Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Ufr2afGXnfRf4I0gb-jEiflvE4U.roa
File: Ufr2afGXnfRf4I0gb-jEiflvE4U.roa (raw, json)
Hash identifier: M+HA2yRnaGNn/L+MV9quoWf8gGEo+L0udQeBQZgiv0o=
Subject key identifier: 51:FA:F6:69:F1:97:9D:F4:5F:E0:8D:20:6F:E8:C4:89:F9:6F:13:85
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 019421440F830A481FAC90AED16EE90306F3
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Ufr2afGXnfRf4I0gb-jEiflvE4U.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47262
IP address blocks: 46.245.0.0/18 maxlen: 20
46.245.9.0/24 maxlen: 24
95.81.64.0/24 maxlen: 24
95.81.65.0/24 maxlen: 24
95.81.66.0/23 maxlen: 23
95.81.68.0/22 maxlen: 22
95.81.68.0/23 maxlen: 23
95.81.104.0/21 maxlen: 21
212.120.192.0/19 maxlen: 19
212.120.196.0/23 maxlen: 23
2a00:d20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0f:83:0a:48:1f:ac:90:ae:d1:6e:e9:03:06:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51faf669f1979df45fe08d206fe8c489f96f1385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ce:6f:a5:35:2b:82:79:aa:aa:30:85:8a:6d:
88:d2:c2:6d:2e:94:7a:b7:87:a7:8a:39:25:3d:fc:
d6:0a:d5:76:dc:ed:5c:52:e4:e0:af:a5:8a:82:c2:
5a:dc:78:fb:c5:47:b8:ff:7b:2c:9a:48:25:ea:59:
e8:12:0e:63:41:80:bf:a4:5c:d6:fe:5a:aa:3c:0f:
a5:60:97:6d:80:73:a9:d0:f7:cb:2a:58:d8:30:04:
8b:72:3f:65:0b:52:cd:45:0d:28:e7:78:d2:af:31:
0a:cb:e2:f8:77:f4:17:e2:4b:e3:90:44:58:d1:2d:
ce:5b:ad:f6:90:52:51:c0:27:5a:e1:4f:1f:8e:a1:
0b:63:ed:0c:f5:ab:72:e5:32:a1:4e:74:c1:0b:5e:
32:ee:22:25:98:b4:c5:98:6c:00:59:d0:8a:52:32:
e4:2a:b7:5f:55:64:74:12:cf:4d:77:ec:69:a4:1c:
e8:b9:06:fd:1f:34:a0:af:17:3d:67:c6:d9:58:ce:
bc:ee:03:df:92:45:61:d8:56:43:94:1f:56:a6:d7:
00:84:a7:2c:98:ca:0c:bb:56:4f:d6:29:8c:1e:ce:
a6:32:23:df:ca:98:df:78:b0:ac:50:50:93:1b:2a:
b7:b0:85:4e:3b:96:32:ad:d2:f0:78:c4:3a:cf:1f:
31:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FA:F6:69:F1:97:9D:F4:5F:E0:8D:20:6F:E8:C4:89:F9:6F:13:85
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Ufr2afGXnfRf4I0gb-jEiflvE4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.0.0/18
95.81.64.0/21
95.81.104.0/21
212.120.192.0/19
IPv6:
2a00:d20::/32
Signature Algorithm: sha256WithRSAEncryption
b1:83:15:b4:85:9d:49:bb:44:26:2b:11:22:02:24:6c:d3:bb:
19:e7:1e:01:88:4f:38:c3:92:41:f2:0a:05:bf:cc:a7:e2:32:
53:87:95:09:90:35:70:ef:62:2a:39:63:96:5c:29:18:67:30:
aa:01:af:c9:52:25:5f:52:03:a2:a4:a6:32:83:c1:bd:16:69:
ab:00:80:ba:0d:5d:d6:6c:d6:d0:16:19:e7:f5:f1:30:f2:0d:
d3:45:fa:27:e7:0c:78:1b:c1:0f:c2:69:a0:6c:6c:b3:99:80:
15:ab:e0:15:6e:ae:78:a6:1b:bb:e8:d8:21:48:32:ce:ff:83:
92:5a:45:3d:c9:e4:9b:20:56:e9:53:95:6d:52:7f:6c:ef:f3:
7d:f4:07:61:19:cc:1e:99:8a:9d:12:8d:ac:53:57:96:16:7e:
03:c8:3a:9a:22:89:49:7f:8e:fe:55:8d:0c:ee:44:09:fb:a2:
98:1c:0a:e0:e0:58:02:50:a4:65:3e:f4:ec:fb:00:45:61:3f:
2f:8c:33:7e:4c:46:8b:85:bc:10:72:8a:51:d2:01:32:9a:af:
d5:5f:7a:ac:74:e0:17:5d:52:92:91:54:7d:71:6b:72:8a:33:
2e:20:dc:69:b7:b5:25:bd:98:59:ae:95:c1:f7:9f:4e:27:7d:
79:3e:bc:8b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhRA+DCkgfrJCu0W7pAwbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhZjY2OWYxOTc5ZGY0NWZlMDhkMjA2ZmU4YzQ4OWY5NmYxMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs5vpTUrgnmqqjCFim2I0sJtLpR6
t4enijklPfzWCtV23O1cUuTgr6WKgsJa3Hj7xUe4/3ssmkgl6lnoEg5jQYC/pFzW
/lqqPA+lYJdtgHOp0PfLKljYMASLcj9lC1LNRQ0o53jSrzEKy+L4d/QX4kvjkERY
0S3OW632kFJRwCda4U8fjqELY+0M9aty5TKhTnTBC14y7iIlmLTFmGwAWdCKUjLk
KrdfVWR0Es9Nd+xppBzouQb9HzSgrxc9Z8bZWM687gPfkkVh2FZDlB9WptcAhKcs
mMoMu1ZP1imMHs6mMiPfypjfeLCsUFCTGyq3sIVOO5YyrdLweMQ6zx8xYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFH69mnxl530X+CNIG/oxIn5bxOFMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEvVWZyMmFmR1huZlJmNEkwZ2ItakVpZmx2RTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLvUAAwQD
X1FAAwQDX1FoAwQF1HjAMA0EAgACMAcDBQAqAA0gMA0GCSqGSIb3DQEBCwUAA4IB
AQCxgxW0hZ1Ju0QmKxEiAiRs07sZ5x4BiE84w5JB8goFv8yn4jJTh5UJkDVw72Iq
OWOWXCkYZzCqAa/JUiVfUgOipKYyg8G9FmmrAIC6DV3WbNbQFhnn9fEw8g3TRfon
5wx4G8EPwmmgbGyzmYAVq+AVbq54phu76NghSDLO/4OSWkU9yeSbIFbpU5VtUn9s
7/N99AdhGcwemYqdEo2sU1eWFn4DyDqaIolJf47+VY0M7kQJ+6KYHArg4FgCUKRl
PvTs+wBFYT8vjDN+TEaLhbwQcopR0gEymq/VX3qsdOAXXVKSkVR9cWtyijMuINxp
t7UlvZhZrpXB959OJ315PryL
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:29:29 2025 by rpki-client