Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uftnC1KeLsiQ9KA49FD6BjMxmho.roa
File: uftnC1KeLsiQ9KA49FD6BjMxmho.roa (raw, json)
Hash identifier: CAfXuCGSmJgcKWqWFnuYO0NmnG2SgIosksUaMzf1RCU=
Subject key identifier: B9:FB:67:0B:52:9E:2E:C8:90:F4:A0:38:F4:50:FA:06:33:31:9A:1A
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0195710751A889D4D594DEEBF2568A16B132
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uftnC1KeLsiQ9KA49FD6BjMxmho.roa
Signing time: Fri 07 Mar 2025 14:34:19 +0000
ROA not before: Fri 07 Mar 2025 14:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.121.132.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a14:6781::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:07:51:a8:89:d4:d5:94:de:eb:f2:56:8a:16:b1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Mar 7 14:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9fb670b529e2ec890f4a038f450fa0633319a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fd:c9:bf:a0:ef:b7:42:69:be:2c:58:dd:a1:
a0:06:4f:a9:70:6b:61:86:5f:96:8e:54:69:61:cb:
8b:b0:0f:21:69:86:44:ce:c1:c6:1c:31:06:27:86:
9c:62:06:4f:20:0c:e2:03:92:7d:f9:bc:41:b6:f0:
53:47:d4:d6:d7:cf:dc:2b:02:d8:39:7a:86:78:c6:
b4:7c:48:c4:9c:19:74:3a:41:39:75:d8:fb:6a:6b:
72:bd:34:8a:58:eb:86:db:2b:63:ae:0e:aa:a3:b8:
7d:bf:01:00:d4:2d:41:e7:b9:14:79:d4:55:29:0a:
ee:0e:ed:c2:06:46:7b:e1:64:4f:a8:76:2e:74:44:
68:d7:52:ae:8f:d8:94:bc:ff:28:e2:9a:9a:26:03:
f1:b2:17:09:aa:c1:44:a9:1f:91:09:ac:f8:97:71:
7b:4b:13:cb:cc:41:e9:3a:7a:b4:c9:21:c8:88:11:
3a:43:f6:75:d3:d0:9e:29:eb:eb:3b:1e:b5:5d:fe:
b3:90:f3:66:aa:7a:3a:0e:50:0c:21:29:98:60:92:
9e:bb:b4:41:9c:dd:8f:45:98:c4:eb:de:66:bc:3a:
06:9a:a6:e1:16:ca:7f:ea:5b:d3:c2:a3:4f:d3:76:
bb:6a:4f:b5:da:e3:70:e1:3d:1f:43:a0:6e:f8:50:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FB:67:0B:52:9E:2E:C8:90:F4:A0:38:F4:50:FA:06:33:31:9A:1A
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uftnC1KeLsiQ9KA49FD6BjMxmho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
62.169.152.0/24
89.36.35.0/24
185.121.132.0/24
185.144.70.0/23
212.232.18.0/24
IPv6:
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
76:10:25:2f:67:a5:db:63:c2:30:79:27:0f:7e:60:e6:1d:5c:
7a:db:a6:e4:df:a5:9c:b0:4e:94:38:3b:0a:df:33:30:d9:04:
b9:f9:0f:55:7b:57:4f:20:3f:be:f1:7b:47:50:bb:9d:0b:34:
27:b6:f0:7c:e6:71:66:fd:c9:98:61:ff:eb:6f:a6:5e:fc:5d:
10:aa:f2:92:e5:34:bf:94:7d:9b:01:16:1e:ae:55:24:9b:b9:
f5:f2:ff:1d:9a:d1:be:6e:28:9e:99:36:76:97:fc:ff:8a:a1:
a9:ae:ce:f9:fa:55:9a:06:45:2b:bd:9c:cf:f6:24:90:d8:81:
9e:d6:58:6e:b8:28:b1:69:bb:dd:55:6f:34:4d:ed:cd:0d:c4:
46:53:44:54:64:e8:5d:8d:9c:a9:4f:dd:66:6b:31:c2:4e:a4:
fa:78:0c:7a:f2:0a:31:a9:2a:3e:d6:b2:07:6f:37:08:40:03:
b3:17:ac:71:2e:bf:b0:56:35:db:94:c5:7c:0f:40:2f:a4:3f:
f9:46:b4:a6:e9:b5:84:b9:d3:60:be:d6:31:50:80:32:92:34:
aa:f3:12:ad:b3:be:5f:74:53:01:1a:23:da:e0:33:c0:f3:c8:
71:c1:28:50:79:09:48:3a:1e:42:56:f3:d2:28:03:3d:34:e0:
71:aa:82:3e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZVxB1GoidTVlN7r8laKFrEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwMzA3MTQzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZiNjcwYjUyOWUyZWM4OTBmNGEwMzhmNDUwZmEwNjMzMzE5YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/3Jv6Dvt0JpvixY3aGgBk+pcGth
hl+WjlRpYcuLsA8haYZEzsHGHDEGJ4acYgZPIAziA5J9+bxBtvBTR9TW18/cKwLY
OXqGeMa0fEjEnBl0OkE5ddj7amtyvTSKWOuG2ytjrg6qo7h9vwEA1C1B57kUedRV
KQruDu3CBkZ74WRPqHYudERo11Kuj9iUvP8o4pqaJgPxshcJqsFEqR+RCaz4l3F7
SxPLzEHpOnq0ySHIiBE6Q/Z109CeKevrOx61Xf6zkPNmqno6DlAMISmYYJKeu7RB
nN2PRZjE695mvDoGmqbhFsp/6lvTwqNP03a7ak+12uNw4T0fQ6Bu+FDEJwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLn7ZwtSni7IkPSgOPRQ+gYzMZoaMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvdWZ0bkMxS2VMc2lROUtBNDlGRDZCak14bWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHxkLAwQA
PqmYAwQAWSQjAwQAuXmEAwQBuZBGAwQA1OgSMA0EAgACMAcDBQAqFGeBMA0GCSqG
SIb3DQEBCwUAA4IBAQB2ECUvZ6XbY8IweScPfmDmHVx626bk36WcsE6UODsK3zMw
2QS5+Q9Ve1dPID++8XtHULudCzQntvB85nFm/cmYYf/rb6Ze/F0QqvKS5TS/lH2b
ARYerlUkm7n18v8dmtG+biiemTZ2l/z/iqGprs75+lWaBkUrvZzP9iSQ2IGe1lhu
uCixabvdVW80Te3NDcRGU0RUZOhdjZypT91mazHCTqT6eAx68goxqSo+1rIHbzcI
QAOzF6xxLr+wVjXblMV8D0AvpD/5RrSm6bWEudNgvtYxUIAykjSq8xKts75fdFMB
GiPa4DPA88hxwShQeQlIOh5CVvPSKAM9NOBxqoI+
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:36 2025 by rpki-client