Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/uxTu2Af7G_ZNcFKBsHAS_BIRmZs.roa
File: uxTu2Af7G_ZNcFKBsHAS_BIRmZs.roa (raw, json)
Hash identifier: OAOgfI+ToS2uVsVUxA6LbD290GEB1RA6ap9BGvXIi7M=
Subject key identifier: BB:14:EE:D8:07:FB:1B:F6:4D:70:52:81:B0:70:12:FC:12:11:99:9B
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 019425FD9E43CAEDA64EABD8604E78F231C5
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/uxTu2Af7G_ZNcFKBsHAS_BIRmZs.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31004
IP address blocks: 91.230.140.0/23 maxlen: 23
91.230.140.0/24 maxlen: 24
93.157.32.0/21 maxlen: 24
193.203.120.0/23 maxlen: 23
194.116.210.0/23 maxlen: 23
194.150.244.0/23 maxlen: 23
2a00:4bc0::/32 maxlen: 32
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9e:43:ca:ed:a6:4e:ab:d8:60:4e:78:f2:31:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb14eed807fb1bf64d705281b07012fc1211999b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:dc:15:0f:ae:d5:a7:f6:c7:78:23:b8:5f:
84:48:b7:92:d9:1e:d2:e0:12:69:1a:26:c3:10:cc:
84:2c:b4:04:28:38:0e:b8:52:0d:21:9a:62:b9:fb:
15:7d:cf:8e:c4:af:3c:3c:41:06:4d:e8:e6:58:2f:
49:e1:72:b7:eb:c8:d9:a5:ac:26:59:35:8f:af:64:
de:a1:d9:f5:14:49:20:39:af:d0:16:f2:81:01:87:
08:ae:ad:25:45:31:9a:79:f7:fe:3b:ba:07:2a:48:
06:34:a6:1a:97:f0:7f:87:a5:d4:d1:b1:c3:51:13:
35:f9:52:0b:ca:f7:88:ef:54:93:39:67:39:b3:2a:
ed:bb:1f:57:bb:be:9e:f6:14:2c:d7:56:5d:6c:43:
e6:34:d3:a3:86:8b:ef:3a:12:48:27:5a:2c:8b:2d:
d3:e1:6f:82:bf:7b:01:09:d0:8c:5a:83:ce:f2:51:
9f:83:8a:bc:52:63:4b:cc:32:01:51:0d:0a:89:3d:
30:2c:d4:34:b4:a3:2d:fe:d5:61:06:39:97:45:40:
1b:c5:76:0a:aa:5a:99:c5:07:f2:67:31:05:59:6d:
2e:75:11:2f:26:49:bd:1e:1f:ac:05:7d:ae:91:56:
e5:3d:2b:4b:8d:94:0c:40:e6:ce:4d:24:ab:59:91:
b7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:14:EE:D8:07:FB:1B:F6:4D:70:52:81:B0:70:12:FC:12:11:99:9B
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/uxTu2Af7G_ZNcFKBsHAS_BIRmZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.140.0/23
93.157.32.0/21
193.203.120.0/23
194.116.210.0/23
194.150.244.0/23
IPv6:
2a00:4bc0::/32
Signature Algorithm: sha256WithRSAEncryption
52:3f:8f:77:02:d0:69:98:5f:fc:69:0f:a8:3f:3e:35:c4:e6:
d7:6e:14:db:6b:8c:ca:5c:bd:cd:0f:b9:a8:4a:67:87:15:a3:
19:48:26:ab:7d:e6:e9:29:f6:1d:01:88:c2:07:27:f3:ce:2e:
d2:76:8e:f0:e8:7c:32:6e:f2:e0:f0:61:cc:ff:a3:43:f4:2d:
dd:3e:7f:76:28:79:12:36:73:23:d8:57:a9:dc:6a:3f:6f:4f:
25:e2:b1:a1:89:49:c1:b3:62:6a:e6:c6:e9:6d:9a:84:fd:1e:
a1:11:b6:59:b5:a3:0e:8b:b0:f8:e9:5d:2c:eb:3a:23:b3:d4:
6e:68:16:05:08:ee:5c:8a:5a:ab:33:26:1d:d9:8f:f8:79:7b:
71:99:cd:99:82:b8:6e:bc:0a:6a:f2:1c:88:a3:79:ca:8f:59:
e8:65:98:67:70:a0:e2:95:96:37:66:66:17:8d:b7:7c:6a:a7:
7b:25:fd:57:ba:1d:1a:f3:8c:0c:5c:cb:02:4b:8e:e2:87:83:
ea:38:d1:76:a0:40:61:5e:a1:f9:01:f4:21:db:62:07:6d:da:
f7:9b:62:9f:f4:af:e1:85:be:d9:c7:d9:bf:af:77:1d:86:4f:
49:8b:12:95:35:c8:5d:d7:d7:be:67:ee:ea:12:4f:c9:75:8a:
57:08:a9:0c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQl/Z5Dyu2mTqvYYE548jHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjE0ZWVkODA3ZmIxYmY2NGQ3MDUyODFiMDcwMTJmYzEyMTE5OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIfcFQ+u1af2x3gjuF+ESLeS2R7S
4BJpGibDEMyELLQEKDgOuFINIZpiufsVfc+OxK88PEEGTejmWC9J4XK368jZpawm
WTWPr2Teodn1FEkgOa/QFvKBAYcIrq0lRTGaeff+O7oHKkgGNKYal/B/h6XU0bHD
URM1+VILyveI71STOWc5syrtux9Xu76e9hQs11ZdbEPmNNOjhovvOhJIJ1osiy3T
4W+Cv3sBCdCMWoPO8lGfg4q8UmNLzDIBUQ0KiT0wLNQ0tKMt/tVhBjmXRUAbxXYK
qlqZxQfyZzEFWW0udREvJkm9Hh+sBX2ukVblPStLjZQMQObOTSSrWZG3twIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLsU7tgH+xv2TXBSgbBwEvwSEZmbMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvdXhUdTJBZjdHX1pOY0ZLQnNIQVNfQklSbVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW+aMAwQD
XZ0gAwQBwct4AwQBwnTSAwQBwpb0MA0EAgACMAcDBQAqAEvAMA0GCSqGSIb3DQEB
CwUAA4IBAQBSP493AtBpmF/8aQ+oPz41xObXbhTba4zKXL3ND7moSmeHFaMZSCar
febpKfYdAYjCByfzzi7Sdo7w6HwybvLg8GHM/6ND9C3dPn92KHkSNnMj2Fep3Go/
b08l4rGhiUnBs2Jq5sbpbZqE/R6hEbZZtaMOi7D46V0s6zojs9RuaBYFCO5cilqr
MyYd2Y/4eXtxmc2ZgrhuvApq8hyIo3nKj1noZZhncKDilZY3ZmYXjbd8aqd7Jf1X
uh0a84wMXMsCS47ih4PqONF2oEBhXqH5AfQh22IHbdr3m2Kf9K/hhb7Zx9m/r3cd
hk9JixKVNchd19e+Z+7qEk/JdYpXCKkM
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:12 2025 by rpki-client