Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/UNSqpPRk8YQu8Tpokfda-rc2u1Q.roa
File: UNSqpPRk8YQu8Tpokfda-rc2u1Q.roa (raw, json)
Hash identifier: 2vlQY/Sz+orv0VXyikwml/jrW51/V1Um8rIw+mJIp+c=
Subject key identifier: 50:D4:AA:A4:F4:64:F1:84:2E:F1:3A:68:91:F7:5A:FA:B7:36:BB:54
Certificate issuer: /CN=cfa968319d72a98a759400338b70fdc678912de6
Certificate serial: 019420D63984E4E6C33E77CF4CA67702A8CF
Authority key identifier: CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/UNSqpPRk8YQu8Tpokfda-rc2u1Q.roa
Signing time: Wed 01 Jan 2025 07:48:17 +0000
ROA not before: Wed 01 Jan 2025 07:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41887
IP address blocks: 62.204.64.0/19 maxlen: 24
62.204.64.0/20 maxlen: 24
62.204.64.0/24 maxlen: 24
62.204.65.0/24 maxlen: 24
62.204.66.0/24 maxlen: 24
62.204.67.0/24 maxlen: 24
62.204.80.0/20 maxlen: 20
62.204.92.0/22 maxlen: 22
62.204.92.0/23 maxlen: 24
62.204.94.0/23 maxlen: 24
94.228.128.0/20 maxlen: 24
94.228.129.181/32 maxlen: 32
94.228.133.226/32 maxlen: 32
178.22.80.0/21 maxlen: 24
185.63.164.0/22 maxlen: 24
195.144.2.0/24 maxlen: 24
2a00:d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:39:84:e4:e6:c3:3e:77:cf:4c:a6:77:02:a8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa968319d72a98a759400338b70fdc678912de6
Validity
Not Before: Jan 1 07:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50d4aaa4f464f1842ef13a6891f75afab736bb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b3:f0:a9:81:52:f6:2b:e6:64:7b:26:f4:be:
46:ed:31:ec:80:f9:98:e0:5f:18:2b:6f:9d:a4:30:
44:06:03:2c:60:51:24:ea:ce:77:17:d1:3e:42:dd:
cb:2e:b3:27:31:47:46:4b:4d:c8:62:5f:f4:7b:b0:
4e:58:43:cb:b5:33:c5:da:ba:0c:f0:bc:3a:cc:31:
0c:e7:58:26:27:13:9c:cf:5c:f7:2a:de:cc:b8:66:
be:62:a1:ca:17:1d:91:dd:a3:be:c2:72:9f:37:9b:
0a:5e:8f:5d:c6:ed:11:20:cc:d3:8f:41:da:b0:94:
31:b0:be:6c:7e:29:f4:78:9e:30:45:51:3c:c8:17:
28:34:73:b7:78:6b:c7:ff:eb:6d:f9:aa:a2:2d:df:
3c:a2:02:70:ab:6c:7b:3a:a0:80:10:d6:73:bc:ab:
cb:18:54:9d:57:2c:61:2f:20:4c:08:e5:e5:ae:e3:
37:40:f7:62:06:ee:9c:22:b1:4f:78:94:11:1d:ea:
b8:84:fe:3e:83:8d:99:58:79:0c:e0:35:8b:6d:a7:
a5:2a:3c:29:e2:46:59:90:33:ed:ce:15:a2:20:b8:
68:d1:f6:91:01:b8:58:a7:ee:a0:f3:62:17:88:2d:
7e:27:89:ee:d7:7e:d7:53:d8:43:ad:8a:51:a5:ac:
b7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D4:AA:A4:F4:64:F1:84:2E:F1:3A:68:91:F7:5A:FA:B7:36:BB:54
X509v3 Authority Key Identifier:
keyid:CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/UNSqpPRk8YQu8Tpokfda-rc2u1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.64.0/19
94.228.128.0/20
178.22.80.0/21
185.63.164.0/22
195.144.2.0/24
IPv6:
2a00:d00::/29
Signature Algorithm: sha256WithRSAEncryption
47:d9:79:ab:ff:e5:e6:8a:f7:78:de:ae:b6:c6:46:42:27:fa:
a0:84:af:5a:3d:99:37:aa:a3:90:d3:20:f7:95:dd:3a:61:0b:
d3:aa:8a:18:dd:7c:3f:0e:76:d1:d4:6c:e3:23:39:73:b4:ce:
2b:54:09:04:d6:c3:a4:1b:97:e1:70:79:a0:66:89:5f:ad:d4:
05:90:67:14:22:26:b0:33:df:b2:5b:98:d9:6d:d3:20:df:51:
31:21:89:db:41:cf:cd:05:1e:f3:13:fb:ca:09:43:29:46:2b:
85:51:c9:4c:b9:ba:40:69:02:79:b3:a8:11:30:c2:a8:ea:ad:
3d:df:e0:76:b7:10:7d:3a:05:1c:47:4b:4b:51:ac:78:4f:52:
40:0f:75:99:fd:69:d8:6a:7a:11:3e:fe:8a:14:c8:1f:ef:99:
cf:25:7c:d9:ba:3f:80:ae:e9:cd:59:fd:74:e8:5d:ed:03:09:
e1:77:ed:2a:fc:75:41:d9:45:0b:ec:3a:c5:d2:b5:b8:1a:35:
b6:28:7c:c7:83:ac:2c:63:42:9b:34:e5:fa:9c:43:a0:7b:29:
01:9d:8b:5c:e8:ff:5f:6e:95:e0:fd:0c:e9:59:3a:18:c2:fe:
9c:24:6e:9e:18:82:b9:ba:a2:af:19:c4:f1:4e:e7:b0:39:14:
bb:78:fc:26
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1jmE5ObDPnfPTKZ3AqjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTk2ODMxOWQ3MmE5OGE3NTk0MDAzMzhiNzBmZGM2Nzg5
MTJkZTYwHhcNMjUwMTAxMDc0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQ0YWFhNGY0NjRmMTg0MmVmMTNhNjg5MWY3NWFmYWI3MzZiYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LPwqYFS9ivmZHsm9L5G7THsgPmY
4F8YK2+dpDBEBgMsYFEk6s53F9E+Qt3LLrMnMUdGS03IYl/0e7BOWEPLtTPF2roM
8Lw6zDEM51gmJxOcz1z3Kt7MuGa+YqHKFx2R3aO+wnKfN5sKXo9dxu0RIMzTj0Ha
sJQxsL5sfin0eJ4wRVE8yBcoNHO3eGvH/+tt+aqiLd88ogJwq2x7OqCAENZzvKvL
GFSdVyxhLyBMCOXlruM3QPdiBu6cIrFPeJQRHeq4hP4+g42ZWHkM4DWLbaelKjwp
4kZZkDPtzhWiILho0faRAbhYp+6g82IXiC1+J4nu137XU9hDrYpRpay3XQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFDUqqT0ZPGELvE6aJH3Wvq3NrtUMB8GA1UdIwQY
MBaAFM+paDGdcqmKdZQAM4tw/cZ4kS3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZsb01aMXlxWXAxbEFBemkzRDl4bmlSTGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kYzYxNmYtZGU5Yi00NzhlLTg1Mzkt
OGNlNTEwMThlMmU2LzEvVU5TcXBQUms4WVF1OFRwb2tmZGEtcmMydTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kYzYxNmYtZGU5Yi00NzhlLTg1MzktOGNlNTEwMThlMmU2
LzEvejZsb01aMXlxWXAxbEFBemkzRDl4bmlSTGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsxAAwQE
XuSAAwQDshZQAwQCuT+kAwQAw5ACMA0EAgACMAcDBQMqAA0AMA0GCSqGSIb3DQEB
CwUAA4IBAQBH2Xmr/+Xmivd43q62xkZCJ/qghK9aPZk3qqOQ0yD3ld06YQvTqooY
3Xw/DnbR1GzjIzlztM4rVAkE1sOkG5fhcHmgZolfrdQFkGcUIiawM9+yW5jZbdMg
31ExIYnbQc/NBR7zE/vKCUMpRiuFUclMubpAaQJ5s6gRMMKo6q093+B2txB9OgUc
R0tLUax4T1JAD3WZ/WnYanoRPv6KFMgf75nPJXzZuj+ArunNWf106F3tAwnhd+0q
/HVB2UUL7DrF0rW4GjW2KHzHg6wsY0KbNOX6nEOgeykBnYtc6P9fbpXg/QzpWToY
wv6cJG6eGIK5uqKvGcTxTuewORS7ePwm
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:38:40 2025 by rpki-client