Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/uZvIw4DMtYOiY7JlOgb63vTUcZI.roa
File: uZvIw4DMtYOiY7JlOgb63vTUcZI.roa (raw, json)
Hash identifier: g2eHsXH9Y/MXPOSVAzGV6O9aHOUSDc6gHQknS8yIWx0=
Subject key identifier: B9:9B:C8:C3:80:CC:B5:83:A2:63:B2:65:3A:06:FA:DE:F4:D4:71:92
Certificate issuer: /CN=64e7553292af595426ee1d7dc919a2104894752b
Certificate serial: 01942747F23DF185A9431BDC931AF14D53BC
Authority key identifier: 64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/uZvIw4DMtYOiY7JlOgb63vTUcZI.roa
Signing time: Thu 02 Jan 2025 13:50:13 +0000
ROA not before: Thu 02 Jan 2025 13:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205209
IP address blocks: 141.226.250.0/23 maxlen: 23
141.226.250.0/24 maxlen: 24
185.223.0.0/22 maxlen: 22
2a0d:2800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/ZOdVMpKvWVQm7h19yRmiEEiUdSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/ZOdVMpKvWVQm7h19yRmiEEiUdSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f2:3d:f1:85:a9:43:1b:dc:93:1a:f1:4d:53:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e7553292af595426ee1d7dc919a2104894752b
Validity
Not Before: Jan 2 13:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b99bc8c380ccb583a263b2653a06fadef4d47192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:35:9c:88:39:e4:f7:d0:92:e4:7d:f3:e6:48:
29:d1:22:b8:d4:dd:05:d6:1d:ed:67:c4:5f:49:84:
a7:71:2a:62:58:99:fe:14:b9:9e:29:23:1d:d4:41:
36:92:f2:ca:01:99:91:17:93:f2:f7:e5:c8:35:6e:
c7:93:72:e1:a7:25:fb:38:c1:8c:b2:c1:03:23:b1:
53:92:a8:55:a5:03:14:f6:a3:ed:85:a4:79:4c:93:
3a:81:d6:9b:e2:3f:29:a9:f6:58:93:35:36:4d:f5:
d8:fb:15:b2:63:fd:11:a2:7d:6f:4c:54:86:31:49:
f7:8d:ec:02:53:2d:da:bc:6d:5b:14:75:e5:25:f7:
cc:cd:18:f7:50:a4:c8:c8:4b:69:d9:11:42:3b:83:
6d:37:77:78:c5:c6:28:c8:3e:86:e9:25:d1:90:a5:
b8:3b:a2:a6:a8:be:11:22:0f:13:08:5a:26:1f:af:
e7:09:87:07:5d:2d:40:d8:12:dc:1a:01:8b:20:0c:
d3:b2:89:93:28:c5:33:f7:1b:84:4f:e2:f0:b3:b2:
09:3a:16:24:03:1d:e7:60:2a:66:70:6b:aa:58:09:
33:cd:6c:ca:ac:03:00:16:38:f4:c6:96:46:1f:33:
17:2c:03:08:05:03:2b:dc:75:3f:1e:bb:bb:35:b4:
c9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9B:C8:C3:80:CC:B5:83:A2:63:B2:65:3A:06:FA:DE:F4:D4:71:92
X509v3 Authority Key Identifier:
keyid:64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/uZvIw4DMtYOiY7JlOgb63vTUcZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/ZOdVMpKvWVQm7h19yRmiEEiUdSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.250.0/23
185.223.0.0/22
IPv6:
2a0d:2800::/29
Signature Algorithm: sha256WithRSAEncryption
42:99:ac:da:d7:32:da:ef:86:79:17:4a:63:69:7b:2b:e8:65:
6a:20:86:20:7b:4d:37:d1:bd:1f:7e:0b:ad:6d:53:70:a8:71:
60:45:ce:63:c8:5f:8f:d2:47:62:08:06:ab:02:91:81:2c:66:
6f:b8:18:e8:e7:99:0e:1f:9b:a4:1e:8a:34:91:53:da:94:12:
13:56:09:fd:cb:c2:d8:3e:81:e4:dd:f9:9f:44:71:1d:8a:07:
e7:3a:42:d0:96:85:17:34:b2:28:1c:32:10:94:2a:e3:c8:8a:
f4:43:f3:5a:06:84:e8:a6:5b:3f:18:d3:2d:62:de:82:f6:12:
d3:04:e8:dd:5c:1c:f8:a5:06:0d:8b:fc:0a:81:d3:a2:ff:ff:
d6:5c:6b:7b:a7:24:0f:d0:ca:85:e9:20:9d:20:4c:1f:66:ea:
07:07:80:09:53:9d:00:e3:9a:bc:98:df:81:5c:cc:6e:4b:33:
30:da:dd:6f:0e:1c:e4:f4:0a:3f:31:cd:ce:f8:d9:7f:0a:9f:
e9:9a:b2:83:b5:d1:3f:b5:0a:f6:cc:95:fe:ef:56:58:c7:47:
60:5a:b8:d6:91:12:0a:23:fb:1d:b1:15:b3:10:fa:f5:cc:85:
e5:cf:15:c6:37:32:04:87:cf:a9:c9:94:d5:d5:24:06:35:35:
70:1f:7a:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnR/I98YWpQxvckxrxTVO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZTc1NTMyOTJhZjU5NTQyNmVlMWQ3ZGM5MTlhMjEwNDg5
NDc1MmIwHhcNMjUwMTAyMTM1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTliYzhjMzgwY2NiNTgzYTI2M2IyNjUzYTA2ZmFkZWY0ZDQ3MTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DWciDnk99CS5H3z5kgp0SK41N0F
1h3tZ8RfSYSncSpiWJn+FLmeKSMd1EE2kvLKAZmRF5Py9+XINW7Hk3LhpyX7OMGM
ssEDI7FTkqhVpQMU9qPthaR5TJM6gdab4j8pqfZYkzU2TfXY+xWyY/0Ron1vTFSG
MUn3jewCUy3avG1bFHXlJffMzRj3UKTIyEtp2RFCO4NtN3d4xcYoyD6G6SXRkKW4
O6KmqL4RIg8TCFomH6/nCYcHXS1A2BLcGgGLIAzTsomTKMUz9xuET+Lws7IJOhYk
Ax3nYCpmcGuqWAkzzWzKrAMAFjj0xpZGHzMXLAMIBQMr3HU/Hru7NbTJnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLmbyMOAzLWDomOyZToG+t701HGSMB8GA1UdIwQY
MBaAFGTnVTKSr1lUJu4dfckZohBIlHUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAt
YzE0ZmFmNDNiZTE0LzEvdVp2SXc0RE10WU9pWTdKbE9nYjYzdlRVY1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAtYzE0ZmFmNDNiZTE0
LzEvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBjeL6AwQC
ud8AMA0EAgACMAcDBQMqDSgAMA0GCSqGSIb3DQEBCwUAA4IBAQBCmaza1zLa74Z5
F0pjaXsr6GVqIIYge0030b0ffgutbVNwqHFgRc5jyF+P0kdiCAarApGBLGZvuBjo
55kOH5ukHoo0kVPalBITVgn9y8LYPoHk3fmfRHEdigfnOkLQloUXNLIoHDIQlCrj
yIr0Q/NaBoTopls/GNMtYt6C9hLTBOjdXBz4pQYNi/wKgdOi///WXGt7pyQP0MqF
6SCdIEwfZuoHB4AJU50A45q8mN+BXMxuSzMw2t1vDhzk9Ao/Mc3O+Nl/Cp/pmrKD
tdE/tQr2zJX+71ZYx0dgWrjWkRIKI/sdsRWzEPr1zIXlzxXGNzIEh8+pyZTV1SQG
NTVwH3rf
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:42:52 2025 by rpki-client