Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1UOVK6SHNBUqV_EoOdGsn7fYXkc.roa
File: 1UOVK6SHNBUqV_EoOdGsn7fYXkc.roa (raw, json)
Hash identifier: uSgR1krFAUksGMcxC6wsSZ/myQfU6+vrjnBagGpW3nY=
Subject key identifier: D5:43:95:2B:A4:87:34:15:2A:57:F1:28:39:D1:AC:9F:B7:D8:5E:47
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195889F8339FEECC7467493C88B7C718A62
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1UOVK6SHNBUqV_EoOdGsn7fYXkc.roa
Signing time: Wed 12 Mar 2025 04:31:49 +0000
ROA not before: Wed 12 Mar 2025 04:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.213.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.19.0/24 maxlen: 24
151.242.21.0/24 maxlen: 24
151.242.68.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.72.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.243.109.0/24 maxlen: 24
151.243.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:88:9f:83:39:fe:ec:c7:46:74:93:c8:8b:7c:71:8a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 12 04:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d543952ba48734152a57f12839d1ac9fb7d85e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:70:bf:4d:df:39:7b:66:90:ca:25:1f:d8:6a:
65:b2:3f:0a:46:1a:be:e2:c9:f1:94:48:64:51:1b:
45:ad:57:37:d6:74:a6:a8:9f:94:72:b5:0f:8e:8e:
88:c6:72:46:f5:33:4f:1e:69:7a:cb:6e:b4:76:97:
4a:70:a9:3e:b5:80:ec:5f:25:26:c0:3a:85:2a:e1:
80:a1:ff:1f:f3:df:b1:da:d0:6e:85:93:77:9b:e7:
b2:9f:31:10:3c:a8:d0:0f:7b:69:d4:d9:d8:45:49:
ce:cc:d0:23:5b:17:ff:68:a1:c3:74:45:d9:ac:49:
e9:23:7c:4c:87:2d:bb:7f:35:04:36:80:c3:f0:fd:
a6:68:30:21:75:20:b6:b9:26:54:2e:41:9a:2f:b6:
34:fa:7f:88:7d:8b:23:4f:cf:0a:e9:43:75:5b:f3:
cd:b8:aa:db:9e:93:48:40:64:f7:18:f4:47:5f:5a:
90:4c:a9:74:47:49:fe:96:ce:36:66:28:b2:8a:b9:
0f:78:d1:a7:de:1a:44:d9:c4:a7:57:93:b0:64:02:
12:ed:be:94:1d:0c:39:e3:80:99:2d:4c:8a:17:e8:
74:15:42:f0:78:97:26:a0:91:d4:a3:68:f7:60:57:
56:25:6f:44:11:c3:d6:61:1a:24:bb:13:b5:b9:3f:
f9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:43:95:2B:A4:87:34:15:2A:57:F1:28:39:D1:AC:9F:B7:D8:5E:47
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1UOVK6SHNBUqV_EoOdGsn7fYXkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.213.0/24
37.202.221.0/24
151.242.18.0/23
151.242.21.0/24
151.242.68.0/24
151.242.70.0-151.242.72.255
151.243.107.0-151.243.110.255
Signature Algorithm: sha256WithRSAEncryption
24:c0:7c:bb:0e:66:e4:5f:bb:27:92:c8:e5:b9:81:d1:15:a9:
20:2f:12:81:4d:98:7c:37:85:94:05:61:9a:a6:f4:94:e5:cd:
0a:32:b7:47:51:3a:3d:39:43:a7:46:0c:a9:b2:94:2b:4e:87:
9b:e3:44:84:f5:90:83:ac:a9:fd:36:f7:b9:e0:86:95:cf:c9:
c2:b2:f4:fe:5a:bf:95:04:9f:54:a3:9e:f4:7b:a6:18:f6:ce:
27:b2:ec:56:f9:1b:b6:16:df:b5:59:e3:d4:25:96:48:fd:7b:
58:3e:c3:fa:3c:32:e3:75:ae:f1:81:ce:e2:34:32:4d:5f:2c:
5f:f9:0d:8d:d1:55:b8:23:3e:8c:6d:a6:17:eb:10:12:02:5c:
63:d7:ef:f8:72:69:f2:b9:e2:d4:56:bd:2a:0a:a0:9b:39:40:
ed:3e:ad:d7:c1:c9:ab:4c:5b:45:cc:3e:45:c5:94:f4:1d:63:
38:80:2e:92:8f:0b:47:e0:0c:17:36:a6:16:04:10:ea:7b:e2:
23:dc:44:d8:19:14:4e:8e:3d:16:e4:76:3b:d5:b0:bb:1a:65:
9a:0f:8f:e8:3f:d7:86:95:b4:2a:e3:05:d9:2b:9f:65:58:7f:
f5:b8:ed:62:cc:4f:83:80:54:f7:c1:3b:25:57:76:dc:14:b9:
29:fc:e9:4c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZWIn4M5/uzHRnSTyIt8cYpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEyMDQzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQzOTUyYmE0ODczNDE1MmE1N2YxMjgzOWQxYWM5ZmI3ZDg1ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63C/Td85e2aQyiUf2Gplsj8KRhq+
4snxlEhkURtFrVc31nSmqJ+UcrUPjo6IxnJG9TNPHml6y260dpdKcKk+tYDsXyUm
wDqFKuGAof8f89+x2tBuhZN3m+eynzEQPKjQD3tp1NnYRUnOzNAjWxf/aKHDdEXZ
rEnpI3xMhy27fzUENoDD8P2maDAhdSC2uSZULkGaL7Y0+n+IfYsjT88K6UN1W/PN
uKrbnpNIQGT3GPRHX1qQTKl0R0n+ls42ZiiyirkPeNGn3hpE2cSnV5OwZAIS7b6U
HQw544CZLUyKF+h0FULweJcmoJHUo2j3YFdWJW9EEcPWYRokuxO1uT/59wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNVDlSukhzQVKlfxKDnRrJ+32F5HMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMVVPVks2U0hOQlVxVl9Fb09kR3NuN2ZZWGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAJcrNAwQA
JcrVAwQAJcrdAwQBl/ISAwQAl/IVAwQAl/JEMAwDBAGX8kYDBACX8kgwDAMEAJfz
awMEAJfzbjANBgkqhkiG9w0BAQsFAAOCAQEAJMB8uw5m5F+7J5LI5bmB0RWpIC8S
gU2YfDeFlAVhmqb0lOXNCjK3R1E6PTlDp0YMqbKUK06Hm+NEhPWQg6yp/Tb3ueCG
lc/JwrL0/lq/lQSfVKOe9HumGPbOJ7LsVvkbthbftVnj1CWWSP17WD7D+jwy43Wu
8YHO4jQyTV8sX/kNjdFVuCM+jG2mF+sQEgJcY9fv+HJp8rni1Fa9KgqgmzlA7T6t
18HJq0xbRcw+RcWU9B1jOIAuko8LR+AMFzamFgQQ6nviI9xE2BkUTo49FuR2O9Ww
uxplmg+P6D/XhpW0KuMF2SufZVh/9bjtYsxPg4BU98E7JVd23BS5KfzpTA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:47 2025 by rpki-client