Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/UEg2a8frOwQJ_ocv6mZt898VwKc.roa
File: UEg2a8frOwQJ_ocv6mZt898VwKc.roa (raw, json)
Hash identifier: HhDZ6hinLTKa6qeDqW6QogtlJ6a4udPeZaa3rESZ/rM=
Subject key identifier: 50:48:36:6B:C7:EB:3B:04:09:FE:87:2F:EA:66:6D:F3:DF:15:C0:A7
Certificate issuer: /CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Certificate serial: 01941F8C10951FADAA4F141EF7FE1BFCC716
Authority key identifier: 27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/UEg2a8frOwQJ_ocv6mZt898VwKc.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29166
IP address blocks: 193.5.8.0/23 maxlen: 23
193.5.42.0/23 maxlen: 23
193.135.31.0/24 maxlen: 24
194.40.212.0/22 maxlen: 22
194.40.216.0/22 maxlen: 22
194.40.220.0/22 maxlen: 22
194.40.224.0/22 maxlen: 22
194.40.228.0/22 maxlen: 22
194.40.232.0/24 maxlen: 24
194.40.234.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:10:95:1f:ad:aa:4f:14:1e:f7:fe:1b:fc:c7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5048366bc7eb3b0409fe872fea666df3df15c0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6b:99:80:1e:e3:eb:47:55:47:41:ab:47:e9:
ad:ed:77:c0:54:ea:b8:d2:eb:41:bc:31:bb:ca:0e:
8a:40:c8:a7:ec:fd:4b:9a:6f:1d:ce:9a:45:87:23:
df:d5:b8:09:38:4a:34:d0:57:3f:cb:28:fd:84:c0:
56:df:fc:6c:f1:26:d8:3b:ce:12:24:01:fe:9c:a1:
76:af:b9:42:5b:ec:4e:63:b0:1e:2c:76:13:e4:18:
61:90:94:c7:eb:86:df:c1:27:22:81:06:7e:cf:07:
85:8a:49:7a:56:c6:ac:10:9d:df:fb:ae:39:c5:16:
6e:c7:4a:8a:33:b2:79:7f:f5:e9:90:2a:15:9e:e6:
e3:5f:31:f4:21:8b:e4:8a:13:eb:7d:89:54:67:dd:
b0:27:39:88:5d:98:2c:d3:7d:c5:5b:8a:79:95:17:
96:c9:72:57:31:bf:0f:f0:87:78:4e:19:e3:2e:e1:
32:cb:67:d9:7b:6f:74:d3:cd:24:b2:29:25:7a:6a:
08:8b:d4:a4:c9:d9:38:d1:2b:b7:09:ef:b3:c1:aa:
66:8c:4f:df:a1:fb:13:a7:74:53:a3:89:5d:71:1d:
9f:be:cf:81:33:ad:59:b3:45:44:d1:a6:41:a5:22:
85:0f:ce:dd:4d:4a:e0:60:08:58:b3:26:5e:b0:73:
c5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:48:36:6B:C7:EB:3B:04:09:FE:87:2F:EA:66:6D:F3:DF:15:C0:A7
X509v3 Authority Key Identifier:
keyid:27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/UEg2a8frOwQJ_ocv6mZt898VwKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.8.0/23
193.5.42.0/23
193.135.31.0/24
194.40.212.0-194.40.232.255
194.40.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:dd:ec:7c:85:f5:9c:68:c4:9e:22:ba:76:94:66:a9:48:2c:
0f:a1:cf:7b:e6:cb:5a:82:af:63:8b:c1:1c:80:6f:31:eb:11:
d9:8b:d2:90:ba:24:bb:f4:8b:29:b3:c8:f3:96:3d:24:c9:bd:
32:d1:7b:f7:2c:a9:75:4b:f8:50:62:0c:ca:5a:7e:57:78:99:
98:81:4f:ce:f5:43:5f:34:36:37:45:87:11:bc:b3:58:46:d1:
f7:1b:c3:65:10:41:8d:d3:b1:4f:36:a2:0d:5d:d0:11:18:ed:
f5:2f:62:41:cc:f5:b9:49:43:98:cc:4d:46:28:fd:fb:cf:9a:
09:b1:b7:32:70:80:5f:e1:a3:55:25:6b:47:61:ed:a2:4a:04:
39:ad:95:06:f4:37:60:53:e3:fb:fe:14:0c:1c:5c:58:c5:f4:
39:18:41:1d:60:56:4c:4b:33:79:aa:7d:8d:e0:d6:1f:1b:f9:
80:8c:7a:c7:61:09:fd:c7:a8:ce:74:d0:90:ae:ce:1d:0e:a8:
75:bf:ad:d8:93:cb:a9:4a:86:95:fd:e7:df:2d:58:3a:5a:29:
59:f5:1d:c2:3a:ab:ed:fc:c1:1e:37:da:56:52:c3:2e:c0:8a:
05:4c:c0:ed:32:66:04:66:f0:c0:40:d3:8e:c7:e1:10:71:87:
c6:d0:6f:5c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQfjBCVH62qTxQe9/4b/McWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZmMyMTg1NmNkOGUwMzdhN2JiOGM2MzkyYTYxOTgyMTNh
OGI0ZjYwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ4MzY2YmM3ZWIzYjA0MDlmZTg3MmZlYTY2NmRmM2RmMTVjMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12uZgB7j60dVR0GrR+mt7XfAVOq4
0utBvDG7yg6KQMin7P1Lmm8dzppFhyPf1bgJOEo00Fc/yyj9hMBW3/xs8SbYO84S
JAH+nKF2r7lCW+xOY7AeLHYT5BhhkJTH64bfwScigQZ+zweFikl6VsasEJ3f+645
xRZux0qKM7J5f/XpkCoVnubjXzH0IYvkihPrfYlUZ92wJzmIXZgs033FW4p5lReW
yXJXMb8P8Id4ThnjLuEyy2fZe290080ksiklemoIi9Skydk40Su3Ce+zwapmjE/f
ofsTp3RTo4ldcR2fvs+BM61Zs0VE0aZBpSKFD87dTUrgYAhYsyZesHPFBwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFBINmvH6zsECf6HL+pmbfPfFcCnMB8GA1UdIwQY
MBaAFCf8IYVs2OA3p7uMY5KmGYITqLT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUt
ZTFmMzY3ZTc5NjIwLzEvVUVnMmE4ZnJPd1FKX29jdjZtWnQ4OThWd0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUtZTFmMzY3ZTc5NjIw
LzEvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBwQUIAwQB
wQUqAwQAwYcfMAwDBALCKNQDBADCKOgDBAHCKOowDQYJKoZIhvcNAQELBQADggEB
AC/d7HyF9ZxoxJ4iunaUZqlILA+hz3vmy1qCr2OLwRyAbzHrEdmL0pC6JLv0iymz
yPOWPSTJvTLRe/csqXVL+FBiDMpafld4mZiBT871Q180NjdFhxG8s1hG0fcbw2UQ
QY3TsU82og1d0BEY7fUvYkHM9blJQ5jMTUYo/fvPmgmxtzJwgF/ho1Ula0dh7aJK
BDmtlQb0N2BT4/v+FAwcXFjF9DkYQR1gVkxLM3mqfY3g1h8b+YCMesdhCf3HqM50
0JCuzh0OqHW/rdiTy6lKhpX9598tWDpaKVn1HcI6q+38wR432lZSwy7AigVMwO0y
ZgRm8MBA047H4RBxh8bQb1w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:37 2025 by rpki-client