Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/uYm5oYNq-JACxgzZxNgku-KZuSg.roa
File: uYm5oYNq-JACxgzZxNgku-KZuSg.roa (raw, json)
Hash identifier: mMvblRec/LXUeEQXaAaSvKQKI7NqUb/x663S4SMp3Ck=
Subject key identifier: B9:89:B9:A1:83:6A:F8:90:02:C6:0C:D9:C4:D8:24:BB:E2:99:B9:28
Certificate issuer: /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial: 0194266BAB7C4A87A41705D52457BEB75C39
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/uYm5oYNq-JACxgzZxNgku-KZuSg.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20495
IP address blocks: 84.244.128.0/18 maxlen: 18
84.244.128.0/19 maxlen: 32
84.244.160.0/19 maxlen: 32
92.48.192.0/18 maxlen: 18
92.48.192.0/19 maxlen: 19
92.48.192.0/20 maxlen: 32
92.48.208.0/20 maxlen: 32
92.48.224.0/19 maxlen: 19
92.48.224.0/20 maxlen: 32
92.48.240.0/20 maxlen: 32
217.148.160.0/19 maxlen: 19
217.148.160.0/20 maxlen: 32
217.148.176.0/20 maxlen: 32
2001:15c8::/32 maxlen: 32
2001:15c8::/33 maxlen: 128
2001:15c8:8000::/33 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ab:7c:4a:87:a4:17:05:d5:24:57:be:b7:5c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b989b9a1836af89002c60cd9c4d824bbe299b928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:84:ac:82:b8:32:f0:fe:1f:29:4b:95:06:7d:
d9:3a:bf:12:0b:7b:93:29:74:bf:f8:ca:88:c1:e6:
d5:82:3d:f9:88:a0:24:7b:3a:20:3b:ef:d3:03:91:
74:52:b1:22:ce:7f:29:4b:ff:6b:fd:30:11:c8:16:
0a:2c:a1:8d:e0:85:34:cb:8e:f6:46:01:aa:c9:de:
8f:02:82:74:06:24:42:b1:93:7e:4a:f2:ea:52:f0:
f5:d7:81:08:14:26:66:98:6f:c5:90:f4:69:f6:f1:
85:e4:04:bb:18:02:96:69:f0:a4:97:56:87:31:86:
cc:97:50:cd:bb:f3:cf:68:3b:3c:9f:58:25:43:14:
af:81:30:70:a1:1a:3c:17:2e:ed:dd:0d:21:dc:5c:
8c:90:3f:44:8e:3d:0d:da:65:3a:83:78:82:5a:d9:
6d:41:e4:97:fe:fe:fa:4e:bf:66:c1:da:f4:d6:e5:
47:d4:4c:44:fb:b8:69:35:3f:1f:e5:92:5e:da:95:
b1:90:bf:cc:a2:0b:cb:ff:02:91:03:54:f5:d3:2b:
8f:4b:fb:03:30:f5:0c:39:1c:cf:d3:ac:10:f4:72:
d8:88:66:32:83:c0:5a:24:2c:74:93:dd:98:73:b8:
e8:de:7b:b3:37:98:cc:7e:07:f7:9d:0c:d4:84:6d:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:89:B9:A1:83:6A:F8:90:02:C6:0C:D9:C4:D8:24:BB:E2:99:B9:28
X509v3 Authority Key Identifier:
keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/uYm5oYNq-JACxgzZxNgku-KZuSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.244.128.0/18
92.48.192.0/18
217.148.160.0/19
IPv6:
2001:15c8::/32
Signature Algorithm: sha256WithRSAEncryption
33:51:ca:e9:61:18:f9:a9:3f:57:87:8e:b1:a0:7f:08:77:07:
f6:13:20:50:88:50:50:37:80:71:bb:39:d0:6b:ab:44:c2:66:
7c:67:40:6d:3e:9b:33:4f:d7:db:10:6d:5e:5c:b7:70:f2:e0:
29:47:09:0f:d2:fd:d5:b7:05:83:03:ca:28:cf:6f:b1:98:9a:
00:4e:ec:67:f1:95:bb:7d:cf:85:5e:f7:e0:87:2f:ac:0c:31:
4b:f2:3c:5f:a2:e3:0c:0d:94:c5:0f:65:6d:2d:ff:13:d4:13:
40:af:0a:8b:6b:5e:71:56:c3:b2:21:87:b3:77:a8:cd:39:12:
5e:05:80:02:3b:1b:7a:46:8f:00:16:4d:68:2c:23:34:9d:4a:
69:fa:a0:02:14:c6:6e:76:ea:27:b1:43:a7:a8:ef:a4:f9:08:
60:68:cd:c9:86:25:e0:3b:0d:53:38:e0:89:19:fe:89:2f:ef:
68:ce:23:30:69:ca:10:f6:8f:d6:c8:75:4c:f2:50:a1:99:8d:
f1:29:1a:73:c8:41:ce:e5:8a:f4:d2:1b:69:8c:78:29:0c:d7:
4c:2c:83:d1:11:e0:30:44:cf:c5:7f:df:a3:7b:8a:33:dc:35:
b3:1a:bc:a7:b8:b2:cc:1e:ff:61:77:5d:4f:48:30:dd:98:68:
05:96:af:f9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma6t8SoekFwXVJFe+t1w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTFjZTVlMmY1M2I3YmI4Y2FjOGYzOWUyOTRlODlhNDVi
MjAwMjkwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg5YjlhMTgzNmFmODkwMDJjNjBjZDljNGQ4MjRiYmUyOTliOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54Ssgrgy8P4fKUuVBn3ZOr8SC3uT
KXS/+MqIwebVgj35iKAkezogO+/TA5F0UrEizn8pS/9r/TARyBYKLKGN4IU0y472
RgGqyd6PAoJ0BiRCsZN+SvLqUvD114EIFCZmmG/FkPRp9vGF5AS7GAKWafCkl1aH
MYbMl1DNu/PPaDs8n1glQxSvgTBwoRo8Fy7t3Q0h3FyMkD9Ejj0N2mU6g3iCWtlt
QeSX/v76Tr9mwdr01uVH1ExE+7hpNT8f5ZJe2pWxkL/MogvL/wKRA1T10yuPS/sD
MPUMORzP06wQ9HLYiGYyg8BaJCx0k92Yc7jo3nuzN5jMfgf3nQzUhG0dOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLmJuaGDaviQAsYM2cTYJLvimbkoMB8GA1UdIwQY
MBaAFGURzl4vU7e7jKyPOeKU6JpFsgApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYt
NWNiOTM0YTU1YjBkLzEvdVltNW9ZTnEtSkFDeGd6WnhOZ2t1LUtadVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYtNWNiOTM0YTU1YjBk
LzEvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGVPSAAwQG
XDDAAwQF2ZSgMA0EAgACMAcDBQAgARXIMA0GCSqGSIb3DQEBCwUAA4IBAQAzUcrp
YRj5qT9Xh46xoH8Idwf2EyBQiFBQN4BxuznQa6tEwmZ8Z0BtPpszT9fbEG1eXLdw
8uApRwkP0v3VtwWDA8ooz2+xmJoATuxn8ZW7fc+FXvfghy+sDDFL8jxfouMMDZTF
D2VtLf8T1BNArwqLa15xVsOyIYezd6jNORJeBYACOxt6Ro8AFk1oLCM0nUpp+qAC
FMZuduonsUOnqO+k+QhgaM3JhiXgOw1TOOCJGf6JL+9oziMwacoQ9o/WyHVM8lCh
mY3xKRpzyEHO5Yr00htpjHgpDNdMLIPREeAwRM/Ff9+je4oz3DWzGrynuLLMHv9h
d11PSDDdmGgFlq/5
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:52 2025 by rpki-client