W7nJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.2.0/24
185.212.128.0/22
185.217.136.0/24
185.224.218.0/24
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
92:ac:9a:8c:4b:c3:2e:a5:5d:57:19:c3:b0:a6:18:a8:6e:01:
27:8d:df:30:4b:a2:7b:4f:da:78:c7:9c:31:ad:02:e4:2d:00:
54:d5:58:3f:9f:88:fe:bb:4d:b6:5e:a3:23:9c:a2:33:f1:ee:
62:38:52:f5:e1:0b:f9:d1:e0:db:c9:a8:1a:88:45:2f:62:5a:
7a:f7:a3:4b:8d:32:0c:aa:b4:11:82:9b:8b:d2:7b:a6:2d:53:
74:1f:aa:b2:39:27:15:bb:87:93:ef:44:64:50:f0:5b:43:cf:
75:30:00:3a:05:5b:5e:26:a2:8f:a3:81:e2:08:be:17:4c:e0:
d2:b9:06:79:98:58:90:58:71:18:99:19:d1:f2:9e:c0:c5:fe:
9f:3a:26:d3:d0:29:5e:2f:ee:38:40:e4:a6:4b:50:94:a6:59:
5e:a1:d4:5d:d9:54:ae:5b:01:f1:3b:98:a0:63:be:d4:c5:1d:
9e:1b:06:83:11:7f:7e:8a:3c:f6:2d:30:0e:07:d6:85:cd:ed:
77:56:01:e7:62:40:82:f5:42:44:08:f7:0d:32:7b:fb:38:16:
bb:22:dd:57:92:35:be:0b:67:fb:a1:41:61:47:3c:c4:9c:22:
87:dc:11:1d:fe:be:5e:75:f4:b0:4a:6a:7a:b5:42:8a:5b:02:
df:df:5c:1c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZVH2tnrbXWcGC2adGIhCMW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMjI3MTQ0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFmYzZhOTgxZDc5OTlhMWNiOGVhNjkyZTUwYzM1M2I1YmI5Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtFInYQrB9ES3vhaGxkcnBQhpcFs
IuBzFYZ1MjFsNbThHLEMawcp631Ry2ztCnOT9zjxcgaTxF183Ti5hhMnITiWt/UP
tyIgVf54NUp6Lv2QpXO2mUAb/YCu/3roDB0qEd4iAqOA/nQQu0fQQxEZ6cRcLhOw
oCCa9NnTsTBhzxE6x3jSFAHC7rFihpBFEQw4f3YS7OL1RQaIPMt0uT8mb+5zH2gR
QQojT92nXxiMchepSws3PjMFI8IfTYmxi4QheQ8iz4wcn5Y3Gcv1Adt1E3jE/lwY
zcCQurIcnNfnuHQWvWW/lx370XqOFcJedm/2lfyBnwHRADjq5TZG2hpItwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLsfxqmB15maHLjqaS5Qw1O1u5yZMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvdXhfR3FZSFhtWm9jdU9wcExsRERVN1c3bkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQALY4CAwQC
udSAAwQAudmIAwQAueDaAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0W
QwMFACoNY8AwDQYJKoZIhvcNAQELBQADggEBAJKsmoxLwy6lXVcZw7CmGKhuASeN
3zBLontP2njHnDGtAuQtAFTVWD+fiP67TbZeoyOcojPx7mI4UvXhC/nR4NvJqBqI
RS9iWnr3o0uNMgyqtBGCm4vSe6YtU3QfqrI5JxW7h5PvRGRQ8FtDz3UwADoFW14m
oo+jgeIIvhdM4NK5BnmYWJBYcRiZGdHynsDF/p86JtPQKV4v7jhA5KZLUJSmWV6h
1F3ZVK5bAfE7mKBjvtTFHZ4bBoMRf36KPPYtMA4H1oXN7XdWAediQIL1QkQI9w0y
e/s4Frsi3VeSNb4LZ/uhQWFHPMScIofcER3+vl519LBKanq1QopbAt/fXBw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:16:00 2025 by rpki-client