Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/UO07512-xyl7tPlxWkeH0XFHtjw.roa
File: UO07512-xyl7tPlxWkeH0XFHtjw.roa (raw, json)
Hash identifier: FGw3ypGv9x4G+fHO0s0Uxmz/ZFgsQL9y06qgJnZxgwQ=
Subject key identifier: 50:ED:3B:E7:5D:BE:C7:29:7B:B4:F9:71:5A:47:87:D1:71:47:B6:3C
Certificate issuer: /CN=40ef5849930cc9dd74211fb37e24118249a1fc40
Certificate serial: 01942748755A251A8361F651EFB152C36FDC
Authority key identifier: 40:EF:58:49:93:0C:C9:DD:74:21:1F:B3:7E:24:11:82:49:A1:FC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO9YSZMMyd10IR-zfiQRgkmh_EA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/UO07512-xyl7tPlxWkeH0XFHtjw.roa
Signing time: Thu 02 Jan 2025 13:50:47 +0000
ROA not before: Thu 02 Jan 2025 13:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13768
IP address blocks: 5.44.16.0/21 maxlen: 21
5.44.24.0/22 maxlen: 22
5.44.28.0/22 maxlen: 22
46.20.112.0/20 maxlen: 20
62.128.128.0/19 maxlen: 19
62.128.132.0/24 maxlen: 24
62.128.133.0/24 maxlen: 24
62.128.140.0/22 maxlen: 22
83.137.128.0/21 maxlen: 21
83.137.134.0/23 maxlen: 23
83.222.224.0/19 maxlen: 19
83.222.246.0/24 maxlen: 24
83.222.249.0/24 maxlen: 24
95.130.72.0/21 maxlen: 21
95.130.73.0/24 maxlen: 24
176.74.160.0/21 maxlen: 21
176.74.168.0/22 maxlen: 22
176.74.172.0/22 maxlen: 22
176.74.173.0/24 maxlen: 24
176.74.176.0/22 maxlen: 22
176.74.180.0/22 maxlen: 22
176.74.180.0/24 maxlen: 24
176.74.184.0/21 maxlen: 21
176.74.188.0/22 maxlen: 22
185.29.176.0/22 maxlen: 22
185.29.176.0/23 maxlen: 23
185.33.4.0/23 maxlen: 23
185.33.6.0/23 maxlen: 23
212.53.64.0/19 maxlen: 19
212.53.65.0/24 maxlen: 24
212.53.66.0/24 maxlen: 24
212.53.67.0/24 maxlen: 24
212.53.85.0/24 maxlen: 24
2a03:8a00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/QO9YSZMMyd10IR-zfiQRgkmh_EA.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/QO9YSZMMyd10IR-zfiQRgkmh_EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QO9YSZMMyd10IR-zfiQRgkmh_EA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:75:5a:25:1a:83:61:f6:51:ef:b1:52:c3:6f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ef5849930cc9dd74211fb37e24118249a1fc40
Validity
Not Before: Jan 2 13:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ed3be75dbec7297bb4f9715a4787d17147b63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:b7:c3:e9:75:ce:be:65:04:d5:c4:b3:77:
60:91:c1:3c:f0:f7:35:ef:cc:f5:fb:d6:f1:6a:5e:
ed:78:32:86:dd:51:76:69:75:eb:49:7e:80:70:a2:
a2:ec:7f:04:c6:9f:7c:8b:09:58:e8:f0:4a:13:12:
c9:15:20:6d:d4:00:0b:e4:33:00:e9:66:8f:0b:33:
9c:ab:d3:f5:29:17:79:3b:a3:5b:fd:69:73:0b:de:
0c:e2:e7:43:53:70:f1:dc:f9:7d:64:05:ab:d5:0b:
8e:3d:3d:2f:72:1e:73:09:28:85:f8:c3:2b:b7:a1:
bd:c9:e1:15:3f:fd:15:9b:69:33:8f:d5:ad:45:59:
29:68:b4:2f:8a:49:5e:eb:98:e7:4a:d3:a3:ee:6f:
93:ba:8c:ae:19:30:b6:e8:fe:ee:b6:12:31:24:92:
8f:78:61:8e:6d:bf:74:02:69:74:48:7c:ca:af:c7:
6d:98:a4:f4:43:f9:e9:78:0e:51:ca:b5:cd:9a:17:
3e:10:ae:f1:e6:23:05:3f:98:ba:ea:63:8b:60:79:
89:cf:95:9b:70:37:3e:b2:fb:15:59:93:47:aa:c1:
b8:29:1f:cc:8e:42:46:c4:a9:df:31:9f:7a:28:f4:
f1:0b:57:6f:fb:98:82:0e:0d:62:e2:2d:c2:43:b7:
84:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:ED:3B:E7:5D:BE:C7:29:7B:B4:F9:71:5A:47:87:D1:71:47:B6:3C
X509v3 Authority Key Identifier:
keyid:40:EF:58:49:93:0C:C9:DD:74:21:1F:B3:7E:24:11:82:49:A1:FC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO9YSZMMyd10IR-zfiQRgkmh_EA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/UO07512-xyl7tPlxWkeH0XFHtjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/QO9YSZMMyd10IR-zfiQRgkmh_EA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.16.0/20
46.20.112.0/20
62.128.128.0/19
83.137.128.0/21
83.222.224.0/19
95.130.72.0/21
176.74.160.0/19
185.29.176.0/22
185.33.4.0/22
212.53.64.0/19
IPv6:
2a03:8a00::/36
Signature Algorithm: sha256WithRSAEncryption
51:2c:98:17:ec:53:01:dc:53:df:94:d7:bc:c3:bb:9f:f7:38:
69:93:f8:c6:f3:90:4a:78:f0:2b:00:65:17:89:66:69:bd:05:
bb:ac:5e:db:a2:9d:29:f1:89:6a:7b:da:ae:ba:b5:1e:35:8d:
d9:c4:40:4d:d3:9e:bd:e2:dd:32:4a:48:84:6a:ec:06:48:0c:
e0:2c:11:54:7e:95:57:ef:9f:a7:9c:ea:df:ba:30:cc:96:13:
8f:39:66:87:a2:fa:4e:2b:70:9a:c0:db:93:83:0d:f8:90:73:
0e:71:ae:81:50:9a:6a:71:59:9a:14:d4:3e:2a:b9:34:13:ae:
48:05:bc:0d:0e:ed:e4:a1:80:e3:42:ea:b3:75:fc:57:83:35:
9c:83:ed:75:b7:3e:2e:b2:56:42:47:27:ed:61:9b:5b:3d:19:
08:95:89:8e:05:71:b3:c9:a2:b3:9a:d4:44:25:99:a1:0e:aa:
e0:8a:aa:ad:31:0e:e2:b2:3c:f2:37:eb:b4:ed:6b:b6:db:2a:
78:62:7a:e9:af:18:ed:fe:18:ab:7d:05:d3:87:ee:38:48:27:
e3:2b:fb:22:49:30:b1:5e:9c:0a:b2:90:c3:46:65:24:df:e3:
ae:e6:78:af:77:60:48:d6:f4:88:31:4c:51:a5:d6:79:67:4f:
72:6e:fc:48
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQnSHVaJRqDYfZR77FSw2/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWY1ODQ5OTMwY2M5ZGQ3NDIxMWZiMzdlMjQxMTgyNDlh
MWZjNDAwHhcNMjUwMTAyMTM1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVkM2JlNzVkYmVjNzI5N2JiNGY5NzE1YTQ3ODdkMTcxNDdiNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBG3w+l1zr5lBNXEs3dgkcE88Pc1
78z1+9bxal7teDKG3VF2aXXrSX6AcKKi7H8Exp98iwlY6PBKExLJFSBt1AAL5DMA
6WaPCzOcq9P1KRd5O6Nb/WlzC94M4udDU3Dx3Pl9ZAWr1QuOPT0vch5zCSiF+MMr
t6G9yeEVP/0Vm2kzj9WtRVkpaLQvikle65jnStOj7m+TuoyuGTC26P7uthIxJJKP
eGGObb90Aml0SHzKr8dtmKT0Q/npeA5RyrXNmhc+EK7x5iMFP5i66mOLYHmJz5Wb
cDc+svsVWZNHqsG4KR/MjkJGxKnfMZ96KPTxC1dv+5iCDg1i4i3CQ7eErQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFDtO+ddvscpe7T5cVpHh9FxR7Y8MB8GA1UdIwQY
MBaAFEDvWEmTDMnddCEfs34kEYJJofxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU85WVNaTU15ZDEwSVItemZpUVJna21oX0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lZWEyMWEtYzlkMy00YzZkLTlhNTIt
OWIyYzZiMDhhODRhLzEvVU8wNzUxMi14eWw3dFBseFdrZUgwWEZIdGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lZWEyMWEtYzlkMy00YzZkLTlhNTItOWIyYzZiMDhhODRh
LzEvUU85WVNaTU15ZDEwSVItemZpUVJna21oX0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBCBAIAATA8AwQEBSwQAwQE
LhRwAwQFPoCAAwQDU4mAAwQFU97gAwQDX4JIAwQFsEqgAwQCuR2wAwQCuSEEAwQF
1DVAMA4EAgACMAgDBgQqA4oAADANBgkqhkiG9w0BAQsFAAOCAQEAUSyYF+xTAdxT
35TXvMO7n/c4aZP4xvOQSnjwKwBlF4lmab0Fu6xe26KdKfGJanvarrq1HjWN2cRA
TdOeveLdMkpIhGrsBkgM4CwRVH6VV++fp5zq37owzJYTjzlmh6L6TitwmsDbk4MN
+JBzDnGugVCaanFZmhTUPiq5NBOuSAW8DQ7t5KGA40Lqs3X8V4M1nIPtdbc+LrJW
Qkcn7WGbWz0ZCJWJjgVxs8mis5rURCWZoQ6q4IqqrTEO4rI88jfrtO1rttsqeGJ6
6a8Y7f4Yq30F04fuOEgn4yv7IkkwsV6cCrKQw0ZlJN/jruZ4r3dgSNb0iDFMUaXW
eWdPcm78SA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:35 2025 by rpki-client