Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/PjUu5bdQ5PWje69bOUaYtU5-JO4.roa
File: PjUu5bdQ5PWje69bOUaYtU5-JO4.roa (raw, json)
Hash identifier: 0J6fRIkfSS+fP0MymnclU0pabDr1Ut5w0Q3G/sVuN0U=
Subject key identifier: 3E:35:2E:E5:B7:50:E4:F5:A3:7B:AF:5B:39:46:98:B5:4E:7E:24:EE
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0196394476B8A3D5D2C1EEF254AF80828B39
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/PjUu5bdQ5PWje69bOUaYtU5-JO4.roa
Signing time: Tue 15 Apr 2025 11:45:10 +0000
ROA not before: Tue 15 Apr 2025 11:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8391
IP address blocks: 194.77.54.0/23 maxlen: 23
195.138.32.0/20 maxlen: 24
195.138.54.0/24 maxlen: 24
195.138.56.0/21 maxlen: 24
195.253.0.0/16 maxlen: 24
195.253.6.0/24 maxlen: 24
195.253.96.0/19 maxlen: 24
2a01:5b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 17:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:44:76:b8:a3:d5:d2:c1:ee:f2:54:af:80:82:8b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Apr 15 11:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e352ee5b750e4f5a37baf5b394698b54e7e24ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:45:21:78:be:85:47:32:0c:19:47:d5:93:
8a:ce:ee:26:d8:4f:6c:b9:93:c6:0f:7f:7a:ef:1e:
4c:ec:3b:35:53:35:6b:f4:41:55:4b:d5:e0:40:8e:
63:b9:9b:29:56:e0:f9:ee:eb:56:8a:0c:95:51:29:
4e:a5:eb:95:dc:80:00:36:12:2f:eb:5b:71:b8:7a:
f2:f4:2c:89:df:51:c7:e1:b4:8a:40:0a:4a:c6:50:
38:a8:0c:b7:0a:87:56:6f:7b:b2:71:0c:69:29:60:
ec:67:40:56:bc:5c:e7:e5:33:23:31:1c:6b:31:a9:
b6:a7:1d:8e:c2:0d:82:88:d5:4c:5b:4c:25:a4:df:
01:98:38:3a:9e:3a:31:f8:43:6a:e9:df:87:f5:f7:
22:be:59:63:14:e0:9b:90:17:05:e0:23:4d:b5:89:
3e:d4:1f:58:e2:09:0c:06:98:0b:ce:e2:f3:14:5c:
25:bf:cb:bb:fa:30:4b:3b:e8:33:44:0a:36:2a:35:
c9:93:28:76:be:b8:56:0c:b6:14:52:e7:7b:b7:b4:
ad:1e:b7:b2:85:c6:44:e3:5e:d3:ca:c8:e5:87:38:
b8:1c:56:24:c5:c6:0f:0a:c9:06:2d:45:aa:17:b2:
f5:f0:e1:76:71:e2:82:7e:3f:a3:e9:07:f5:16:0e:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:35:2E:E5:B7:50:E4:F5:A3:7B:AF:5B:39:46:98:B5:4E:7E:24:EE
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/PjUu5bdQ5PWje69bOUaYtU5-JO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.77.54.0/23
195.138.32.0/20
195.138.54.0/24
195.138.56.0/21
195.253.0.0/16
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
24:8d:50:a5:76:18:bb:23:90:94:f9:69:69:d2:39:28:0e:fc:
ab:f6:b3:51:0d:6f:17:d0:3b:e7:eb:dd:64:8d:36:a1:78:3f:
3c:da:fb:ce:f2:20:74:cd:d4:70:a5:0d:cf:1c:a6:27:1e:10:
64:6d:53:c5:fb:b9:5b:29:2a:84:9f:04:13:e1:be:82:0f:ce:
ed:8b:4d:80:27:85:a6:c5:f0:1b:a5:8d:17:fc:28:80:f1:80:
aa:b9:3f:98:af:42:d6:e8:fc:21:7e:f2:bc:4e:3c:7d:2a:ae:
00:42:19:a0:81:fd:d4:bc:62:6b:d2:51:a1:ae:ec:db:a9:ed:
be:17:07:de:df:83:44:c1:0f:e7:fe:51:c0:fe:ac:b1:99:e1:
3c:62:6a:0d:ce:32:2f:de:ca:72:8b:3b:5b:1f:e9:c5:c6:3e:
8e:2f:61:2e:59:f1:f7:56:25:ee:ef:d1:8e:e1:74:b0:92:d9:
72:61:ea:fa:4d:0c:f6:c2:05:0f:c4:26:a6:00:f7:32:76:77:
a2:1e:1d:52:4c:e1:78:69:60:6b:a4:e8:ae:2e:06:de:85:ff:
af:51:70:82:10:de:f8:5e:a1:c1:67:49:f3:16:6f:cc:4a:3e:
12:5a:ac:83:04:45:07:34:57:11:ab:60:5d:ac:ba:19:0d:50:
cc:65:40:b4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZY5RHa4o9XSwe7yVK+Agos5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwNDE1MTE0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM1MmVlNWI3NTBlNGY1YTM3YmFmNWIzOTQ2OThiNTRlN2UyNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFBFIXi+hUcyDBlH1ZOKzu4m2E9s
uZPGD3967x5M7Ds1UzVr9EFVS9XgQI5juZspVuD57utWigyVUSlOpeuV3IAANhIv
61txuHry9CyJ31HH4bSKQApKxlA4qAy3CodWb3uycQxpKWDsZ0BWvFzn5TMjMRxr
Mam2px2Owg2CiNVMW0wlpN8BmDg6njox+ENq6d+H9fcivlljFOCbkBcF4CNNtYk+
1B9Y4gkMBpgLzuLzFFwlv8u7+jBLO+gzRAo2KjXJkyh2vrhWDLYUUud7t7StHrey
hcZE417Tysjlhzi4HFYkxcYPCskGLUWqF7L18OF2ceKCfj+j6Qf1Fg5DfwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFD41LuW3UOT1o3uvWzlGmLVOfiTuMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvUGpVdTViZFE1UFdqZTY5Yk9VYVl0VTUtSk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQBwk02AwQE
w4ogAwQAw4o2AwQDw4o4AwMAw/0wDQQCAAIwBwMFACoBBbAwDQYJKoZIhvcNAQEL
BQADggEBACSNUKV2GLsjkJT5aWnSOSgO/Kv2s1ENbxfQO+fr3WSNNqF4Pzza+87y
IHTN1HClDc8cpiceEGRtU8X7uVspKoSfBBPhvoIPzu2LTYAnhabF8BuljRf8KIDx
gKq5P5ivQtbo/CF+8rxOPH0qrgBCGaCB/dS8YmvSUaGu7Nup7b4XB97fg0TBD+f+
UcD+rLGZ4Txiag3OMi/eynKLO1sf6cXGPo4vYS5Z8fdWJe7v0Y7hdLCS2XJh6vpN
DPbCBQ/EJqYA9zJ2d6IeHVJM4XhpYGuk6K4uBt6F/69RcIIQ3vheocFnSfMWb8xK
PhJarIMERQc0VxGrYF2suhkNUMxlQLQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:54:00 2025 by rpki-client