Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uoTnRKW0REI3jYorAkP_B_b1NCw.roa
File: uoTnRKW0REI3jYorAkP_B_b1NCw.roa (raw, json)
Hash identifier: H7DZxEDm7ai80PfHP0cf+4x5GLvmLCU7m5aWyBrjvUo=
Subject key identifier: BA:84:E7:44:A5:B4:44:42:37:8D:8A:2B:02:43:FF:07:F6:F5:34:2C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01950058A01AC8E0EC6C5E2CA41BE9236883
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uoTnRKW0REI3jYorAkP_B_b1NCw.roa
Signing time: Thu 13 Feb 2025 17:26:02 +0000
ROA not before: Thu 13 Feb 2025 17:26:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50025
IP address blocks: 31.148.208.0/22 maxlen: 24
31.148.240.0/22 maxlen: 24
93.170.160.0/22 maxlen: 24
146.158.16.0/22 maxlen: 24
146.158.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:58:a0:1a:c8:e0:ec:6c:5e:2c:a4:1b:e9:23:68:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 13 17:26:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba84e744a5b44442378d8a2b0243ff07f6f5342c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:37:38:14:8c:bf:1a:57:ef:45:5a:77:2e:
8e:8e:e5:ba:b0:ac:1d:35:6b:97:3e:99:4a:3e:66:
70:ea:00:5e:09:0c:80:aa:03:b1:b3:16:e2:b4:c2:
67:39:cb:e5:88:a0:2b:3a:01:4f:a1:5c:50:9a:7d:
fb:04:f4:26:ea:38:73:be:90:40:54:a5:9a:ac:f7:
b7:db:a7:86:d4:5c:02:f7:40:94:01:8c:9e:3d:ba:
44:54:57:99:e2:58:11:4c:c3:41:ec:07:10:04:82:
b9:b2:80:28:fc:1d:d9:15:32:60:fe:55:fb:d7:e3:
c9:50:1e:26:e9:54:dc:2b:cd:5f:0b:05:16:3d:86:
80:30:0d:3a:f7:34:85:42:40:ee:e2:5f:80:68:b6:
ac:52:69:8f:3e:7e:95:b8:2f:b9:d6:7f:88:5e:3e:
6b:65:5b:97:04:79:f2:f6:e8:d7:04:82:97:aa:ba:
70:fe:c2:d0:b3:62:1f:1f:26:0e:95:10:17:6c:4c:
47:fb:ae:05:60:5a:63:cc:24:72:a7:9a:7b:6b:98:
06:57:11:4d:2c:6c:e8:f5:79:78:c4:1b:df:bd:fd:
b7:13:c8:55:7b:ef:ac:5e:9b:2e:9c:13:56:bd:14:
39:e5:7c:68:f8:00:9e:78:8a:ce:4b:dc:1f:13:dc:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:84:E7:44:A5:B4:44:42:37:8D:8A:2B:02:43:FF:07:F6:F5:34:2C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uoTnRKW0REI3jYorAkP_B_b1NCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.208.0/22
31.148.240.0/22
93.170.160.0/22
146.158.16.0/22
146.158.68.0/22
Signature Algorithm: sha256WithRSAEncryption
77:23:75:29:ce:ec:7b:1c:3d:0d:b6:bd:ea:b8:33:57:3a:c2:
47:6a:56:0e:63:31:1a:9e:e9:53:1e:d4:90:7d:e4:ef:1f:ec:
66:7c:1b:2b:b5:47:bb:cf:e9:79:eb:3f:aa:e6:6c:86:22:9a:
9d:96:20:9b:97:a0:8e:90:d5:29:f7:83:02:a9:b8:9b:50:ed:
a2:e1:77:bd:ea:3b:8a:1e:e6:bc:7c:21:f8:97:b4:e5:49:dc:
f5:8f:d7:1d:12:11:33:5c:61:c4:e9:71:55:e7:fc:af:52:ca:
e6:48:d9:76:09:91:b3:29:9f:cf:3b:5d:6c:a5:8f:1b:d0:14:
37:26:3a:79:a0:f7:f6:a6:ec:b1:56:38:9b:19:27:46:4e:ac:
57:54:14:b9:52:d9:2f:66:42:c6:23:d0:a5:25:b9:c3:c8:c1:
71:4e:5c:81:cb:2f:a1:56:10:11:37:d3:e7:8d:3d:39:33:ac:
75:90:ac:18:7e:74:72:f2:77:ff:83:fb:ad:c8:12:33:de:cc:
92:de:ec:97:94:20:95:56:cd:b2:6e:5a:01:b5:99:61:ae:67:
86:e6:eb:37:98:d9:43:5e:44:75:cf:89:ca:f8:81:9f:8b:fd:
2e:2b:9a:a5:2a:3c:a7:75:c7:f6:bc:64:b5:de:ff:3d:59:85:
65:d5:7f:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZUAWKAayODsbF4spBvpI2iDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjEzMTcyNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg0ZTc0NGE1YjQ0NDQyMzc4ZDhhMmIwMjQzZmYwN2Y2ZjUzNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjY3OBSMvxpX70Vady6OjuW6sKwd
NWuXPplKPmZw6gBeCQyAqgOxsxbitMJnOcvliKArOgFPoVxQmn37BPQm6jhzvpBA
VKWarPe326eG1FwC90CUAYyePbpEVFeZ4lgRTMNB7AcQBIK5soAo/B3ZFTJg/lX7
1+PJUB4m6VTcK81fCwUWPYaAMA069zSFQkDu4l+AaLasUmmPPn6VuC+51n+IXj5r
ZVuXBHny9ujXBIKXqrpw/sLQs2IfHyYOlRAXbExH+64FYFpjzCRyp5p7a5gGVxFN
LGzo9Xl4xBvfvf23E8hVe++sXpsunBNWvRQ55Xxo+ACeeIrOS9wfE9xxkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLqE50SltERCN42KKwJD/wf29TQsMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdW9UblJLVzBSRUkzallvckFrUF9CX2IxTkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH5TQAwQC
H5TwAwQCXaqgAwQCkp4QAwQCkp5EMA0GCSqGSIb3DQEBCwUAA4IBAQB3I3Upzux7
HD0Ntr3quDNXOsJHalYOYzEanulTHtSQfeTvH+xmfBsrtUe7z+l56z+q5myGIpqd
liCbl6COkNUp94MCqbibUO2i4Xe96juKHua8fCH4l7TlSdz1j9cdEhEzXGHE6XFV
5/yvUsrmSNl2CZGzKZ/PO11spY8b0BQ3Jjp5oPf2puyxVjibGSdGTqxXVBS5Utkv
ZkLGI9ClJbnDyMFxTlyByy+hVhARN9PnjT05M6x1kKwYfnRy8nf/g/utyBIz3syS
3uyXlCCVVs2ybloBtZlhrmeG5us3mNlDXkR1z4nK+IGfi/0uK5qlKjyndcf2vGS1
3v89WYVl1X/O
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:42 2025 by rpki-client