Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/UxrbY0WQv2NADExVudzKQAr6iuA.roa
File: UxrbY0WQv2NADExVudzKQAr6iuA.roa (raw, json)
Hash identifier: U3NZSaT7KIZfKV7/AaaizV0CJCIDXxXPZ7wcDUuv4hE=
Subject key identifier: 53:1A:DB:63:45:90:BF:63:40:0C:4C:55:B9:DC:CA:40:0A:FA:8A:E0
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0196341DF2B579F8F1CA372112250EB78616
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/UxrbY0WQv2NADExVudzKQAr6iuA.roa
Signing time: Mon 14 Apr 2025 11:44:59 +0000
ROA not before: Mon 14 Apr 2025 11:44:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49199
IP address blocks: 62.76.74.0/23 maxlen: 24
62.76.96.0/23 maxlen: 24
193.232.161.0/24 maxlen: 24
193.232.169.0/24 maxlen: 24
193.232.183.0/24 maxlen: 24
194.190.11.0/24 maxlen: 24
194.226.34.0/23 maxlen: 24
194.226.137.0/24 maxlen: 24
195.19.10.0/23 maxlen: 24
195.208.16.0/24 maxlen: 24
195.208.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:1d:f2:b5:79:f8:f1:ca:37:21:12:25:0e:b7:86:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Apr 14 11:44:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=531adb634590bf63400c4c55b9dcca400afa8ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a5:fe:dd:28:fb:a5:ec:60:f8:82:e8:68:00:
bd:3b:44:c8:92:ed:ee:f0:b8:83:de:0b:21:d0:b9:
b7:1a:f6:7b:17:ad:b1:06:dd:56:73:af:00:3e:2e:
d5:b1:7f:f8:83:b3:f1:1f:c4:c9:cc:e3:44:15:f1:
18:6d:28:50:06:eb:26:18:89:94:86:ab:3a:57:d0:
62:fd:a9:44:d8:93:9a:65:e8:a6:7e:eb:ac:df:90:
6a:20:88:1b:b8:24:ec:c9:2b:47:a7:58:d3:fa:21:
c6:1c:55:b4:78:0e:e8:de:42:eb:96:bd:e8:d7:ac:
6f:32:b5:88:7d:6b:d0:e5:8c:11:ec:a7:d4:d4:bd:
0e:01:be:88:83:28:3a:83:c6:99:1a:f8:ca:e2:77:
6e:d3:63:31:63:57:33:83:12:09:eb:60:bd:f4:50:
28:c1:b5:01:ec:45:f5:79:7c:0f:28:d4:5a:6e:dc:
ad:84:47:bf:c0:ca:6d:23:f8:e7:e0:5c:26:69:c1:
d8:f5:06:be:37:b6:ea:36:c0:a9:1d:26:08:b4:f2:
f0:d7:a2:c3:29:aa:2a:ff:9a:4d:de:ab:e2:34:1f:
a1:a4:15:42:68:e5:c2:07:84:ec:55:69:8e:9e:5d:
e5:59:43:70:47:de:c6:7e:2f:6d:e8:b1:2c:8c:36:
0c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1A:DB:63:45:90:BF:63:40:0C:4C:55:B9:DC:CA:40:0A:FA:8A:E0
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/UxrbY0WQv2NADExVudzKQAr6iuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.74.0/23
62.76.96.0/23
193.232.161.0/24
193.232.169.0/24
193.232.183.0/24
194.190.11.0/24
194.226.34.0/23
194.226.137.0/24
195.19.10.0/23
195.208.16.0/24
195.208.220.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:ab:a0:23:ac:0d:b7:c3:f0:e6:89:78:77:9a:b8:e5:3f:bf:
72:b4:60:d0:82:ce:93:e8:55:9a:45:6e:ba:5e:f2:88:2c:54:
55:3d:78:23:f4:ae:ed:cd:bb:2a:78:20:21:64:7a:1b:f4:71:
b8:8b:4f:75:a5:e9:d2:bf:14:62:3f:e0:09:66:90:cb:41:77:
ba:48:a8:27:02:0a:d2:24:fe:bc:35:b1:d9:06:32:27:2b:0b:
ec:4b:47:82:d0:b8:0b:21:69:cf:36:0f:85:38:2b:b9:26:50:
c3:e5:18:5e:26:9c:04:44:11:7f:fe:2d:5d:c9:90:0f:12:c3:
a5:35:d3:1c:bc:91:13:ff:37:cb:cd:6e:a4:0c:bb:f6:d9:fc:
63:e9:f1:ca:a8:ea:cc:e9:15:e1:6e:46:3a:cf:77:7d:d6:a5:
21:a8:5a:7b:cc:01:6f:22:94:85:af:67:0e:b1:05:a5:8a:0f:
80:29:b0:38:83:af:31:c9:8d:dd:06:e5:16:ba:12:ce:c5:d1:
63:88:b5:a6:42:50:f2:68:f9:bb:b2:fc:99:14:70:52:cc:5c:
14:bd:0d:2c:e0:a4:35:df:f6:62:f2:fa:48:b2:2f:31:9c:03:
4d:fd:b3:94:eb:7e:d0:d0:06:b5:79:c3:15:07:ca:6f:5a:dc:
91:f8:f8:29
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZY0HfK1efjxyjchEiUOt4YWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNDE0MTE0NDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFhZGI2MzQ1OTBiZjYzNDAwYzRjNTViOWRjY2E0MDBhZmE4YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqX+3Sj7pexg+ILoaAC9O0TIku3u
8LiD3gsh0Lm3GvZ7F62xBt1Wc68APi7VsX/4g7PxH8TJzONEFfEYbShQBusmGImU
hqs6V9Bi/alE2JOaZeimfuus35BqIIgbuCTsyStHp1jT+iHGHFW0eA7o3kLrlr3o
16xvMrWIfWvQ5YwR7KfU1L0OAb6Igyg6g8aZGvjK4ndu02MxY1czgxIJ62C99FAo
wbUB7EX1eXwPKNRabtythEe/wMptI/jn4FwmacHY9Qa+N7bqNsCpHSYItPLw16LD
Kaoq/5pN3qviNB+hpBVCaOXCB4TsVWmOnl3lWUNwR97Gfi9t6LEsjDYMPwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFMa22NFkL9jQAxMVbncykAK+orgMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvVXhyYlkwV1F2Mk5BREV4VnVkektRQXI2aXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBPkxKAwQB
PkxgAwQAweihAwQAweipAwQAwei3AwQAwr4LAwQBwuIiAwQAwuKJAwQBwxMKAwQA
w9AQAwQBw9DcMA0GCSqGSIb3DQEBCwUAA4IBAQALq6AjrA23w/DmiXh3mrjlP79y
tGDQgs6T6FWaRW66XvKILFRVPXgj9K7tzbsqeCAhZHob9HG4i091penSvxRiP+AJ
ZpDLQXe6SKgnAgrSJP68NbHZBjInKwvsS0eC0LgLIWnPNg+FOCu5JlDD5RheJpwE
RBF//i1dyZAPEsOlNdMcvJET/zfLzW6kDLv22fxj6fHKqOrM6RXhbkY6z3d91qUh
qFp7zAFvIpSFr2cOsQWlig+AKbA4g68xyY3dBuUWuhLOxdFjiLWmQlDyaPm7svyZ
FHBSzFwUvQ0s4KQ13/Zi8vpIsi8xnANN/bOU637Q0Aa1ecMVB8pvWtyR+Pgp
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:51:57 2025 by rpki-client