Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/uun5L09jXYEGXJtFrgW0cvRe_KQ.roa
File: uun5L09jXYEGXJtFrgW0cvRe_KQ.roa (raw, json)
Hash identifier: WnN/CnTVkPE7SxyO4PbdiYAhklcuoQlzHVaZbDdUOFQ=
Subject key identifier: BA:E9:F9:2F:4F:63:5D:81:06:5C:9B:45:AE:05:B4:72:F4:5E:FC:A4
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 0196009F1CC70E925C1AFF710C77FBFBA6E2
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/uun5L09jXYEGXJtFrgW0cvRe_KQ.roa
Signing time: Fri 04 Apr 2025 11:45:49 +0000
ROA not before: Fri 04 Apr 2025 11:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31042
IP address blocks: 5.22.160.0/19 maxlen: 19
94.127.0.0/21 maxlen: 21
94.127.0.0/24 maxlen: 24
185.20.36.0/22 maxlen: 24
217.26.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:9f:1c:c7:0e:92:5c:1a:ff:71:0c:77:fb:fb:a6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Apr 4 11:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bae9f92f4f635d81065c9b45ae05b472f45efca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:2f:31:81:f9:25:d3:9b:83:fd:ea:a8:f6:
e0:90:c3:98:13:09:19:83:74:c4:20:80:9d:b9:a5:
e6:1f:be:36:e8:bd:37:f6:f8:9c:b7:d3:09:bd:28:
3b:6b:0e:63:de:21:ae:a7:70:db:33:e7:d4:86:c1:
5a:68:79:55:06:25:0f:61:87:50:04:76:80:52:e6:
02:20:7e:b8:fd:ef:67:8e:8c:6b:91:f0:7d:14:d6:
eb:80:31:0d:53:33:73:05:cb:fb:ba:4f:1b:90:33:
6e:2e:b4:a2:76:9a:f2:7d:2f:c8:90:3d:93:21:28:
07:5c:5b:99:65:a9:53:f2:2b:b5:bb:c9:45:6e:5f:
c0:85:3d:7f:c2:05:4d:5c:73:3b:7e:00:8d:4c:17:
8a:14:86:75:da:8c:ef:81:74:27:94:5a:6e:f4:b7:
79:ea:64:55:bf:4f:45:41:85:63:72:5b:c9:73:e7:
ac:18:eb:b8:bb:ea:03:9e:ca:80:0b:f1:82:f2:31:
81:7b:34:c3:c2:4a:33:8b:e8:5a:75:9a:9f:e3:65:
1b:be:a4:11:93:bb:a6:22:91:30:0a:7b:8c:3d:90:
68:c2:ad:37:63:ac:c8:bf:e0:e0:0a:1c:7c:58:8a:
f6:dc:97:27:97:2a:2b:35:0f:ac:14:de:e2:bf:5b:
54:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E9:F9:2F:4F:63:5D:81:06:5C:9B:45:AE:05:B4:72:F4:5E:FC:A4
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/uun5L09jXYEGXJtFrgW0cvRe_KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
94.127.0.0/21
185.20.36.0/22
217.26.208.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:3b:ba:bd:1f:c9:6f:1a:84:39:87:7b:81:cf:e9:27:28:b1:
90:35:83:88:33:73:1f:5c:d1:00:c8:d9:99:cd:30:b8:0d:63:
01:cd:a2:3a:a6:53:ef:7a:54:09:ba:8f:3c:cc:3c:e2:86:d3:
98:e8:f5:48:c2:2d:89:08:71:4f:32:1e:50:8d:69:60:3d:e2:
8e:e1:ee:43:29:c3:09:38:28:ac:d0:ee:5e:e3:8a:17:47:0c:
05:b9:0c:b5:6c:d1:bf:06:a6:f7:c1:71:c2:70:e6:a0:17:47:
f9:1b:a0:be:f9:9f:45:f8:a8:dd:58:77:23:14:66:46:48:5e:
d6:93:3d:13:f2:8c:9f:e0:84:44:69:86:a9:af:5e:58:8a:0c:
33:14:a8:b9:de:a4:70:57:80:da:54:b3:5e:79:dd:20:d5:ab:
92:69:7d:69:97:e7:94:d0:58:80:81:38:8c:71:39:62:fe:ed:
4b:ae:ab:d7:ff:6e:43:01:90:f2:3d:71:b3:97:fc:0e:51:76:
32:a3:4d:fa:dc:d1:20:d1:53:9e:5c:e8:64:13:e0:c1:58:0c:
55:47:40:c1:eb:19:16:f3:97:99:fe:97:d4:68:e0:28:7f:40:
ac:24:fd:8f:05:03:f3:79:ad:bd:c7:fa:c1:72:2b:f1:b3:d2:
7c:f9:e3:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZYAnxzHDpJcGv9xDHf7+6biMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjUwNDA0MTE0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU5ZjkyZjRmNjM1ZDgxMDY1YzliNDVhZTA1YjQ3MmY0NWVmY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM4vMYH5JdObg/3qqPbgkMOYEwkZ
g3TEIICduaXmH7426L039vict9MJvSg7aw5j3iGup3DbM+fUhsFaaHlVBiUPYYdQ
BHaAUuYCIH64/e9njoxrkfB9FNbrgDENUzNzBcv7uk8bkDNuLrSidpryfS/IkD2T
ISgHXFuZZalT8iu1u8lFbl/AhT1/wgVNXHM7fgCNTBeKFIZ12ozvgXQnlFpu9Ld5
6mRVv09FQYVjclvJc+esGOu4u+oDnsqAC/GC8jGBezTDwkozi+hadZqf42UbvqQR
k7umIpEwCnuMPZBowq03Y6zIv+DgChx8WIr23JcnlyorNQ+sFN7iv1tU6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLrp+S9PY12BBlybRa4FtHL0XvykMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvdXVuNUwwOWpYWUVHWEp0RnJnVzBjdlJlX0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFBRagAwQD
Xn8AAwQCuRQkAwQD2RrQMA0GCSqGSIb3DQEBCwUAA4IBAQC1O7q9H8lvGoQ5h3uB
z+knKLGQNYOIM3MfXNEAyNmZzTC4DWMBzaI6plPvelQJuo88zDzihtOY6PVIwi2J
CHFPMh5QjWlgPeKO4e5DKcMJOCis0O5e44oXRwwFuQy1bNG/Bqb3wXHCcOagF0f5
G6C++Z9F+KjdWHcjFGZGSF7Wkz0T8oyf4IREaYapr15YigwzFKi53qRwV4DaVLNe
ed0g1auSaX1pl+eU0FiAgTiMcTli/u1LrqvX/25DAZDyPXGzl/wOUXYyo0363NEg
0VOeXOhkE+DBWAxVR0DB6xkW85eZ/pfUaOAof0CsJP2PBQPzea29x/rBcivxs9J8
+eNg
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:37 2025 by rpki-client