Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/uaDvodSl9Qqt6SU3QvEP4PKpm0c.roa
File: uaDvodSl9Qqt6SU3QvEP4PKpm0c.roa (raw, json)
Hash identifier: KfFNiihZ95ffen8bkT+elj9FXLgX4E04ZxK55q4T9Kw=
Subject key identifier: B9:A0:EF:A1:D4:A5:F5:0A:AD:E9:25:37:42:F1:0F:E0:F2:A9:9B:47
Certificate issuer: /CN=1c37a9026e45b68fe4735a469b75636130ad125c
Certificate serial: 019423D6FAA95B7AF6E4F6B0EE03FF1D6F69
Authority key identifier: 1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/uaDvodSl9Qqt6SU3QvEP4PKpm0c.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210625
IP address blocks: 83.229.103.0/24 maxlen: 24
83.229.111.0/24 maxlen: 24
141.226.55.0/24 maxlen: 24
141.226.71.0/24 maxlen: 24
147.236.98.0/23 maxlen: 24
147.236.98.0/24 maxlen: 24
147.236.99.0/24 maxlen: 24
147.236.228.0/22 maxlen: 22
147.236.228.0/23 maxlen: 23
147.236.228.0/24 maxlen: 24
147.236.229.0/24 maxlen: 24
147.236.230.0/23 maxlen: 23
147.236.230.0/24 maxlen: 24
147.236.231.0/24 maxlen: 24
2a13:54c0::/29 maxlen: 36
2a13:54c1::/32 maxlen: 32
2a13:54c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 06:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fa:a9:5b:7a:f6:e4:f6:b0:ee:03:ff:1d:6f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c37a9026e45b68fe4735a469b75636130ad125c
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9a0efa1d4a5f50aade9253742f10fe0f2a99b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:c8:fa:a0:78:e6:e8:a4:df:fa:de:d0:fa:
38:83:18:f4:36:20:8e:eb:86:8e:4d:d0:f3:fa:e6:
fc:89:c0:19:f3:0d:4d:b7:a3:8b:ab:52:b1:1a:27:
0c:bd:cb:0d:9e:c3:15:f1:7d:14:48:38:ce:58:2d:
a9:ae:25:00:1a:17:09:2a:72:2a:04:db:37:a7:cb:
da:7f:63:a5:dc:46:ab:b5:f9:91:aa:3b:bb:f6:5e:
3c:36:91:d1:ad:52:21:74:36:3e:82:da:ee:76:a7:
96:57:15:53:e1:0c:ad:69:83:18:aa:19:15:18:8c:
5a:8b:40:7e:f1:d8:09:b7:9e:fa:e3:87:59:7b:8b:
e2:1f:1c:31:9f:10:dd:e6:50:aa:08:dd:e2:04:0f:
02:9e:29:b7:41:9f:41:63:0d:87:c7:fb:d6:77:6c:
d0:f9:91:a5:dc:04:c3:9b:7a:b6:0f:e0:a8:60:31:
3d:51:b4:f6:3b:e1:66:b2:6e:b7:b7:f6:7a:50:38:
f7:35:29:f8:a1:8f:79:66:bc:89:10:db:a9:68:03:
63:59:b8:85:72:db:c0:fe:cc:c0:74:4d:43:77:ca:
b5:38:8a:cc:75:44:00:52:64:52:a6:14:a0:f3:a8:
08:a9:db:36:08:bd:7d:d3:36:98:6f:35:f3:77:7d:
09:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A0:EF:A1:D4:A5:F5:0A:AD:E9:25:37:42:F1:0F:E0:F2:A9:9B:47
X509v3 Authority Key Identifier:
keyid:1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/uaDvodSl9Qqt6SU3QvEP4PKpm0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.103.0/24
83.229.111.0/24
141.226.55.0/24
141.226.71.0/24
147.236.98.0/23
147.236.228.0/22
IPv6:
2a13:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:52:de:31:c1:15:82:67:5a:67:8f:ed:1c:85:c7:71:64:a6:
6a:94:82:8f:16:cf:dd:db:41:74:81:37:d1:32:69:94:34:1b:
09:ab:f9:c3:7f:3d:1a:c9:49:1b:fb:46:c7:ab:f2:a7:d8:20:
d8:cf:bb:f0:37:63:e4:45:0d:f2:d1:20:a9:91:ec:ec:83:f3:
30:d3:ca:cc:19:76:fd:10:ed:36:a2:88:58:66:b8:54:9f:6b:
43:c3:63:d1:7c:9a:f7:14:d8:33:15:88:79:79:84:e3:ad:b8:
e1:6e:25:3c:00:bd:82:1a:49:5a:b9:9a:49:01:e0:ad:0d:3e:
24:f7:a3:3c:ba:0b:14:a5:84:6a:dd:37:6e:bd:ed:42:e5:e4:
3a:05:10:e7:be:9a:ae:a2:41:17:0c:48:a1:f1:73:e7:fe:1b:
dd:a2:2b:47:62:1b:96:d2:b0:1c:e3:72:8e:2d:7a:b5:29:c5:
ce:9a:7d:84:a3:47:16:41:f1:e9:23:72:2a:de:c0:91:23:6d:
aa:e5:c1:af:3b:0f:92:3e:1c:5d:9f:91:be:44:1a:be:c6:1e:
9a:e6:d2:48:7a:04:49:9f:e2:bd:d0:67:9b:a0:8c:a9:d7:46:
a3:0f:d9:6e:db:aa:4a:16:15:a3:79:82:ec:49:a5:0c:df:ac:
30:60:88:98
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQj1vqpW3r25Paw7gP/HW9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzdhOTAyNmU0NWI2OGZlNDczNWE0NjliNzU2MzYxMzBh
ZDEyNWMwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWEwZWZhMWQ0YTVmNTBhYWRlOTI1Mzc0MmYxMGZlMGYyYTk5YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H/I+qB45uik3/re0Po4gxj0NiCO
64aOTdDz+ub8icAZ8w1Nt6OLq1KxGicMvcsNnsMV8X0USDjOWC2priUAGhcJKnIq
BNs3p8vaf2Ol3EartfmRqju79l48NpHRrVIhdDY+gtrudqeWVxVT4QytaYMYqhkV
GIxai0B+8dgJt57644dZe4viHxwxnxDd5lCqCN3iBA8Cnim3QZ9BYw2Hx/vWd2zQ
+ZGl3ATDm3q2D+CoYDE9UbT2O+Fmsm63t/Z6UDj3NSn4oY95ZryJENupaANjWbiF
ctvA/szAdE1Dd8q1OIrMdUQAUmRSphSg86gIqds2CL190zaYbzXzd30JBwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLmg76HUpfUKreklN0LxD+DyqZtHMB8GA1UdIwQY
MBaAFBw3qQJuRbaP5HNaRpt1Y2EwrRJcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQt
NDhkNjcyOTczYjEzLzEvdWFEdm9kU2w5UXF0NlNVM1F2RVA0UEtwbTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQtNDhkNjcyOTczYjEz
LzEvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAU+VnAwQA
U+VvAwQAjeI3AwQAjeJHAwQBk+xiAwQCk+zkMA0EAgACMAcDBQMqE1TAMA0GCSqG
SIb3DQEBCwUAA4IBAQAWUt4xwRWCZ1pnj+0chcdxZKZqlIKPFs/d20F0gTfRMmmU
NBsJq/nDfz0ayUkb+0bHq/Kn2CDYz7vwN2PkRQ3y0SCpkezsg/Mw08rMGXb9EO02
oohYZrhUn2tDw2PRfJr3FNgzFYh5eYTjrbjhbiU8AL2CGklauZpJAeCtDT4k96M8
ugsUpYRq3Tduve1C5eQ6BRDnvpquokEXDEih8XPn/hvdoitHYhuW0rAc43KOLXq1
KcXOmn2Eo0cWQfHpI3Iq3sCRI22q5cGvOw+SPhxdn5G+RBq+xh6a5tJIegRJn+K9
0GeboIyp10ajD9lu26pKFhWjeYLsSaUM36wwYIiY
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:05:01 2025 by rpki-client