Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/uiXugz_zdUbpxMkNc0xXlcVLf8Q.roa
File: uiXugz_zdUbpxMkNc0xXlcVLf8Q.roa (raw, json)
Hash identifier: v6GaXjJ/81kT64ynxaO/yyZsUsxo0QcrAwLzz7FnW/8=
Subject key identifier: BA:25:EE:83:3F:F3:75:46:E9:C4:C9:0D:73:4C:57:95:C5:4B:7F:C4
Certificate issuer: /CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Certificate serial: 01941FFA2F39DAC7B9CD1AEC59212175C7A4
Authority key identifier: 63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/uiXugz_zdUbpxMkNc0xXlcVLf8Q.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 86.119.0.0/16 maxlen: 16
130.59.0.0/16 maxlen: 16
192.65.92.0/23 maxlen: 23
192.65.94.0/24 maxlen: 24
192.86.166.0/24 maxlen: 24
195.176.0.0/17 maxlen: 17
195.176.160.0/19 maxlen: 19
195.176.224.0/19 maxlen: 19
2001:620::/29 maxlen: 29
2001:620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/YxGp1MECUvv3O3Fl81rMHc6fCpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/YxGp1MECUvv3O3Fl81rMHc6fCpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2f:39:da:c7:b9:cd:1a:ec:59:21:21:75:c7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba25ee833ff37546e9c4c90d734c5795c54b7fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:73:43:af:c9:77:d8:b5:f9:93:fd:4a:a7:
9b:1a:99:d7:17:65:2e:bf:07:6f:0c:3d:17:25:65:
9b:83:67:bc:11:27:a9:a5:2f:5a:9f:27:96:f0:fb:
37:e6:71:ce:3e:ee:5d:d6:67:82:72:1e:61:71:6c:
5b:6f:14:35:95:f2:01:e6:97:76:cc:8a:91:cd:75:
27:0a:ff:27:bf:f5:a3:27:2c:ad:28:f5:3c:a8:f9:
95:bd:75:ec:d5:20:66:29:bc:1a:5c:03:64:67:2d:
ca:ef:b5:8b:1f:0c:22:3f:22:00:6a:4d:29:1f:c0:
09:a1:e4:0a:3f:d9:77:42:a9:ba:fd:87:b4:ee:b8:
1c:32:7b:5c:b5:61:48:64:86:58:6b:4e:5b:3a:ef:
d9:01:36:fa:2c:5a:0f:a5:28:eb:b2:2a:2a:09:56:
2c:0a:9e:08:a1:f5:91:a9:b8:25:4b:1f:c3:ea:a4:
6b:71:3d:65:3e:26:ee:19:69:a8:93:4c:cd:b6:46:
70:db:67:92:3b:14:49:ad:ee:78:f0:58:e7:35:f7:
b2:5d:9e:8a:70:45:ca:c7:ec:59:44:dc:f9:f3:69:
63:9f:a8:07:36:89:56:a7:b0:f7:a4:2d:e7:0f:80:
f2:65:87:53:e6:da:5b:f4:35:35:34:b1:4b:68:60:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:25:EE:83:3F:F3:75:46:E9:C4:C9:0D:73:4C:57:95:C5:4B:7F:C4
X509v3 Authority Key Identifier:
keyid:63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/uiXugz_zdUbpxMkNc0xXlcVLf8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/YxGp1MECUvv3O3Fl81rMHc6fCpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.119.0.0/16
130.59.0.0/16
192.65.92.0-192.65.94.255
192.86.166.0/24
195.176.0.0/17
195.176.160.0/19
195.176.224.0/19
IPv6:
2001:620::/29
Signature Algorithm: sha256WithRSAEncryption
6e:03:9c:a1:6f:74:7e:6d:b5:ba:fa:37:87:ff:79:14:fc:2d:
7b:c7:93:4e:39:04:99:0c:c2:22:1e:5f:5b:6f:a3:bb:e4:33:
07:2b:11:5e:58:70:76:92:64:74:10:6d:1c:5c:89:c0:39:10:
00:c3:cf:36:83:50:d4:71:8c:f4:c9:61:ba:c9:ad:29:3e:90:
3c:24:d4:79:3b:ca:0a:57:75:26:e1:ff:78:8c:f4:fb:79:3e:
22:1c:f9:0b:7a:10:bf:29:94:70:43:e7:6c:0b:a5:97:cd:fc:
7a:b3:2f:e3:b4:41:25:ac:cf:a6:f0:ca:73:28:ad:61:e0:82:
19:44:0e:fb:95:d6:8a:1f:86:52:ce:16:fc:34:f5:8b:6c:cd:
ca:7a:1f:88:5c:2c:d2:86:37:0b:f1:3a:bf:ce:9b:57:c2:c9:
66:61:e7:cd:d0:d9:34:1e:ec:13:09:e0:49:ec:99:30:54:a2:
0f:5b:66:19:5f:99:45:40:24:a5:ef:9d:c5:d3:ca:f9:b2:8a:
20:51:e4:b2:ee:c8:26:3e:3f:bb:d3:76:15:57:e0:bf:4e:7e:
71:88:7d:b6:95:73:9d:58:df:89:49:2b:68:00:cc:22:5e:75:
0a:c0:01:54:b3:12:ae:d7:5e:f8:d3:38:ab:0e:5e:2b:8b:6e:
d9:34:8a:61
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQf+i852se5zRrsWSEhdcekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTFhOWQ0YzEwMjUyZmJmNzNiNzE2NWYzNWFjYzFkY2U5
ZjBhOTMwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTI1ZWU4MzNmZjM3NTQ2ZTljNGM5MGQ3MzRjNTc5NWM1NGI3ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA1zQ6/Jd9i1+ZP9SqebGpnXF2Uu
vwdvDD0XJWWbg2e8ESeppS9anyeW8Ps35nHOPu5d1meCch5hcWxbbxQ1lfIB5pd2
zIqRzXUnCv8nv/WjJyytKPU8qPmVvXXs1SBmKbwaXANkZy3K77WLHwwiPyIAak0p
H8AJoeQKP9l3Qqm6/Ye07rgcMntctWFIZIZYa05bOu/ZATb6LFoPpSjrsioqCVYs
Cp4IofWRqbglSx/D6qRrcT1lPibuGWmok0zNtkZw22eSOxRJre548FjnNfeyXZ6K
cEXKx+xZRNz582ljn6gHNolWp7D3pC3nD4DyZYdT5tpb9DU1NLFLaGAe9wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLol7oM/83VG6cTJDXNMV5XFS3/EMB8GA1UdIwQY
MBaAFGMRqdTBAlL79ztxZfNazB3OnwqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMt
N2NmZDk1N2YwOGZmLzEvdWlYdWd6X3pkVWJweE1rTmMweFhsY1ZMZjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMtN2NmZDk1N2YwOGZm
LzEvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwMAVncDAwCC
OzAMAwQCwEFcAwQAwEFeAwQAwFamAwQHw7AAAwQFw7CgAwQFw7DgMA0EAgACMAcD
BQMgAQYgMA0GCSqGSIb3DQEBCwUAA4IBAQBuA5yhb3R+bbW6+jeH/3kU/C17x5NO
OQSZDMIiHl9bb6O75DMHKxFeWHB2kmR0EG0cXInAORAAw882g1DUcYz0yWG6ya0p
PpA8JNR5O8oKV3Um4f94jPT7eT4iHPkLehC/KZRwQ+dsC6WXzfx6sy/jtEElrM+m
8MpzKK1h4IIZRA77ldaKH4ZSzhb8NPWLbM3Keh+IXCzShjcL8Tq/zptXwslmYefN
0Nk0HuwTCeBJ7JkwVKIPW2YZX5lFQCSl753F08r5soogUeSy7sgmPj+703YVV+C/
Tn5xiH22lXOdWN+JSStoAMwiXnUKwAFUsxKu11740zirDl4ri27ZNIph
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:58:42 2025 by rpki-client