Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/uVBTeEzfoyB7JY96y5uQlYBoA00.roa
File: uVBTeEzfoyB7JY96y5uQlYBoA00.roa (raw, json)
Hash identifier: 1QuqtDmpz5L96A5DhcdUsvLbu6XhjJTyVS+t4jv+5BI=
Subject key identifier: B9:50:53:78:4C:DF:A3:20:7B:25:8F:7A:CB:9B:90:95:80:68:03:4D
Certificate issuer: /CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Certificate serial: 01942521A8C2042D83E647F3742BC03B51F9
Authority key identifier: 1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/uVBTeEzfoyB7JY96y5uQlYBoA00.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29144
IP address blocks: 185.76.200.0/23 maxlen: 23
185.76.200.0/24 maxlen: 24
185.76.201.0/24 maxlen: 24
185.76.202.0/23 maxlen: 23
185.76.202.0/24 maxlen: 24
185.76.203.0/24 maxlen: 24
194.0.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a8:c2:04:2d:83:e6:47:f3:74:2b:c0:3b:51:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b95053784cdfa3207b258f7acb9b90958068034d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:d3:96:4c:6d:93:3a:ba:63:a0:14:6c:be:
52:74:40:d3:51:f9:93:5c:27:a3:d2:1b:7f:2b:27:
ec:69:2a:a3:9c:58:ac:a1:c5:62:b9:67:52:ec:03:
65:3c:d6:ad:9b:bb:a6:2e:99:64:fe:8c:a5:24:e4:
88:9d:e7:68:d7:19:29:e1:4f:ff:f0:ab:7b:3e:8c:
a4:c2:f0:b7:e2:03:6c:a2:33:2e:fd:8c:28:62:a8:
c2:9e:05:11:bc:02:05:67:f7:93:7a:fd:2b:a6:57:
af:e3:5d:da:54:62:45:99:2b:66:7c:c3:26:24:ae:
90:07:f4:27:4a:c0:d9:5c:ab:89:43:e1:74:40:a7:
d8:17:97:81:c1:eb:25:66:43:35:bd:aa:5b:77:1f:
a5:de:55:06:18:c3:9f:69:8a:03:c6:ab:fb:0d:29:
b1:39:c3:21:a6:99:a4:a7:6f:d8:87:97:d7:92:cb:
cb:b8:5d:5c:f0:6d:31:1c:f9:28:a9:48:53:ea:43:
c9:00:5f:66:49:8b:7b:12:3d:7a:8f:12:f9:d5:8a:
90:9f:68:95:98:63:69:31:fe:3c:ba:8f:cc:b2:dd:
f8:5d:a4:15:e8:61:a3:53:80:cb:cf:93:63:d6:c6:
b9:5e:03:03:82:68:7d:ca:b0:47:8e:f7:93:4d:d2:
86:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:50:53:78:4C:DF:A3:20:7B:25:8F:7A:CB:9B:90:95:80:68:03:4D
X509v3 Authority Key Identifier:
keyid:1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/uVBTeEzfoyB7JY96y5uQlYBoA00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.200.0/22
194.0.142.0/24
Signature Algorithm: sha256WithRSAEncryption
71:72:15:d3:ca:5c:49:e0:c6:85:09:ce:ca:0e:b1:f7:d2:49:
dc:29:c9:bb:28:ca:04:e4:aa:c9:27:98:94:ab:5c:08:72:53:
7d:2f:d2:02:04:7a:e1:03:43:ac:66:74:f1:56:64:4b:5d:40:
48:17:4e:1b:9f:bf:61:cd:2e:29:06:ae:4a:6f:8d:88:d5:af:
bf:17:ec:7c:9d:c5:7f:1e:7d:46:e0:2f:0e:27:84:48:9a:f2:
bc:8a:67:26:53:2d:ab:57:ba:eb:02:98:4d:96:e9:28:9e:ea:
52:32:d0:34:e5:37:38:5e:c9:61:34:f3:c5:eb:2f:c2:9b:cf:
de:22:75:bd:44:f4:c5:f2:ea:cf:56:47:42:01:ea:a1:27:e1:
d3:ab:6f:0f:87:50:cb:c5:30:1e:e9:e9:ee:af:a1:71:97:82:
a9:9a:ee:59:85:f0:43:06:45:a0:f2:1e:ff:c5:5e:f3:72:12:
f9:11:98:c6:55:d9:6f:99:da:5d:b1:e6:bb:96:14:cd:e7:6f:
19:16:7d:67:41:d2:c4:d1:10:a7:d6:00:ab:ca:a5:9d:29:b6:
db:d2:1f:c6:4f:5a:8a:2b:a1:e5:48:32:ed:97:83:75:30:18:
de:1b:49:c4:80:b6:1f:50:d9:0f:00:ab:a1:ec:fb:3c:f1:97:
03:ff:42:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIajCBC2D5kfzdCvAO1H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTI1MDllNGYyYTczMGUxNjk5MzdkNDA4MzNiYjg5M2Vl
N2I5OGMwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUwNTM3ODRjZGZhMzIwN2IyNThmN2FjYjliOTA5NTgwNjgwMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw17Tlkxtkzq6Y6AUbL5SdEDTUfmT
XCej0ht/KyfsaSqjnFisocViuWdS7ANlPNatm7umLplk/oylJOSInedo1xkp4U//
8Kt7PoykwvC34gNsojMu/YwoYqjCngURvAIFZ/eTev0rplev413aVGJFmStmfMMm
JK6QB/QnSsDZXKuJQ+F0QKfYF5eBweslZkM1vapbdx+l3lUGGMOfaYoDxqv7DSmx
OcMhppmkp2/Yh5fXksvLuF1c8G0xHPkoqUhT6kPJAF9mSYt7Ej16jxL51YqQn2iV
mGNpMf48uo/Mst34XaQV6GGjU4DLz5Nj1sa5XgMDgmh9yrBHjveTTdKGPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLlQU3hM36MgeyWPesubkJWAaANNMB8GA1UdIwQY
MBaAFBoSUJ5PKnMOFpk31Agzu4k+57mMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMt
NDE5NmIwZWFjZDI3LzEvdVZCVGVFemZveUI3Slk5Nnk1dVFsWUJvQTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMtNDE5NmIwZWFjZDI3
LzEvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUzIAwQA
wgCOMA0GCSqGSIb3DQEBCwUAA4IBAQBxchXTylxJ4MaFCc7KDrH30kncKcm7KMoE
5KrJJ5iUq1wIclN9L9ICBHrhA0OsZnTxVmRLXUBIF04bn79hzS4pBq5Kb42I1a+/
F+x8ncV/Hn1G4C8OJ4RImvK8imcmUy2rV7rrAphNlukonupSMtA05Tc4XslhNPPF
6y/Cm8/eInW9RPTF8urPVkdCAeqhJ+HTq28Ph1DLxTAe6enur6Fxl4Kpmu5ZhfBD
BkWg8h7/xV7zchL5EZjGVdlvmdpdsea7lhTN528ZFn1nQdLE0RCn1gCryqWdKbbb
0h/GT1qKK6HlSDLtl4N1MBjeG0nEgLYfUNkPAKuh7Ps88ZcD/0IW
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:26:27 2025 by rpki-client