Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/upUlmeYdk5_sFXYFi0NBtTtEwO8.roa
File: upUlmeYdk5_sFXYFi0NBtTtEwO8.roa (raw, json)
Hash identifier: xuu1QVb2zW3SwdOeuq3QKp9w0IPCF0Qyp8OFF9tk1jc=
Subject key identifier: BA:95:25:99:E6:1D:93:9F:EC:15:76:05:8B:43:41:B5:3B:44:C0:EF
Certificate issuer: /CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Certificate serial: 019425217ECC8D79B6190FBF45588D5B56DA
Authority key identifier: 01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/upUlmeYdk5_sFXYFi0NBtTtEwO8.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215830
IP address blocks: 46.149.168.0/22 maxlen: 24
185.111.76.0/22 maxlen: 24
2a06:5bc0::/29 maxlen: 48
2a0d:f7c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7e:cc:8d:79:b6:19:0f:bf:45:58:8d:5b:56:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba952599e61d939fec1576058b4341b53b44c0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ee:db:ed:fd:a6:40:e5:cd:da:2c:e9:81:54:
28:09:e1:91:62:4d:54:b8:25:7d:18:3c:86:11:b0:
cb:cd:70:8c:4a:09:a9:8a:f4:80:c4:63:eb:a4:dc:
4d:f6:5b:b1:a9:ff:b3:f0:a5:14:24:12:f4:34:08:
aa:8a:58:fe:b5:75:14:09:0c:57:75:2a:31:da:74:
eb:72:ec:d1:6d:60:88:c3:f2:99:07:da:c7:02:c3:
88:57:b5:07:82:89:4a:09:c0:8e:27:bc:90:9e:ee:
d6:5d:a7:12:43:7f:e1:5e:d2:68:33:f9:ad:78:81:
17:6d:bb:65:61:ef:65:68:02:0d:bf:03:74:d3:23:
71:72:9f:1d:e6:ce:da:3e:10:de:d7:fe:3f:8e:06:
0b:3e:5e:da:82:49:b9:23:9b:74:09:2e:95:8b:f1:
33:24:b5:c8:89:bd:1d:a8:ce:37:8b:d4:72:84:a7:
26:04:56:87:03:e4:36:56:ae:57:d2:12:3b:47:2f:
e9:08:43:f4:48:e2:b8:e5:20:c0:a4:04:34:ef:17:
31:79:e8:17:03:98:51:25:1d:3a:70:87:54:ae:48:
22:9e:c9:b7:c2:be:d1:85:7c:19:5e:1c:ea:86:c9:
c0:b1:5f:d6:af:b1:5a:95:3f:c0:dd:6b:4b:99:40:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:95:25:99:E6:1D:93:9F:EC:15:76:05:8B:43:41:B5:3B:44:C0:EF
X509v3 Authority Key Identifier:
keyid:01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/upUlmeYdk5_sFXYFi0NBtTtEwO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.168.0/22
185.111.76.0/22
IPv6:
2a06:5bc0::/29
2a0d:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
81:ac:f3:29:10:fc:bd:ad:5b:55:a4:0f:81:d1:4a:2a:60:e9:
f8:5f:e5:6c:90:f5:b3:0f:bf:87:28:79:9c:07:b7:73:3e:f0:
f7:9f:5c:7f:98:0d:da:43:90:5d:f9:a1:ea:af:4e:96:8d:ad:
58:c4:8d:ca:5f:40:12:26:95:af:cf:00:d4:f6:79:97:2b:95:
0c:c6:49:f5:5e:95:62:79:6e:be:84:b0:2f:bf:70:28:d2:9b:
66:e3:d6:fe:cf:d8:f7:98:85:a3:3c:5f:d3:58:37:3e:68:d5:
52:79:43:2f:5d:8d:03:9b:47:36:d0:a7:84:c1:9e:ea:09:b1:
17:cc:4d:59:e8:47:e9:a5:ba:9d:1f:2e:3f:6c:95:c1:63:d6:
4f:45:43:f5:d4:bd:16:ae:ca:a6:10:68:4c:72:d8:45:51:99:
69:5d:a6:2f:90:8c:c4:cb:de:b5:8a:54:9f:37:00:b6:21:c7:
ec:0e:c0:59:f9:14:d0:45:3a:7e:38:a5:8e:5f:87:c7:fe:94:
66:26:c8:de:21:cc:24:8e:9b:3a:d3:0c:84:18:da:0b:a0:8f:
74:9c:b4:2d:fb:8f:37:3d:c2:29:ee:a0:8a:12:1a:2f:36:b8:
ff:57:47:b2:e2:65:cd:d7:03:4f:9a:0a:b9:75:33:40:3d:23:
d6:65:b6:4f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIX7MjXm2GQ+/RViNW1baMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzIzNTA2NzE4ZGZjZjJhOGJkMTc2ZDRlYTI0ZTI3NTMy
MmZjZmIwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk1MjU5OWU2MWQ5MzlmZWMxNTc2MDU4YjQzNDFiNTNiNDRjMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+7b7f2mQOXN2izpgVQoCeGRYk1U
uCV9GDyGEbDLzXCMSgmpivSAxGPrpNxN9luxqf+z8KUUJBL0NAiqilj+tXUUCQxX
dSox2nTrcuzRbWCIw/KZB9rHAsOIV7UHgolKCcCOJ7yQnu7WXacSQ3/hXtJoM/mt
eIEXbbtlYe9laAINvwN00yNxcp8d5s7aPhDe1/4/jgYLPl7agkm5I5t0CS6Vi/Ez
JLXIib0dqM43i9RyhKcmBFaHA+Q2Vq5X0hI7Ry/pCEP0SOK45SDApAQ07xcxeegX
A5hRJR06cIdUrkginsm3wr7RhXwZXhzqhsnAsV/Wr7FalT/A3WtLmUD75wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLqVJZnmHZOf7BV2BYtDQbU7RMDvMB8GA1UdIwQY
MBaAFAFyNQZxjfzyqL0XbU6iTidTIvz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEt
MDUzNzNiYTk0ODNkLzEvdXBVbG1lWWRrNV9zRlhZRmkwTkJ0VHRFd084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEtMDUzNzNiYTk0ODNk
LzEvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLpWoAwQC
uW9MMBQEAgACMA4DBQMqBlvAAwUAKg33wDANBgkqhkiG9w0BAQsFAAOCAQEAgazz
KRD8va1bVaQPgdFKKmDp+F/lbJD1sw+/hyh5nAe3cz7w959cf5gN2kOQXfmh6q9O
lo2tWMSNyl9AEiaVr88A1PZ5lyuVDMZJ9V6VYnluvoSwL79wKNKbZuPW/s/Y95iF
ozxf01g3PmjVUnlDL12NA5tHNtCnhMGe6gmxF8xNWehH6aW6nR8uP2yVwWPWT0VD
9dS9Fq7KphBoTHLYRVGZaV2mL5CMxMvetYpUnzcAtiHH7A7AWfkU0EU6fjiljl+H
x/6UZibI3iHMJI6bOtMMhBjaC6CPdJy0LfuPNz3CKe6gihIaLza4/1dHsuJlzdcD
T5oKuXUzQD0j1mW2Tw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:15 2025 by rpki-client