Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ufg6XzRgoNG-SJwB5vLfRpSdKwM.roa
File: Ufg6XzRgoNG-SJwB5vLfRpSdKwM.roa (raw, json)
Hash identifier: JG7/C3Qu/BlDNJo3Xbaaiz8UsqXv4SIf7aVJX/4oLC8=
Subject key identifier: 51:F8:3A:5F:34:60:A0:D1:BE:48:9C:01:E6:F2:DF:46:94:9D:2B:03
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686DAF8CF27D9DDD38CC39734A02EA9
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ufg6XzRgoNG-SJwB5vLfRpSdKwM.roa
Signing time: Thu 02 Jan 2025 10:19:19 +0000
ROA not before: Thu 02 Jan 2025 10:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51747
IP address blocks: 5.133.192.0/19 maxlen: 20
5.198.248.0/21 maxlen: 24
45.142.64.0/22 maxlen: 24
45.146.48.0/22 maxlen: 24
45.150.72.0/22 maxlen: 24
80.248.224.0/20 maxlen: 20
95.215.168.0/22 maxlen: 24
141.138.208.0/21 maxlen: 24
151.248.0.0/21 maxlen: 21
151.252.24.0/21 maxlen: 21
176.74.192.0/21 maxlen: 21
185.12.148.0/22 maxlen: 22
185.12.248.0/22 maxlen: 22
185.13.40.0/22 maxlen: 24
185.122.112.0/22 maxlen: 24
185.123.32.0/22 maxlen: 24
185.123.92.0/22 maxlen: 24
185.129.24.0/22 maxlen: 24
185.129.64.0/22 maxlen: 24
185.130.244.0/22 maxlen: 24
185.139.152.0/22 maxlen: 24
185.139.160.0/22 maxlen: 24
185.139.164.0/22 maxlen: 24
185.139.172.0/22 maxlen: 24
185.141.72.0/22 maxlen: 24
185.141.88.0/22 maxlen: 24
185.142.80.0/22 maxlen: 24
185.142.228.0/22 maxlen: 24
185.159.184.0/22 maxlen: 24
185.159.192.0/22 maxlen: 24
185.236.40.0/22 maxlen: 24
193.19.80.0/23 maxlen: 24
193.247.74.0/23 maxlen: 24
193.247.126.0/23 maxlen: 24
195.88.110.0/23 maxlen: 24
195.95.184.0/24 maxlen: 24
195.189.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:da:f8:cf:27:d9:dd:d3:8c:c3:97:34:a0:2e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51f83a5f3460a0d1be489c01e6f2df46949d2b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e2:67:76:80:0e:eb:3c:f8:2c:e6:e0:66:7f:
57:63:76:54:51:19:bf:73:c4:74:87:d8:e7:8a:86:
01:44:2a:1e:39:7d:81:19:ce:23:f2:de:97:c0:78:
ff:a8:37:d8:75:82:ed:9d:40:d8:4a:6f:02:4e:a4:
20:6f:3b:5c:44:2b:4f:c7:97:b5:c7:eb:bc:e7:3e:
73:48:40:3e:db:8e:21:63:47:98:a9:dc:2d:d8:5c:
e6:7f:b6:10:73:62:6a:91:6e:f8:5c:25:51:44:f3:
d9:fe:5f:b8:b8:f3:c1:88:53:df:e7:ca:7d:3f:c3:
1b:2b:81:34:8b:e9:1c:70:8e:0c:ca:8f:2b:5e:2f:
f8:d2:b1:ab:d7:f0:a5:b1:ce:17:ea:e9:56:f1:f5:
c9:ee:07:a4:52:d0:86:bd:7f:d9:68:2b:99:c4:f4:
6f:1c:fb:a2:be:63:12:5e:48:8e:2d:f1:43:ef:8e:
d6:9f:e6:b4:6c:88:72:0b:0f:15:8b:ed:1b:4d:4a:
93:f2:6c:41:68:42:61:9f:38:64:09:a4:f0:0b:4a:
8e:26:40:51:60:aa:1e:67:e0:bd:60:fd:e5:12:79:
c2:ea:0e:35:b9:5c:a4:ab:7b:34:c3:84:9a:ea:77:
ec:85:36:1a:cc:a7:5d:dd:ec:90:19:de:40:ac:77:
16:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F8:3A:5F:34:60:A0:D1:BE:48:9C:01:E6:F2:DF:46:94:9D:2B:03
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ufg6XzRgoNG-SJwB5vLfRpSdKwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
5.198.248.0/21
45.142.64.0/22
45.146.48.0/22
45.150.72.0/22
80.248.224.0/20
95.215.168.0/22
141.138.208.0/21
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
185.13.40.0/22
185.122.112.0/22
185.123.32.0/22
185.123.92.0/22
185.129.24.0/22
185.129.64.0/22
185.130.244.0/22
185.139.152.0/22
185.139.160.0/21
185.139.172.0/22
185.141.72.0/22
185.141.88.0/22
185.142.80.0/22
185.142.228.0/22
185.159.184.0/22
185.159.192.0/22
185.236.40.0/22
193.19.80.0/23
193.247.74.0/23
193.247.126.0/23
195.88.110.0/23
195.95.184.0/24
195.189.112.0/22
Signature Algorithm: sha256WithRSAEncryption
73:44:7a:53:b6:98:e0:09:27:21:98:b8:46:d7:9b:61:73:95:
9d:81:1a:be:d1:1a:5e:d2:d2:5c:b2:35:8b:b7:e2:05:a1:41:
d2:9c:a9:ba:bb:7e:65:9d:00:28:c8:57:01:8b:a8:9d:82:72:
4c:85:9b:3f:23:27:e1:c8:d0:40:dc:13:08:67:79:eb:aa:84:
89:1c:05:45:5c:24:5e:4e:e8:15:65:8b:f8:79:1c:d5:43:3b:
e8:f5:43:d7:34:d3:e4:6c:7b:cd:c6:f2:a3:80:7c:10:88:75:
0b:7a:42:65:b7:98:ab:43:dd:88:a2:cc:81:4b:75:86:21:c0:
05:88:08:f5:94:11:87:27:90:19:c8:0d:22:37:29:3b:63:2b:
34:a7:39:df:40:57:96:fe:02:74:4a:08:e9:58:7c:09:7a:a8:
45:c7:3f:a7:e2:be:2b:aa:c5:b6:1f:16:1c:b3:70:5e:5c:38:
2c:ee:f3:d0:4e:4f:2c:22:31:16:dc:8b:80:6c:8c:86:79:3c:
6e:65:64:44:fd:91:70:6a:83:32:29:50:7c:09:3e:27:bf:ec:
19:16:0e:e0:8d:72:88:58:46:45:6e:57:1e:7c:48:df:91:40:
f7:e3:d5:0b:70:11:ab:ea:54:64:46:18:e5:b0:6e:15:92:c7:
a8:4b:86:4d
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZQmhtr4zyfZ3dOMw5c0oC6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY4M2E1ZjM0NjBhMGQxYmU0ODljMDFlNmYyZGY0Njk0OWQyYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8eJndoAO6zz4LObgZn9XY3ZUURm/
c8R0h9jnioYBRCoeOX2BGc4j8t6XwHj/qDfYdYLtnUDYSm8CTqQgbztcRCtPx5e1
x+u85z5zSEA+244hY0eYqdwt2Fzmf7YQc2JqkW74XCVRRPPZ/l+4uPPBiFPf58p9
P8MbK4E0i+kccI4Myo8rXi/40rGr1/Clsc4X6ulW8fXJ7gekUtCGvX/ZaCuZxPRv
HPuivmMSXkiOLfFD747Wn+a0bIhyCw8Vi+0bTUqT8mxBaEJhnzhkCaTwC0qOJkBR
YKoeZ+C9YP3lEnnC6g41uVykq3s0w4Sa6nfshTYazKdd3eyQGd5ArHcW1wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFFH4Ol80YKDRvkicAeby30aUnSsDMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvVWZnNlh6UmdvTkctU0p3QjV2TGZScFNkS3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAUF
hcADBAMFxvgDBAItjkADBAItkjADBAItlkgDBARQ+OADBAJf16gDBAONitADBAOX
+AADBAOX/BgDBAOwSsADBAK5DJQDBAK5DPgDBAK5DSgDBAK5enADBAK5eyADBAK5
e1wDBAK5gRgDBAK5gUADBAK5gvQDBAK5i5gDBAO5i6ADBAK5i6wDBAK5jUgDBAK5
jVgDBAK5jlADBAK5juQDBAK5n7gDBAK5n8ADBAK57CgDBAHBE1ADBAHB90oDBAHB
934DBAHDWG4DBADDX7gDBALDvXAwDQYJKoZIhvcNAQELBQADggEBAHNEelO2mOAJ
JyGYuEbXm2FzlZ2BGr7RGl7S0lyyNYu34gWhQdKcqbq7fmWdACjIVwGLqJ2CckyF
mz8jJ+HI0EDcEwhneeuqhIkcBUVcJF5O6BVli/h5HNVDO+j1Q9c00+Rse83G8qOA
fBCIdQt6QmW3mKtD3YiizIFLdYYhwAWICPWUEYcnkBnIDSI3KTtjKzSnOd9AV5b+
AnRKCOlYfAl6qEXHP6fiviuqxbYfFhyzcF5cOCzu89BOTywiMRbci4BsjIZ5PG5l
ZET9kXBqgzIpUHwJPie/7BkWDuCNcohYRkVuVx58SN+RQPfj1QtwEavqVGRGGOWw
bhWSx6hLhk0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:31 2025 by rpki-client