Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/pUn0Uq0As5qGVatHVhYAiO9c15c.roa
File: pUn0Uq0As5qGVatHVhYAiO9c15c.roa (raw, json)
Hash identifier: zFUg1Tg3M8t9PqkUwQss8qAYej6NfRetpbuzCww3bkI=
Subject key identifier: A5:49:F4:52:AD:00:B3:9A:86:55:AB:47:56:16:00:88:EF:5C:D7:97
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0195A9D8C31624EC0AB4FD5308F6AEDB5E08
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/pUn0Uq0As5qGVatHVhYAiO9c15c.roa
Signing time: Tue 18 Mar 2025 15:21:50 +0000
ROA not before: Tue 18 Mar 2025 15:21:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31586
IP address blocks: 81.21.136.0/21 maxlen: 24
91.205.32.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
217.21.241.0/24 maxlen: 24
2a05:2500::/32 maxlen: 32
2a05:a282::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:d8:c3:16:24:ec:0a:b4:fd:53:08:f6:ae:db:5e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Mar 18 15:21:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a549f452ad00b39a8655ab4756160088ef5cd797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:d9:b9:ef:1e:66:e4:3e:3e:eb:ec:68:aa:
ef:18:57:e3:60:bd:0c:86:ec:38:d9:78:1b:96:e9:
9d:97:ad:57:2a:49:93:ac:22:b5:f6:5e:9b:da:22:
f7:4a:13:8f:dc:3b:38:5f:13:01:b8:00:e5:78:9a:
15:02:f5:1a:94:f6:f8:d9:8e:87:9c:57:2c:bd:09:
43:9a:e5:b6:68:8b:75:1c:82:36:67:57:da:31:35:
87:85:8c:b4:20:62:d6:9d:91:67:69:2b:c1:20:fc:
29:dd:17:69:6b:86:e5:09:85:ca:d2:ed:66:a6:24:
0c:a5:55:e4:88:61:28:6f:d2:e1:61:eb:9a:9a:6e:
fd:de:31:d0:d9:10:20:f4:96:d5:68:4c:67:d9:b5:
bc:f1:18:64:d3:b1:b8:c2:f3:71:63:05:ec:35:7c:
c2:9b:fb:8d:f0:39:3f:46:67:42:1c:2e:1e:96:8c:
a7:80:f3:6b:eb:2b:22:5d:88:94:6b:47:7d:cb:a7:
14:5a:ab:0c:52:7f:c9:2f:62:86:fd:68:a4:c9:9e:
93:97:3d:6c:34:d4:34:21:a0:0d:1a:a3:37:69:dc:
24:bd:9a:7b:65:a9:bf:0a:89:52:bd:90:87:90:38:
29:2d:e1:9b:e2:6b:1f:90:c4:03:44:c8:9c:c1:85:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:49:F4:52:AD:00:B3:9A:86:55:AB:47:56:16:00:88:EF:5C:D7:97
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/pUn0Uq0As5qGVatHVhYAiO9c15c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.136.0/21
91.205.32.0/22
141.255.180.0/22
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
193.93.172.0/22
217.21.241.0/24
IPv6:
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
90:1a:69:cb:21:31:65:62:7d:9a:a0:2e:e2:14:7f:1a:0e:a2:
13:e8:73:d5:47:78:59:2c:5c:e4:81:d8:8d:a2:90:4a:71:9e:
f6:4e:ee:ce:f9:f0:88:63:f5:65:72:88:f4:e7:20:f2:35:f7:
1f:42:aa:ef:d2:b1:8b:34:d4:7d:2c:cb:29:67:0e:87:75:ef:
d3:0a:88:d3:18:a1:e9:09:96:f6:19:d4:ba:d8:59:41:63:32:
b1:ed:6c:6e:e2:c9:d5:82:70:ed:4b:e3:75:fb:19:76:0a:05:
c4:9f:a0:03:a6:ca:0c:38:1d:06:e8:ca:4b:75:2c:81:f9:55:
d4:03:25:50:46:8c:18:36:66:13:42:93:a3:6f:52:5c:9a:df:
39:b7:cc:23:71:e5:c7:0c:b7:09:4c:5d:ca:3c:4e:ab:56:ab:
40:60:d1:d9:a3:29:07:1d:c1:e7:65:56:c5:a1:7c:1b:76:2f:
8b:71:b8:ee:e6:6d:8d:54:59:a0:43:8c:63:6f:72:ec:a6:2a:
8b:6b:93:04:1e:95:c8:81:fe:e7:fc:13:87:3e:54:27:55:89:
ed:38:d0:76:ec:3b:f4:c4:23:17:86:f7:97:36:25:90:fd:31:
89:a1:51:2d:ff:af:a9:80:29:62:e7:3a:5d:03:49:42:8c:a4:
88:b8:bf:a1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZWp2MMWJOwKtP1TCPau214IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwMzE4MTUyMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ5ZjQ1MmFkMDBiMzlhODY1NWFiNDc1NjE2MDA4OGVmNWNkNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/XZue8eZuQ+PuvsaKrvGFfjYL0M
huw42Xgblumdl61XKkmTrCK19l6b2iL3ShOP3Ds4XxMBuADleJoVAvUalPb42Y6H
nFcsvQlDmuW2aIt1HII2Z1faMTWHhYy0IGLWnZFnaSvBIPwp3Rdpa4blCYXK0u1m
piQMpVXkiGEob9LhYeuamm793jHQ2RAg9JbVaExn2bW88Rhk07G4wvNxYwXsNXzC
m/uN8Dk/RmdCHC4eloyngPNr6ysiXYiUa0d9y6cUWqsMUn/JL2KG/WikyZ6Tlz1s
NNQ0IaANGqM3adwkvZp7Zam/ColSvZCHkDgpLeGb4msfkMQDRMicwYX4uwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKVJ9FKtALOahlWrR1YWAIjvXNeXMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvcFVuMFVxMEFzNXFHVmF0SFZoWUFpTzljMTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDURWIAwQC
W80gAwQCjf+0AwQCuUXoAwQCuVRIAwQCuWnMAwQCuWnYAwQCwV2sAwQA2RXxMBQE
AgACMA4DBQAqBSUAAwUAKgWigjANBgkqhkiG9w0BAQsFAAOCAQEAkBppyyExZWJ9
mqAu4hR/Gg6iE+hz1Ud4WSxc5IHYjaKQSnGe9k7uzvnwiGP1ZXKI9Ocg8jX3H0Kq
79KxizTUfSzLKWcOh3Xv0wqI0xih6QmW9hnUuthZQWMyse1sbuLJ1YJw7UvjdfsZ
dgoFxJ+gA6bKDDgdBujKS3UsgflV1AMlUEaMGDZmE0KTo29SXJrfObfMI3Hlxwy3
CUxdyjxOq1arQGDR2aMpBx3B52VWxaF8G3Yvi3G47uZtjVRZoEOMY29y7KYqi2uT
BB6VyIH+5/wThz5UJ1WJ7TjQduw79MQjF4b3lzYlkP0xiaFRLf+vqYApYuc6XQNJ
QoykiLi/oQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:10 2025 by rpki-client