Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/UeaUMTENz6rEtOnCBMfG9gC-gkA.roa
File: UeaUMTENz6rEtOnCBMfG9gC-gkA.roa (raw, json)
Hash identifier: Gae4+Xp55CQ/qfOEbOd8MSojTwvPkhhJCtVDf0XS3FE=
Subject key identifier: 51:E6:94:31:31:0D:CF:AA:C4:B4:E9:C2:04:C7:C6:F6:00:BE:82:40
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0194282532B4B1F2C4962F7488DAB8677C19
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/UeaUMTENz6rEtOnCBMfG9gC-gkA.roa
Signing time: Thu 02 Jan 2025 17:51:53 +0000
ROA not before: Thu 02 Jan 2025 17:51:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199552
IP address blocks: 5.157.240.0/21 maxlen: 21
37.35.55.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
146.66.219.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
188.119.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:32:b4:b1:f2:c4:96:2f:74:88:da:b8:67:7c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 2 17:51:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51e69431310dcfaac4b4e9c204c7c6f600be8240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:d3:62:9e:04:28:5d:cb:62:5d:e8:0f:cb:
c6:b2:27:02:ef:d2:e7:42:66:3a:01:fc:86:6d:68:
81:09:15:9d:b7:ee:9c:45:be:d4:5a:01:1a:84:fa:
66:5f:e8:3e:54:73:86:5d:ef:22:e9:48:66:d9:55:
3f:56:c7:1d:dd:df:15:bc:f6:e5:a4:93:37:56:67:
11:19:9e:73:96:e3:d2:36:82:3b:e8:c3:a9:5c:d1:
27:86:02:73:ee:5d:93:0e:15:49:6e:ac:06:40:6b:
aa:52:91:c8:37:69:05:7f:96:df:cb:66:32:4c:86:
7f:85:62:9f:e6:b8:c3:16:1c:b8:61:31:48:a0:da:
62:0e:34:55:b7:d0:a2:ba:bf:81:42:73:f6:23:48:
cc:f3:cb:fc:87:3e:14:14:7f:0a:d9:2e:84:80:1c:
33:df:c6:d4:57:f1:85:50:79:ea:48:1a:aa:e3:68:
8f:ab:ab:0e:66:df:fa:38:d7:92:b1:2d:2d:bc:52:
de:8b:fe:45:6b:c8:75:8f:ae:c2:89:ba:d2:2d:74:
79:74:20:56:2b:a2:c4:76:3f:a3:16:11:f9:dc:ca:
a1:7c:07:75:6a:0a:c0:bd:21:f5:9d:0e:05:b1:17:
db:2f:e9:b8:fc:d2:d7:28:83:8b:3b:cc:f1:37:2e:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E6:94:31:31:0D:CF:AA:C4:B4:E9:C2:04:C7:C6:F6:00:BE:82:40
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/UeaUMTENz6rEtOnCBMfG9gC-gkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
146.66.218.0/23
178.157.92.0/24
178.157.125.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
65:dd:51:9d:ec:ce:a1:08:dd:76:f4:d9:56:b1:1e:9d:70:33:
33:2c:7f:a3:86:1d:03:00:41:64:f5:a6:36:f1:05:ee:1c:c1:
7b:0c:33:93:a1:7c:8f:26:12:d8:52:b5:1b:e3:e4:c3:0a:2f:
ec:f7:70:a0:57:ed:de:48:5c:0e:9c:2c:54:ff:93:98:b7:f6:
81:8c:69:15:14:0c:17:8d:6a:f8:b7:5c:3e:b5:0a:91:b6:78:
b9:ab:ef:a2:79:06:cb:0f:8f:45:59:0f:69:0f:a9:e5:54:63:
e6:b1:ea:be:b7:8e:2b:bd:bb:4a:ef:39:b6:6b:33:b8:3b:3b:
d9:e3:0c:af:7d:52:b4:b0:13:da:57:75:d6:06:7e:d7:41:e2:
05:ea:ec:c8:ea:c2:e8:a5:6d:a7:fb:69:46:0c:19:b9:6b:fc:
fc:33:a2:7e:d7:57:6f:80:ba:f1:0d:a5:98:e7:dd:2b:c5:f4:
b8:ec:af:d2:2b:dc:1d:b2:82:85:0c:d8:4e:a4:7a:d5:14:0a:
87:7f:00:27:fa:c6:7e:6b:d1:1a:2a:5b:b1:b9:eb:74:2f:37:
ce:02:bc:19:47:1b:c0:78:4e:47:2f:cc:07:07:63:d9:13:d5:
37:2f:4c:77:10:3e:d1:b0:d9:32:5c:1c:60:cc:fe:d6:72:26:
6e:27:58:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQoJTK0sfLEli90iNq4Z3wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTAyMTc1MTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWU2OTQzMTMxMGRjZmFhYzRiNGU5YzIwNGM3YzZmNjAwYmU4MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSXTYp4EKF3LYl3oD8vGsicC79Ln
QmY6AfyGbWiBCRWdt+6cRb7UWgEahPpmX+g+VHOGXe8i6Uhm2VU/Vscd3d8VvPbl
pJM3VmcRGZ5zluPSNoI76MOpXNEnhgJz7l2TDhVJbqwGQGuqUpHIN2kFf5bfy2Yy
TIZ/hWKf5rjDFhy4YTFIoNpiDjRVt9Ciur+BQnP2I0jM88v8hz4UFH8K2S6EgBwz
38bUV/GFUHnqSBqq42iPq6sOZt/6ONeSsS0tvFLei/5Fa8h1j67CibrSLXR5dCBW
K6LEdj+jFhH53MqhfAd1agrAvSH1nQ4FsRfbL+m4/NLXKIOLO8zxNy4AMQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFHmlDExDc+qxLTpwgTHxvYAvoJAMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvVWVhVU1URU56NnJFdE9uQ0JNZkc5Z0MtZ2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQAsp19AwQCvHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUA
A4IBAQBl3VGd7M6hCN129NlWsR6dcDMzLH+jhh0DAEFk9aY28QXuHMF7DDOToXyP
JhLYUrUb4+TDCi/s93CgV+3eSFwOnCxU/5OYt/aBjGkVFAwXjWr4t1w+tQqRtni5
q++ieQbLD49FWQ9pD6nlVGPmseq+t44rvbtK7zm2azO4OzvZ4wyvfVK0sBPaV3XW
Bn7XQeIF6uzI6sLopW2n+2lGDBm5a/z8M6J+11dvgLrxDaWY590rxfS47K/SK9wd
soKFDNhOpHrVFAqHfwAn+sZ+a9EaKluxuet0LzfOArwZRxvAeE5HL8wHB2PZE9U3
L0x3ED7RsNkyXBxgzP7WciZuJ1iv
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:34:39 2025 by rpki-client