Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/TQyjECyEBDxHd5gx-OyJlZ_34yY.roa
File: TQyjECyEBDxHd5gx-OyJlZ_34yY.roa (raw, json)
Hash identifier: M5RNaPyCpCIK/N3qNnK5z9iSP22MQyKR8Rdy90hwwOM=
Subject key identifier: 4D:0C:A3:10:2C:84:04:3C:47:77:98:31:F8:EC:89:95:9F:F7:E3:26
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 01942669F3B0A1B92A7A75F023179893C5BA
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/TQyjECyEBDxHd5gx-OyJlZ_34yY.roa
Signing time: Thu 02 Jan 2025 09:47:45 +0000
ROA not before: Thu 02 Jan 2025 09:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48519
IP address blocks: 185.119.136.0/22 maxlen: 24
195.253.48.0/22 maxlen: 22
195.253.52.0/23 maxlen: 23
195.253.65.0/24 maxlen: 24
195.253.66.0/24 maxlen: 24
195.253.84.0/22 maxlen: 22
195.253.88.0/23 maxlen: 23
195.253.90.0/23 maxlen: 23
195.253.96.0/19 maxlen: 24
2a01:5b0:2::/48 maxlen: 48
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:6::/48 maxlen: 48
2a01:5b0:8::/46 maxlen: 48
2a01:5b0:10::/45 maxlen: 48
2a01:5b0:12::/47 maxlen: 47
2a01:5b0:20::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:f3:b0:a1:b9:2a:7a:75:f0:23:17:98:93:c5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Jan 2 09:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0ca3102c84043c47779831f8ec89959ff7e326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:e5:1d:90:7b:6f:12:88:11:ef:8a:8b:15:
2d:96:d1:ab:86:e8:db:72:2a:61:49:6f:29:87:1d:
22:13:ba:ee:19:3b:dd:c1:22:83:1f:10:25:68:be:
f8:f4:d5:d8:ca:29:9b:0e:de:06:09:dc:f4:f4:87:
60:97:01:b3:17:b6:d8:44:f8:7d:ff:ad:19:5d:bb:
0a:2a:95:38:bd:a4:e4:c8:3c:2d:76:59:d9:02:84:
d9:c5:1a:dc:5d:94:73:d8:04:c7:5e:3b:7a:0a:25:
54:89:16:53:95:31:83:de:86:bd:98:ee:bd:60:68:
00:2f:fc:ec:09:42:9f:ca:72:05:0c:9c:f9:f7:e7:
44:7f:23:4a:c4:16:65:d6:01:71:ef:86:ed:24:9c:
95:9e:a5:cc:a8:ab:b4:03:c3:9d:14:13:fa:1e:f9:
b9:dd:56:c6:4c:75:be:2d:48:5c:ca:ad:23:65:19:
01:2b:c1:34:a5:f2:86:f8:a2:c1:b8:1c:c9:3e:fb:
48:d1:b8:2b:7a:02:a3:53:92:ef:74:4b:71:61:aa:
f4:5d:15:bb:69:76:27:14:f8:8f:0e:95:44:13:d2:
00:d8:60:aa:3f:9d:8d:e5:f9:7b:1f:4d:b4:40:2e:
a6:c2:89:3c:03:ca:ee:f7:07:e5:62:cc:95:7c:d4:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0C:A3:10:2C:84:04:3C:47:77:98:31:F8:EC:89:95:9F:F7:E3:26
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/TQyjECyEBDxHd5gx-OyJlZ_34yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
195.253.48.0-195.253.53.255
195.253.65.0-195.253.66.255
195.253.84.0-195.253.91.255
195.253.96.0/19
IPv6:
2a01:5b0:2::/48
2a01:5b0:5::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
2a01:5b0:8::/46
2a01:5b0:10::/45
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
66:68:0e:3b:99:d1:e6:03:fe:75:16:98:24:b9:22:b8:6d:97:
7c:3c:fa:45:05:8d:65:ce:70:1c:3c:89:2d:c6:30:46:ca:ca:
69:9d:f8:2d:6f:2c:39:59:e5:13:f4:fe:55:52:ac:3a:e9:ed:
da:80:c6:ab:d9:bc:42:54:86:fc:f1:c5:f4:a4:59:03:34:10:
24:93:c4:a9:05:ed:90:01:41:32:3c:c7:cd:03:95:3a:e1:9a:
02:dd:71:8e:74:01:56:08:8e:a5:c2:cb:35:29:d9:12:d6:7c:
21:e2:b3:68:8b:1d:0e:ae:f9:27:09:52:ec:71:e2:96:83:00:
86:29:cb:8f:84:20:73:6e:dd:35:7a:0e:8d:a8:bb:23:d7:e7:
41:f1:ba:09:3e:2e:f2:9e:fa:57:e1:e7:56:04:20:a8:58:d0:
c6:d5:bd:85:9b:38:7c:7c:a6:72:f2:2f:9c:51:7d:15:fd:86:
07:40:97:28:a2:07:49:7a:f8:32:4c:4b:f3:75:af:ef:fa:0a:
0d:58:1e:f6:19:23:37:fd:ad:29:19:69:c8:08:bc:60:ec:3e:
46:8b:93:75:38:73:22:8b:5a:8f:11:fd:64:c8:16:a0:68:cd:
45:ad:f4:c9:09:08:5d:94:4a:4e:db:86:db:9f:35:dc:c5:1b:
8b:bf:e6:32
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZQmafOwobkqenXwIxeYk8W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwMTAyMDk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBjYTMxMDJjODQwNDNjNDc3Nzk4MzFmOGVjODk5NTlmZjdlMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDHlHZB7bxKIEe+KixUtltGrhujb
ciphSW8phx0iE7ruGTvdwSKDHxAlaL749NXYyimbDt4GCdz09IdglwGzF7bYRPh9
/60ZXbsKKpU4vaTkyDwtdlnZAoTZxRrcXZRz2ATHXjt6CiVUiRZTlTGD3oa9mO69
YGgAL/zsCUKfynIFDJz59+dEfyNKxBZl1gFx74btJJyVnqXMqKu0A8OdFBP6Hvm5
3VbGTHW+LUhcyq0jZRkBK8E0pfKG+KLBuBzJPvtI0bgregKjU5LvdEtxYar0XRW7
aXYnFPiPDpVEE9IA2GCqP52N5fl7H020QC6mwok8A8ru9wflYsyVfNTfjwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFE0MoxAshAQ8R3eYMfjsiZWf9+MmMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvVFF5akVDeUVCRHhIZDVneC1PeUpsWl8zNHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MDwEAgABMDYDBAK5d4gw
DAMEBMP9MAMEAcP9NDAMAwQAw/1BAwQAw/1CMAwDBALD/VQDBALD/VgDBAXD/WAw
PgQCAAIwOAMHACoBBbAAAjASAwcAKgEFsAAFAwcAKgEFsAAGAwcCKgEFsAAIAwcD
KgEFsAAQAwcFKgEFsAAgMA0GCSqGSIb3DQEBCwUAA4IBAQBmaA47mdHmA/51Fpgk
uSK4bZd8PPpFBY1lznAcPIktxjBGysppnfgtbyw5WeUT9P5VUqw66e3agMar2bxC
VIb88cX0pFkDNBAkk8SpBe2QAUEyPMfNA5U64ZoC3XGOdAFWCI6lwss1KdkS1nwh
4rNoix0OrvknCVLsceKWgwCGKcuPhCBzbt01eg6NqLsj1+dB8boJPi7ynvpX4edW
BCCoWNDG1b2Fmzh8fKZy8i+cUX0V/YYHQJcoogdJevgyTEvzda/v+goNWB72GSM3
/a0pGWnICLxg7D5Gi5N1OHMii1qPEf1kyBagaM1FrfTJCQhdlEpO24bbnzXcxRuL
v+Yy
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:57:51 2025 by rpki-client