Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/uucUmYI6JsmVzUOd6RM4u1Uvm6c.roa
File: uucUmYI6JsmVzUOd6RM4u1Uvm6c.roa (raw, json)
Hash identifier: FHR3fbJwd259J3Jj1zln57qgHYJEZGfouW6MVY+3Iko=
Subject key identifier: BA:E7:14:99:82:3A:26:C9:95:CD:43:9D:E9:13:38:BB:55:2F:9B:A7
Certificate issuer: /CN=36b413e536d99353f0b050ee746ffdd24edb5930
Certificate serial: 019428263D16E34945B615041620B4F34352
Authority key identifier: 36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/uucUmYI6JsmVzUOd6RM4u1Uvm6c.roa
Signing time: Thu 02 Jan 2025 17:53:02 +0000
ROA not before: Thu 02 Jan 2025 17:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 94.125.224.0/24 maxlen: 24
94.125.225.0/24 maxlen: 24
94.125.226.0/24 maxlen: 24
94.125.227.0/24 maxlen: 24
94.125.228.0/24 maxlen: 24
94.125.229.0/24 maxlen: 24
94.125.230.0/24 maxlen: 24
94.125.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:3d:16:e3:49:45:b6:15:04:16:20:b4:f3:43:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b413e536d99353f0b050ee746ffdd24edb5930
Validity
Not Before: Jan 2 17:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bae71499823a26c995cd439de91338bb552f9ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:7b:fe:5a:76:0e:5d:ff:0b:a3:c5:bf:42:
c5:a7:e6:36:06:80:45:20:74:55:b0:3b:94:1c:81:
0e:34:01:fc:8f:13:30:55:91:68:30:71:c6:d5:fe:
15:f3:4f:38:9e:28:ac:ac:fa:11:9c:f6:a1:19:70:
40:81:6d:0b:20:16:07:9f:19:2f:8b:76:65:10:0b:
19:f1:4a:e5:28:e5:69:86:1b:3b:ec:61:9d:f6:f4:
b2:42:bd:dd:3b:3d:c6:96:ad:04:e7:63:9b:99:af:
51:ff:da:ad:1f:57:f6:09:1f:14:a5:09:95:62:bb:
9b:43:0b:c0:86:a5:bd:58:bf:a2:aa:8a:a9:b2:25:
8e:c1:51:ac:23:57:24:19:5e:b8:a5:98:c1:c2:94:
cf:0e:58:65:22:ec:3d:c6:1e:49:80:26:34:71:81:
ec:0d:95:5e:48:d1:9a:43:a9:c9:b2:68:06:64:76:
10:10:8c:b6:f8:7f:ab:e0:6d:04:f0:a4:48:34:99:
ec:ec:ea:ad:63:39:5a:61:26:43:b2:72:c6:7a:66:
5a:75:7e:f9:0b:b8:06:49:41:0e:6d:78:8b:86:2b:
da:23:d5:de:67:07:79:0e:d3:02:95:26:8f:71:65:
40:fe:81:1c:95:ae:69:fd:2d:73:04:7e:fd:cf:d8:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E7:14:99:82:3A:26:C9:95:CD:43:9D:E9:13:38:BB:55:2F:9B:A7
X509v3 Authority Key Identifier:
keyid:36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/uucUmYI6JsmVzUOd6RM4u1Uvm6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.224.0/21
Signature Algorithm: sha256WithRSAEncryption
40:f5:bd:e8:be:91:04:ef:30:d2:a2:28:88:0e:02:c7:70:f2:
b0:47:b5:ae:cf:29:11:d0:75:7b:62:83:25:19:08:b2:8f:63:
c4:bd:15:d5:8e:f3:7b:15:c0:98:b4:e7:7d:e7:01:51:c8:d8:
96:85:d8:8a:4b:ea:e3:37:b4:30:c9:aa:32:22:a4:61:a0:ed:
72:44:8e:5a:66:9f:44:ac:7b:9c:dc:29:07:04:5b:35:4a:48:
35:90:92:14:11:55:43:7e:7d:65:18:a3:8f:17:1f:6e:dd:52:
d7:45:25:ee:5f:0b:89:90:aa:da:a7:85:6e:48:5c:81:26:0e:
7d:bd:71:6c:0d:d5:fc:12:f8:0b:65:26:a3:27:eb:cb:8e:a6:
d6:a4:ed:3f:2f:63:8e:c2:89:47:60:be:07:6e:a9:46:58:90:
0d:1e:63:01:36:98:77:24:a5:29:b6:05:24:60:b2:65:76:82:
7d:2f:a5:f9:44:f4:05:78:97:1c:d4:51:91:2e:df:30:ce:21:
54:24:84:35:fc:c1:5d:bd:b1:e5:a2:e2:76:8b:65:dc:49:d3:
03:05:5f:f7:74:df:94:52:85:d7:f4:ed:b1:a9:d6:1d:bc:77:
98:fe:12:85:d6:62:ef:9f:1e:de:ba:65:15:db:2b:58:82:1b:
15:a2:57:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJj0W40lFthUEFiC080NSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjQxM2U1MzZkOTkzNTNmMGIwNTBlZTc0NmZmZGQyNGVk
YjU5MzAwHhcNMjUwMTAyMTc1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU3MTQ5OTgyM2EyNmM5OTVjZDQzOWRlOTEzMzhiYjU1MmY5YmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze17/lp2Dl3/C6PFv0LFp+Y2BoBF
IHRVsDuUHIEONAH8jxMwVZFoMHHG1f4V8084niisrPoRnPahGXBAgW0LIBYHnxkv
i3ZlEAsZ8UrlKOVphhs77GGd9vSyQr3dOz3Glq0E52Obma9R/9qtH1f2CR8UpQmV
YrubQwvAhqW9WL+iqoqpsiWOwVGsI1ckGV64pZjBwpTPDlhlIuw9xh5JgCY0cYHs
DZVeSNGaQ6nJsmgGZHYQEIy2+H+r4G0E8KRINJns7OqtYzlaYSZDsnLGemZadX75
C7gGSUEObXiLhivaI9XeZwd5DtMClSaPcWVA/oEcla5p/S1zBH79z9gC3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrnFJmCOibJlc1DnekTOLtVL5unMB8GA1UdIwQY
MBaAFDa0E+U22ZNT8LBQ7nRv/dJO21kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEt
YTFmNTczZDA2OWRhLzEvdXVjVW1ZSTZKc21WelVPZDZSTTR1MVV2bTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEtYTFmNTczZDA2OWRh
LzEvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn3gMA0G
CSqGSIb3DQEBCwUAA4IBAQBA9b3ovpEE7zDSoiiIDgLHcPKwR7WuzykR0HV7YoMl
GQiyj2PEvRXVjvN7FcCYtOd95wFRyNiWhdiKS+rjN7QwyaoyIqRhoO1yRI5aZp9E
rHuc3CkHBFs1Skg1kJIUEVVDfn1lGKOPFx9u3VLXRSXuXwuJkKrap4VuSFyBJg59
vXFsDdX8EvgLZSajJ+vLjqbWpO0/L2OOwolHYL4HbqlGWJANHmMBNph3JKUptgUk
YLJldoJ9L6X5RPQFeJcc1FGRLt8wziFUJIQ1/MFdvbHlouJ2i2XcSdMDBV/3dN+U
UoXX9O2xqdYdvHeY/hKF1mLvnx7eumUV2ytYghsVoldy
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:57:54 2025 by rpki-client