Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1UUsByoEofzjEeiAmIAz-WfMDBU.roa
File: 1UUsByoEofzjEeiAmIAz-WfMDBU.roa (raw, json)
Hash identifier: /7lgakegoy05PQfBI5+T4clOyf4KsMTGCdFLL/29XDY=
Subject key identifier: D5:45:2C:07:2A:04:A1:FC:E3:11:E8:80:98:80:33:F9:67:CC:0C:15
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01942827FB512DF347171135B84F77672D47
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1UUsByoEofzjEeiAmIAz-WfMDBU.roa
Signing time: Thu 02 Jan 2025 17:54:56 +0000
ROA not before: Thu 02 Jan 2025 17:54:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.0.0/20 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.17.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
46.19.64.0/22 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:fb:51:2d:f3:47:17:11:35:b8:4f:77:67:2d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 2 17:54:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5452c072a04a1fce311e880988033f967cc0c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3b:84:72:a3:44:e1:eb:3a:15:c0:44:63:fe:
cb:e4:43:99:9e:ac:76:c3:c3:fe:ca:b4:59:01:35:
54:7e:c0:77:2f:63:f0:ce:1a:20:57:f0:7f:12:46:
5c:a1:6a:17:20:9f:cd:10:f2:f5:d7:58:31:d8:d2:
52:42:e5:fb:12:63:87:b5:cf:bc:72:87:52:db:35:
c8:fb:41:12:d2:37:8d:77:13:1a:ba:f2:42:af:5d:
3c:ce:cb:e0:6e:45:ed:9d:56:7b:16:e7:1d:8e:9d:
a8:6c:16:b2:5a:98:38:4e:24:cf:72:89:03:ee:95:
bb:b0:6a:f2:89:e3:d6:52:61:97:8b:62:fe:3c:76:
cd:6b:83:1e:61:54:2f:66:a3:84:4a:bd:63:6b:79:
27:a8:ff:01:df:44:5f:24:9f:72:f3:46:48:d2:0a:
df:1f:ea:29:64:94:b6:d3:78:65:83:fe:10:8e:48:
00:1b:f4:35:26:26:0d:8e:9c:81:cb:31:52:6b:28:
30:54:1d:66:af:13:46:c7:79:a9:57:6d:38:de:64:
0f:b5:4a:6c:63:bc:ac:0d:c9:f3:ba:df:aa:12:b4:
32:61:8c:57:b6:06:93:94:97:9e:0a:cb:92:ca:32:
01:bf:91:ed:06:ea:35:87:38:2c:07:3f:bf:26:96:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:45:2C:07:2A:04:A1:FC:E3:11:E8:80:98:80:33:F9:67:CC:0C:15
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1UUsByoEofzjEeiAmIAz-WfMDBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0/22
141.98.234.0/24
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:86:bb:92:23:f6:71:ab:a6:fe:1c:44:09:1a:a1:a8:1b:4f:
2b:a8:7e:53:09:16:e4:bd:65:43:cf:1a:18:54:df:bc:2c:f9:
b6:32:51:85:7f:49:66:6b:13:94:c4:f2:25:cd:10:8d:27:a6:
a1:04:78:18:82:ff:9f:26:60:dd:88:fb:1b:39:0d:f8:38:b7:
33:5e:70:cb:5a:47:83:68:13:79:fc:c2:29:68:93:16:e7:be:
8f:9d:92:bd:b3:77:4c:f5:8d:70:85:41:cb:4f:0e:f3:82:3b:
22:75:5b:90:3d:6b:b8:ab:12:7b:3b:74:41:e0:37:28:72:32:
e7:8d:6f:e8:6b:5a:c2:1c:e8:9d:e3:e7:31:ee:1a:25:4f:3e:
3b:4f:ab:99:11:a6:15:2e:e7:35:29:a1:26:75:df:ea:bd:1d:
68:ae:fe:02:a9:1c:32:e0:83:8c:9a:12:2c:ef:f2:df:42:89:
10:2f:a1:77:8e:05:0e:04:ef:1c:91:0b:96:8d:3a:fc:35:6d:
7b:a1:36:19:48:c7:8d:7d:80:5d:f4:c4:a1:ec:79:2d:1f:6c:
ae:2c:1f:98:79:cb:a1:8c:01:65:4c:8c:a8:bf:77:2e:0f:c8:
47:29:76:7d:5b:bb:30:7d:a7:7f:0f:79:8f:f3:56:b4:a8:cc:
e9:bc:1e:71
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQoJ/tRLfNHFxE1uE93Zy1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjUwMTAyMTc1NDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ1MmMwNzJhMDRhMWZjZTMxMWU4ODA5ODgwMzNmOTY3Y2MwYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TuEcqNE4es6FcBEY/7L5EOZnqx2
w8P+yrRZATVUfsB3L2PwzhogV/B/EkZcoWoXIJ/NEPL111gx2NJSQuX7EmOHtc+8
codS2zXI+0ES0jeNdxMauvJCr108zsvgbkXtnVZ7Fucdjp2obBayWpg4TiTPcokD
7pW7sGryiePWUmGXi2L+PHbNa4MeYVQvZqOESr1ja3knqP8B30RfJJ9y80ZI0grf
H+opZJS203hlg/4QjkgAG/Q1JiYNjpyByzFSaygwVB1mrxNGx3mpV2043mQPtUps
Y7ysDcnzut+qErQyYYxXtgaTlJeeCsuSyjIBv5HtBuo1hzgsBz+/JpZKXwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNVFLAcqBKH84xHogJiAM/lnzAwVMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMVVVc0J5b0VvZnpqRWVpQW1JQXotV2ZNREJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNMAsDAwAfgQME
AB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQCLhNAMAwDBARRyJADBAFR
yJwDBAJextgDBACNYuoDBAG5psQwDQYJKoZIhvcNAQELBQADggEBAG+Gu5Ij9nGr
pv4cRAkaoagbTyuoflMJFuS9ZUPPGhhU37ws+bYyUYV/SWZrE5TE8iXNEI0npqEE
eBiC/58mYN2I+xs5Dfg4tzNecMtaR4NoE3n8wilokxbnvo+dkr2zd0z1jXCFQctP
DvOCOyJ1W5A9a7irEns7dEHgNyhyMueNb+hrWsIc6J3j5zHuGiVPPjtPq5kRphUu
5zUpoSZ13+q9HWiu/gKpHDLgg4yaEizv8t9CiRAvoXeOBQ4E7xyRC5aNOvw1bXuh
NhlIx419gF30xKHseS0fbK4sH5h5y6GMAWVMjKi/dy4PyEcpdn1buzB9p38PeY/z
VrSozOm8HnE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:46:53 2025 by rpki-client