Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Uj9f4IMBhaHqTrTKSiJPLOEuUXY.roa
File: Uj9f4IMBhaHqTrTKSiJPLOEuUXY.roa (raw, json)
Hash identifier: BM3naWIqw85ohaDvPSxO7Ut5OjuXGJkv4mwMyMN/UKg=
Subject key identifier: 52:3F:5F:E0:83:01:85:A1:EA:4E:B4:CA:4A:22:4F:2C:E1:2E:51:76
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0194228E1112887A283FF3268D7947A65061
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Uj9f4IMBhaHqTrTKSiJPLOEuUXY.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51474
IP address blocks: 31.131.160.0/22 maxlen: 22
91.233.193.0/24 maxlen: 24
91.233.194.0/23 maxlen: 23
176.108.228.0/22 maxlen: 22
176.113.96.0/23 maxlen: 23
178.212.200.0/24 maxlen: 24
178.212.201.0/24 maxlen: 24
178.212.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:11:12:88:7a:28:3f:f3:26:8d:79:47:a6:50:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=523f5fe0830185a1ea4eb4ca4a224f2ce12e5176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:a4:bf:7b:12:bc:12:9c:ef:f6:1b:f5:fa:
7d:5b:2b:e9:4f:99:11:76:79:80:86:72:2b:f5:1a:
91:0a:4a:fd:5c:50:3a:bb:17:6e:d4:0c:06:7c:d5:
57:f3:41:bf:2f:6f:68:7a:5a:03:41:3e:b8:16:64:
6d:3a:d2:2d:ff:0a:0c:92:4b:da:ae:f0:d9:af:9f:
55:5a:30:fb:63:51:05:24:10:7c:94:8a:17:3f:00:
7b:87:54:fe:76:f8:8a:b3:90:d3:ce:a5:f5:76:c9:
0a:48:37:fd:64:ed:f3:6b:85:50:b4:cc:0e:37:34:
bd:42:19:4b:08:b3:98:b0:11:cd:d6:d8:1f:9a:a1:
10:90:ad:a6:8c:50:49:2f:dd:60:5b:af:b5:40:14:
a7:00:ea:25:3e:3c:cd:82:9e:8e:0a:14:ca:a7:2b:
ba:b1:d5:63:a2:6c:e1:38:2e:2c:e2:7b:6b:d6:86:
2f:f8:47:ed:e9:b4:f8:b5:4b:e5:c7:2e:44:ad:d4:
c5:d7:31:53:a5:20:e4:a6:42:74:56:b1:f3:71:4c:
6a:f9:d1:bd:ca:0c:42:37:e9:62:60:93:f3:46:5f:
ed:49:40:d2:76:00:4d:f4:c5:75:2a:4a:d7:a6:62:
c8:49:d1:1a:8b:47:0b:50:1c:de:ee:55:bc:ae:a5:
68:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3F:5F:E0:83:01:85:A1:EA:4E:B4:CA:4A:22:4F:2C:E1:2E:51:76
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Uj9f4IMBhaHqTrTKSiJPLOEuUXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.160.0/22
91.233.193.0-91.233.195.255
176.108.228.0/22
176.113.96.0/23
178.212.200.0/23
178.212.206.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ca:d5:3c:91:e8:0a:1e:8b:d1:bc:34:a8:b4:1c:d5:18:f4:
f1:b2:ac:64:bc:1c:37:54:f0:c7:62:02:72:7e:11:17:17:40:
38:ad:ff:47:14:1e:73:b9:8c:da:ea:34:53:58:06:7b:ae:a8:
5f:1e:e7:b5:61:45:e6:e3:55:50:22:b4:1f:5a:ba:b8:1c:85:
ab:e9:09:2e:b8:7e:29:43:d6:61:ee:3f:3e:31:ba:54:ba:0b:
53:22:93:ff:f9:cf:14:96:18:e4:3a:10:5e:ff:af:19:f0:1a:
a5:98:86:ac:d8:79:63:cc:b1:28:de:06:fb:90:f2:df:ff:73:
9f:b0:35:f7:17:a1:f2:37:07:96:84:25:8f:00:96:b7:e3:4d:
1b:60:fc:14:d7:3f:78:a9:f2:0f:f0:92:6b:f2:a1:cc:99:41:
8e:fa:de:be:c7:6e:53:f7:fa:08:79:12:1f:06:b3:e5:c5:0a:
93:92:8b:a4:79:77:95:47:1d:a6:fe:2a:ef:a4:a1:aa:b1:52:
d0:40:0e:11:d4:0a:3e:33:67:aa:a6:65:90:77:8a:6c:6c:ad:
e2:cb:75:6d:05:d9:42:62:34:28:7c:90:b7:29:26:11:9c:b0:
64:4e:f4:2d:0d:6b:ae:bd:d9:62:e2:ff:ff:d5:71:c0:a8:ad:
bb:49:fd:03
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQijhESiHooP/MmjXlHplBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNmNWZlMDgzMDE4NWExZWE0ZWI0Y2E0YTIyNGYyY2UxMmU1MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeekv3sSvBKc7/Yb9fp9WyvpT5kR
dnmAhnIr9RqRCkr9XFA6uxdu1AwGfNVX80G/L29oeloDQT64FmRtOtIt/woMkkva
rvDZr59VWjD7Y1EFJBB8lIoXPwB7h1T+dviKs5DTzqX1dskKSDf9ZO3za4VQtMwO
NzS9QhlLCLOYsBHN1tgfmqEQkK2mjFBJL91gW6+1QBSnAOolPjzNgp6OChTKpyu6
sdVjomzhOC4s4ntr1oYv+Eft6bT4tUvlxy5ErdTF1zFTpSDkpkJ0VrHzcUxq+dG9
ygxCN+liYJPzRl/tSUDSdgBN9MV1KkrXpmLISdEai0cLUBze7lW8rqVo1QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFI/X+CDAYWh6k60ykoiTyzhLlF2MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvVWo5ZjRJTUJoYUhxVHJUS1NpSlBMT0V1VVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCH4OgMAwD
BABb6cEDBAJb6cADBAKwbOQDBAGwcWADBAGy1MgDBACy1M4wDQYJKoZIhvcNAQEL
BQADggEBAD3K1TyR6Aoei9G8NKi0HNUY9PGyrGS8HDdU8MdiAnJ+ERcXQDit/0cU
HnO5jNrqNFNYBnuuqF8e57VhRebjVVAitB9aurgchavpCS64filD1mHuPz4xulS6
C1Mik//5zxSWGOQ6EF7/rxnwGqWYhqzYeWPMsSjeBvuQ8t//c5+wNfcXofI3B5aE
JY8AlrfjTRtg/BTXP3ip8g/wkmvyocyZQY763r7HblP3+gh5Eh8Gs+XFCpOSi6R5
d5VHHab+Ku+koaqxUtBADhHUCj4zZ6qmZZB3imxsreLLdW0F2UJiNCh8kLcpJhGc
sGRO9C0Na6692WLi///VccCorbtJ/QM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:00:30 2025 by rpki-client