Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/UVKqbvOHvCn6HoAzG1ux5mNYX9U.roa
File: UVKqbvOHvCn6HoAzG1ux5mNYX9U.roa (raw, json)
Hash identifier: zS7iofsDKAb9AZxOa/q1sMs1Br0lasrnbRlbpqfAq5w=
Subject key identifier: 51:52:AA:6E:F3:87:BC:29:FA:1E:80:33:1B:5B:B1:E6:63:58:5F:D5
Certificate issuer: /CN=6b92cf3390caa5879e759729cd9008c6eca55a27
Certificate serial: 019422FBBCEBCAAAE0C4B1ACDF7F784B4285
Authority key identifier: 6B:92:CF:33:90:CA:A5:87:9E:75:97:29:CD:90:08:C6:EC:A5:5A:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a5LPM5DKpYeedZcpzZAIxuylWic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/UVKqbvOHvCn6HoAzG1ux5mNYX9U.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 2.58.180.0/22 maxlen: 22
168.168.0.0/21 maxlen: 21
168.168.8.0/22 maxlen: 22
168.168.12.0/23 maxlen: 23
168.168.14.0/24 maxlen: 24
168.168.15.0/24 maxlen: 24
168.168.32.0/22 maxlen: 22
168.168.40.0/22 maxlen: 22
168.168.44.0/22 maxlen: 22
168.168.48.0/21 maxlen: 21
168.168.56.0/23 maxlen: 23
168.168.60.0/22 maxlen: 22
168.168.64.0/24 maxlen: 24
168.168.80.0/20 maxlen: 20
168.168.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/a5LPM5DKpYeedZcpzZAIxuylWic.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/a5LPM5DKpYeedZcpzZAIxuylWic.mft
rsync://rpki.ripe.net/repository/DEFAULT/a5LPM5DKpYeedZcpzZAIxuylWic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bc:eb:ca:aa:e0:c4:b1:ac:df:7f:78:4b:42:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b92cf3390caa5879e759729cd9008c6eca55a27
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5152aa6ef387bc29fa1e80331b5bb1e663585fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a1:c5:43:4c:9a:9d:2f:78:9c:91:47:e5:aa:
8c:47:55:b3:ef:41:16:8f:8f:23:05:c1:16:df:a8:
fc:5f:15:4a:cd:26:89:2b:02:66:05:cb:5b:f7:56:
26:c2:22:c9:e7:be:31:13:3c:49:b7:20:c4:22:e6:
38:fd:45:82:60:a7:4a:ec:66:91:72:d4:4f:57:2f:
41:c6:e8:f1:ba:b1:40:99:09:b3:f9:4d:bb:a5:44:
75:99:e7:c6:9b:33:84:6c:cc:26:4e:31:67:75:41:
57:f9:e5:64:49:a0:d6:6f:43:ca:b1:66:a8:1d:fa:
fe:19:61:f9:9d:d5:fa:92:f8:13:52:6b:77:a0:92:
95:3c:14:7d:2c:0d:9d:85:5f:3a:31:7d:6d:9b:c4:
6c:1e:4b:73:1e:29:93:e7:dd:b7:e0:6e:41:07:05:
bd:d8:ff:15:dc:11:4f:3f:c7:4e:91:47:2b:2e:e9:
b9:b2:ae:da:1f:f1:38:88:17:34:74:41:e5:5e:a7:
23:e5:db:a2:dc:61:e8:d0:29:d2:0a:ee:67:ee:26:
16:9b:60:7b:b9:68:b0:fa:c2:42:54:99:0d:6e:f1:
dd:5f:41:24:59:af:13:a0:e3:ce:5b:66:4b:96:29:
84:97:b6:f1:35:a9:85:57:55:24:6d:61:7d:5c:20:
d4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:52:AA:6E:F3:87:BC:29:FA:1E:80:33:1B:5B:B1:E6:63:58:5F:D5
X509v3 Authority Key Identifier:
keyid:6B:92:CF:33:90:CA:A5:87:9E:75:97:29:CD:90:08:C6:EC:A5:5A:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5LPM5DKpYeedZcpzZAIxuylWic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/UVKqbvOHvCn6HoAzG1ux5mNYX9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/12349e-5282-472a-ae52-2a06223623e0/1/a5LPM5DKpYeedZcpzZAIxuylWic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.180.0/22
168.168.0.0/20
168.168.32.0/22
168.168.40.0-168.168.57.255
168.168.60.0-168.168.64.255
168.168.80.0-168.168.127.255
Signature Algorithm: sha256WithRSAEncryption
7f:93:b8:44:51:3e:0f:88:73:26:54:9d:5a:27:8c:09:8a:ae:
5d:7c:77:a5:29:6b:ea:15:5f:12:d0:d4:d9:ff:87:7b:fa:2b:
9b:e6:43:43:fe:fd:87:ca:08:47:f7:41:5a:4b:03:fe:ba:b8:
1e:68:f9:8d:00:09:b6:76:92:3c:44:7d:76:dc:1c:c8:d6:f6:
9d:89:3a:2d:0f:27:43:e9:88:79:a3:c2:fa:13:25:24:39:1b:
9f:75:83:99:5e:9e:97:0a:99:52:ff:1e:2b:55:17:e0:2c:4e:
fa:b3:26:68:40:3e:3e:62:b3:41:ee:6f:95:5f:db:ef:cb:88:
0c:5a:1c:27:70:e3:57:67:0a:18:e6:09:4d:5c:b9:dc:3b:3f:
fc:93:39:3e:36:2e:09:b9:55:b7:b3:51:6b:1f:3b:2e:84:0f:
c5:ca:f4:c4:f3:bb:00:20:4e:0e:58:ae:ca:54:3a:7b:e8:7c:
fa:39:7e:d0:c9:a5:10:b9:83:c9:08:bd:4f:47:e9:f8:7d:29:
7b:22:4a:95:1f:6b:50:13:3f:95:02:80:9c:a9:49:77:71:cf:
9e:f3:be:2b:df:6d:38:01:5c:ce:63:b3:7c:fa:01:38:ef:1e:
cb:16:e0:e2:b2:5a:9b:f2:68:2e:e3:e9:32:f5:be:62:bd:0a:
7a:91:0a:07
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQi+7zryqrgxLGs3394S0KFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTJjZjMzOTBjYWE1ODc5ZTc1OTcyOWNkOTAwOGM2ZWNh
NTVhMjcwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTUyYWE2ZWYzODdiYzI5ZmExZTgwMzMxYjViYjFlNjYzNTg1ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqHFQ0yanS94nJFH5aqMR1Wz70EW
j48jBcEW36j8XxVKzSaJKwJmBctb91YmwiLJ574xEzxJtyDEIuY4/UWCYKdK7GaR
ctRPVy9BxujxurFAmQmz+U27pUR1mefGmzOEbMwmTjFndUFX+eVkSaDWb0PKsWao
Hfr+GWH5ndX6kvgTUmt3oJKVPBR9LA2dhV86MX1tm8RsHktzHimT59234G5BBwW9
2P8V3BFPP8dOkUcrLum5sq7aH/E4iBc0dEHlXqcj5dui3GHo0CnSCu5n7iYWm2B7
uWiw+sJCVJkNbvHdX0EkWa8ToOPOW2ZLlimEl7bxNamFV1UkbWF9XCDUUQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFFSqm7zh7wp+h6AMxtbseZjWF/VMB8GA1UdIwQY
MBaAFGuSzzOQyqWHnnWXKc2QCMbspVonMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVMUE01REtwWWVlZFpjcHpaQUl4dXlsV2ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xMjM0OWUtNTI4Mi00NzJhLWFlNTIt
MmEwNjIyMzYyM2UwLzEvVVZLcWJ2T0h2Q242SG9BekcxdXg1bU5ZWDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xMjM0OWUtNTI4Mi00NzJhLWFlNTItMmEwNjIyMzYyM2Uw
LzEvYTVMUE01REtwWWVlZFpjcHpaQUl4dXlsV2ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCAjq0AwQE
qKgAAwQCqKggMAwDBAOoqCgDBAGoqDgwDAMEAqioPAMEAKioQDAMAwQEqKhQAwQH
qKgAMA0GCSqGSIb3DQEBCwUAA4IBAQB/k7hEUT4PiHMmVJ1aJ4wJiq5dfHelKWvq
FV8S0NTZ/4d7+iub5kND/v2HyghH90FaSwP+urgeaPmNAAm2dpI8RH123BzI1vad
iTotDydD6Yh5o8L6EyUkORufdYOZXp6XCplS/x4rVRfgLE76syZoQD4+YrNB7m+V
X9vvy4gMWhwncONXZwoY5glNXLncOz/8kzk+Ni4JuVW3s1FrHzsuhA/FyvTE87sA
IE4OWK7KVDp76Hz6OX7QyaUQuYPJCL1PR+n4fSl7IkqVH2tQEz+VAoCcqUl3cc+e
874r3204AVzOY7N8+gE47x7LFuDislqb8mgu4+ky9b5ivQp6kQoH
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:52:12 2025 by rpki-client