Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/UdEEZQE09FsGfYOWUhVww5xs81M.roa
File: UdEEZQE09FsGfYOWUhVww5xs81M.roa (raw, json)
Hash identifier: 6mSyURdhs/eGBTOXFJi0QulmUdFyZbb3K6nx0/FAyzo=
Subject key identifier: 51:D1:04:65:01:34:F4:5B:06:7D:83:96:52:15:70:C3:9C:6C:F3:53
Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Certificate serial: 019424B3B141C20709FA34CDA88EF6ED3BED
Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/UdEEZQE09FsGfYOWUhVww5xs81M.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 91.102.104.0/21 maxlen: 21
91.102.106.0/24 maxlen: 24
91.102.107.0/24 maxlen: 24
185.20.148.0/22 maxlen: 22
185.20.148.0/24 maxlen: 24
185.20.149.0/24 maxlen: 24
185.20.150.0/24 maxlen: 24
185.20.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 19:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b1:41:c2:07:09:fa:34:cd:a8:8e:f6:ed:3b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51d104650134f45b067d8396521570c39c6cf353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f9:ab:ee:ad:4e:a0:c2:73:83:98:80:37:af:
1b:05:08:b4:dd:43:9b:ea:6e:8b:29:5c:d7:53:59:
b6:24:d4:86:7b:a1:e5:20:a1:74:4a:62:a5:88:4c:
b1:53:30:b5:3d:56:0a:a0:df:ce:37:99:01:f9:0c:
0b:f3:9d:6e:7c:35:cd:db:b0:d4:60:d5:c4:46:a6:
12:fd:84:7e:35:43:f1:14:91:1c:05:3c:6e:bd:17:
61:a9:a0:f2:35:a4:b2:63:19:a6:6c:71:15:40:d5:
2b:a0:e1:ad:e7:f6:c7:23:86:be:53:0b:6d:52:e5:
b2:71:29:5e:bb:48:f6:89:bd:45:5d:2b:c1:45:06:
8b:c6:fb:7d:4a:e0:f0:f3:72:1c:92:5b:c3:02:ff:
99:32:b9:46:59:0c:ad:c6:47:79:51:71:df:10:46:
ca:7d:63:b9:a1:f9:ab:cb:1b:ee:e5:7d:d1:87:fc:
2a:3e:e8:9a:6c:91:9d:55:18:04:31:6d:a4:7e:d5:
df:3b:d9:1f:eb:98:49:bf:8d:76:be:ca:c8:c5:e2:
ae:5f:68:29:d4:97:de:39:d5:bd:6b:e7:6b:93:c0:
0a:25:23:8a:b1:e4:42:1d:0b:25:ff:43:35:0d:07:
07:35:8e:71:77:d2:b5:f0:5a:2b:29:6c:b9:60:14:
d7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D1:04:65:01:34:F4:5B:06:7D:83:96:52:15:70:C3:9C:6C:F3:53
X509v3 Authority Key Identifier:
keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/UdEEZQE09FsGfYOWUhVww5xs81M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.104.0/21
185.20.148.0/22
Signature Algorithm: sha256WithRSAEncryption
41:1a:55:4d:d5:75:0a:88:cf:44:af:fd:dc:08:b4:c6:0e:46:
a8:92:f1:54:39:46:05:36:4e:ed:b4:b5:e3:34:05:fe:a4:02:
e2:78:ac:f3:b4:97:df:aa:ce:cd:8b:8d:ae:27:b4:f9:97:3d:
f2:a3:28:11:08:13:f1:dd:28:32:6d:a3:9e:54:ad:b9:34:ed:
91:bf:e6:12:0e:9d:40:3a:3a:c4:73:0d:55:dd:78:2c:ae:d8:
e6:86:42:03:51:d3:04:74:51:d0:66:4d:a4:d5:6d:08:d7:ea:
e4:e6:b5:3d:1e:3f:6d:67:80:7a:42:84:95:8b:f7:ef:0e:f1:
9c:c3:bc:13:e5:5d:b5:0e:ba:7a:0a:6d:bc:e7:79:16:ad:a0:
ee:92:6d:76:10:c7:f1:60:ad:68:4c:87:ce:ac:2e:ea:97:04:
2a:aa:2c:51:e5:6b:67:50:25:81:c6:c2:1d:61:69:ac:01:d8:
b0:7d:65:91:1a:8b:1e:22:4e:c7:13:dd:db:d8:03:d5:fd:e2:
43:1c:58:d6:b4:c3:3c:b8:35:bf:1d:a8:d2:1f:43:a8:cf:a1:
d5:29:cc:eb:a2:81:19:4d:25:70:59:ca:fd:08:b5:47:b4:48:
38:59:97:67:d3:48:83:6a:55:21:e8:7b:5f:76:6a:98:33:0e:
67:6b:89:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks7FBwgcJ+jTNqI727TvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll
YzViYjUwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQxMDQ2NTAxMzRmNDViMDY3ZDgzOTY1MjE1NzBjMzljNmNmMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPmr7q1OoMJzg5iAN68bBQi03UOb
6m6LKVzXU1m2JNSGe6HlIKF0SmKliEyxUzC1PVYKoN/ON5kB+QwL851ufDXN27DU
YNXERqYS/YR+NUPxFJEcBTxuvRdhqaDyNaSyYxmmbHEVQNUroOGt5/bHI4a+Uwtt
UuWycSleu0j2ib1FXSvBRQaLxvt9SuDw83IcklvDAv+ZMrlGWQytxkd5UXHfEEbK
fWO5ofmryxvu5X3Rh/wqPuiabJGdVRgEMW2kftXfO9kf65hJv412vsrIxeKuX2gp
1JfeOdW9a+drk8AKJSOKseRCHQsl/0M1DQcHNY5xd9K18ForKWy5YBTXxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFHRBGUBNPRbBn2DllIVcMOcbPNTMB8GA1UdIwQY
MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et
MWQ1OTFiYmQ0MDYwLzEvVWRFRVpRRTA5RnNHZllPV1VoVnd3NXhzODFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw
LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2ZoAwQC
uRSUMA0GCSqGSIb3DQEBCwUAA4IBAQBBGlVN1XUKiM9Er/3cCLTGDkaokvFUOUYF
Nk7ttLXjNAX+pALieKzztJffqs7Ni42uJ7T5lz3yoygRCBPx3SgybaOeVK25NO2R
v+YSDp1AOjrEcw1V3XgsrtjmhkIDUdMEdFHQZk2k1W0I1+rk5rU9Hj9tZ4B6QoSV
i/fvDvGcw7wT5V21Drp6Cm2853kWraDukm12EMfxYK1oTIfOrC7qlwQqqixR5Wtn
UCWBxsIdYWmsAdiwfWWRGoseIk7HE93b2APV/eJDHFjWtMM8uDW/HajSH0Ooz6HV
KczrooEZTSVwWcr9CLVHtEg4WZdn00iDalUh6HtfdmqYMw5na4n2
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:34:36 2025 by rpki-client