Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/UY_6W8Weiu8wfSraZN42RZZCh9E.roa
File: UY_6W8Weiu8wfSraZN42RZZCh9E.roa (raw, json)
Hash identifier: v6nlIIdPdLR7D5BuTrHHAZdgu5wLraNYTQd+Byp51pA=
Subject key identifier: 51:8F:FA:5B:C5:9E:8A:EF:30:7D:2A:DA:64:DE:36:45:96:42:87:D1
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 01942521E342C257B7E0CA2F83DFC6586739
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/UY_6W8Weiu8wfSraZN42RZZCh9E.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12929
IP address blocks: 46.15.0.0/16 maxlen: 16
80.232.124.0/24 maxlen: 24
89.8.0.0/15 maxlen: 15
89.9.254.0/24 maxlen: 24
176.11.0.0/16 maxlen: 16
212.45.160.0/19 maxlen: 19
212.125.252.0/22 maxlen: 22
212.169.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e3:42:c2:57:b7:e0:ca:2f:83:df:c6:58:67:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=518ffa5bc59e8aef307d2ada64de3645964287d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:47:d1:d7:89:41:b0:cb:7f:6a:82:e9:34:
c4:70:f8:2c:99:9d:93:b0:52:8b:d1:fb:9d:d5:f1:
4b:af:69:02:dd:d1:27:1c:c4:8b:35:b7:61:04:db:
6c:59:95:2e:e0:07:f8:dc:42:62:09:e2:da:df:30:
8c:8b:bb:94:57:21:98:30:9f:10:0f:b8:b8:78:16:
49:77:a6:7a:7f:4b:95:06:99:0e:32:1a:2c:3b:d6:
2a:74:22:7d:23:e5:54:d6:76:46:a1:59:ec:4e:af:
94:a4:87:7f:0d:3d:de:96:4f:5a:7a:6f:99:8d:6d:
c9:4f:c9:73:e0:61:3d:b9:a7:5b:cd:f8:4d:eb:46:
8b:61:e9:ab:8e:2b:6b:01:89:4c:b7:31:d1:18:6e:
ce:d4:e3:7a:1a:b8:0e:c2:62:b6:7a:32:36:d6:75:
42:0c:c4:71:d6:80:5f:79:46:b7:90:c1:ce:8b:ca:
a3:a8:72:05:99:7d:e4:7b:5f:3c:95:e9:6a:7a:6b:
f9:b3:20:72:f3:14:85:76:97:2a:9e:1f:52:11:cf:
3c:3c:4e:0a:19:70:0c:12:3a:d1:5d:22:ee:4d:76:
04:0b:ab:6f:77:54:92:c0:62:6b:7e:7a:37:18:0b:
f8:1b:67:39:b1:66:2d:d5:e7:77:ee:9c:85:99:27:
3e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8F:FA:5B:C5:9E:8A:EF:30:7D:2A:DA:64:DE:36:45:96:42:87:D1
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/UY_6W8Weiu8wfSraZN42RZZCh9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.15.0.0/16
80.232.124.0/24
89.8.0.0/15
176.11.0.0/16
212.45.160.0/19
212.125.252.0/22
212.169.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:c1:63:6e:b9:eb:2b:55:48:e7:d9:f1:c1:4e:b1:36:f0:98:
9c:4c:87:a3:14:1e:71:4e:57:c9:e4:be:5c:79:1b:20:b2:93:
67:c5:d4:a5:5d:3c:44:04:dc:eb:e0:c7:0d:48:cb:23:84:42:
f6:d2:bf:59:90:78:c4:17:1d:af:a8:3d:39:c9:47:67:25:5c:
57:7a:60:28:9a:38:11:83:4f:32:b5:5d:9d:eb:38:14:ff:14:
26:66:f3:9e:3c:5a:6e:13:47:e7:8a:38:4b:ac:f4:f7:af:16:
ab:2a:93:7b:16:8c:6e:1e:48:59:c4:eb:0a:08:30:1a:68:47:
6c:cb:e5:e4:53:a2:4c:17:70:8d:c9:ae:e6:18:98:9b:4f:44:
d1:69:cc:31:5a:73:87:e5:e2:f3:78:ce:dd:4f:da:90:15:50:
74:1d:a7:d8:69:71:51:bc:c2:fa:f3:72:1e:64:2e:ff:97:8e:
90:96:2d:71:53:8a:c1:0a:6a:0e:33:e2:7f:a1:7a:18:4d:df:
90:8a:a8:b7:61:04:d2:f8:19:63:06:3f:b4:32:b0:50:14:47:
95:bc:4a:7b:47:0f:c1:6b:ac:d0:3c:79:a1:cb:59:f5:d8:5e:
2f:ef:0b:ac:a2:31:16:c1:08:1d:07:0e:1f:88:94:5b:a7:b6:
35:4b:8c:00
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQlIeNCwle34Movg9/GWGc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThmZmE1YmM1OWU4YWVmMzA3ZDJhZGE2NGRlMzY0NTk2NDI4N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta1H0deJQbDLf2qC6TTEcPgsmZ2T
sFKL0fud1fFLr2kC3dEnHMSLNbdhBNtsWZUu4Af43EJiCeLa3zCMi7uUVyGYMJ8Q
D7i4eBZJd6Z6f0uVBpkOMhosO9YqdCJ9I+VU1nZGoVnsTq+UpId/DT3elk9aem+Z
jW3JT8lz4GE9uadbzfhN60aLYemrjitrAYlMtzHRGG7O1ON6GrgOwmK2ejI21nVC
DMRx1oBfeUa3kMHOi8qjqHIFmX3ke188lelqemv5syBy8xSFdpcqnh9SEc88PE4K
GXAMEjrRXSLuTXYEC6tvd1SSwGJrfno3GAv4G2c5sWYt1ed37pyFmSc+aQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFGP+lvFnorvMH0q2mTeNkWWQofRMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvVVlfNlc4V2VpdTh3ZlNyYVpONDJSWlpDaDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMALg8DBABQ
6HwDAwFZCAMDALALAwQF1C2gAwQC1H38AwQG1KlAMA0GCSqGSIb3DQEBCwUAA4IB
AQCQwWNuuesrVUjn2fHBTrE28JicTIejFB5xTlfJ5L5ceRsgspNnxdSlXTxEBNzr
4McNSMsjhEL20r9ZkHjEFx2vqD05yUdnJVxXemAomjgRg08ytV2d6zgU/xQmZvOe
PFpuE0fnijhLrPT3rxarKpN7FoxuHkhZxOsKCDAaaEdsy+XkU6JMF3CNya7mGJib
T0TRacwxWnOH5eLzeM7dT9qQFVB0HafYaXFRvML683IeZC7/l46Qli1xU4rBCmoO
M+J/oXoYTd+Qiqi3YQTS+BljBj+0MrBQFEeVvEp7Rw/Ba6zQPHmhy1n12F4v7wus
ojEWwQgdBw4fiJRbp7Y1S4wA
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:54 2025 by rpki-client