Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/UJACc2s1J5BaMpYznoUagPO6cuI.roa
File: UJACc2s1J5BaMpYznoUagPO6cuI.roa (raw, json)
Hash identifier: 5ImyJpj69YHNVaFZ4EKvt0GWM6aecM/AkpksMF5YZpU=
Subject key identifier: 50:90:02:73:6B:35:27:90:5A:32:96:33:9E:85:1A:80:F3:BA:72:E2
Certificate issuer: /CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Certificate serial: 0194D8C2B4C99EA699A487AD01297786C5CA
Authority key identifier: E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/UJACc2s1J5BaMpYznoUagPO6cuI.roa
Signing time: Thu 06 Feb 2025 00:57:06 +0000
ROA not before: Thu 06 Feb 2025 00:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35579
IP address blocks: 89.16.192.0/19 maxlen: 24
185.56.124.0/22 maxlen: 24
185.228.40.0/22 maxlen: 24
2a00:17e8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d8:c2:b4:c9:9e:a6:99:a4:87:ad:01:29:77:86:c5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Validity
Not Before: Feb 6 00:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=509002736b3527905a3296339e851a80f3ba72e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:91:71:d9:a8:10:c5:6c:a0:e4:49:78:fb:c4:
e7:73:17:ac:65:41:ff:c2:a0:72:16:b5:b9:0d:c8:
9b:10:25:f3:65:8a:d7:68:17:03:e3:5e:47:9e:24:
15:e5:d9:95:80:99:06:b5:d1:88:6c:17:e1:7f:4b:
0a:3e:28:a0:51:d6:6c:09:85:f5:59:b9:16:e6:5f:
0c:58:14:63:0f:e6:83:6e:d0:ec:ad:86:2a:86:69:
1b:b6:59:9b:ad:af:78:b8:48:5e:62:9a:9f:7a:4e:
5a:ec:d7:ce:da:49:5d:28:90:d5:8a:ec:c6:f1:4f:
da:44:94:00:f3:a8:ce:13:f7:83:3e:30:e4:78:c0:
7f:39:13:44:d4:42:57:34:b8:c7:65:13:28:cd:b1:
f4:89:9c:49:64:90:3d:8b:07:0f:7c:0d:b8:1c:99:
1b:67:3d:73:df:e6:81:5e:70:35:59:b8:3b:5d:6e:
2b:1c:09:66:01:dd:e6:63:d0:6b:f0:f8:b2:90:a9:
b5:5a:32:73:50:17:28:41:23:35:98:b3:cf:72:1c:
0e:f3:66:b5:b9:fc:eb:dd:f0:77:a0:a8:cc:9b:3c:
a6:67:f6:9b:cc:b7:e3:7c:64:ad:15:f3:5c:08:b4:
23:1f:a7:a9:81:d1:d6:dc:f6:85:ee:d0:53:33:bf:
96:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:90:02:73:6B:35:27:90:5A:32:96:33:9E:85:1A:80:F3:BA:72:E2
X509v3 Authority Key Identifier:
keyid:E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/UJACc2s1J5BaMpYznoUagPO6cuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.16.192.0/19
185.56.124.0/22
185.228.40.0/22
IPv6:
2a00:17e8::/29
Signature Algorithm: sha256WithRSAEncryption
39:e8:06:1b:78:40:76:d9:e9:9e:f8:e5:95:53:e4:5f:31:15:
53:8d:31:86:20:6d:cc:d9:ab:2d:a1:f0:a1:df:8e:b3:9c:a2:
5e:7f:04:9d:a8:53:2f:a9:86:bb:4f:a7:ee:cd:22:8c:57:6c:
6c:1c:33:78:2b:3c:2d:44:a2:3d:e4:f3:ef:3e:c3:2e:4f:0b:
3b:7b:9b:cb:d5:9c:ca:75:ae:ac:ae:55:59:97:bd:26:31:7e:
b8:96:b0:b5:00:a1:32:f1:9f:29:82:10:fb:04:85:dd:30:28:
5e:88:e9:a7:46:d3:6c:c0:a9:54:8b:3a:92:db:0b:56:7b:a5:
61:f8:f9:e5:16:cc:90:1c:36:77:d3:67:8b:d1:c5:dc:f7:37:
e3:a1:dd:24:d9:3c:56:8f:23:6a:19:bc:3d:a5:ad:d0:6b:ef:
24:29:f0:0a:0a:0f:1b:f3:65:da:f5:f2:3d:f3:cd:99:a2:3a:
1b:c1:de:32:c1:09:6a:07:38:db:55:24:42:62:05:f3:70:99:
2d:72:da:7a:b6:73:88:2b:06:f1:13:83:5b:e4:bf:30:19:40:
75:e8:64:9d:2a:08:e3:3d:f4:16:16:c6:95:12:b7:34:61:0e:
99:70:e7:e4:ea:37:06:2e:f3:7e:5f:ea:e5:4f:36:c9:7a:5a:
57:13:32:c0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZTYwrTJnqaZpIetASl3hsXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYmE0YjI4NjdkYWQzOGI3M2E0NjkxODI0MWVmYzcyYTIx
MjYyZjcwHhcNMjUwMjA2MDA1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDkwMDI3MzZiMzUyNzkwNWEzMjk2MzM5ZTg1MWE4MGYzYmE3MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZFx2agQxWyg5El4+8TncxesZUH/
wqByFrW5DcibECXzZYrXaBcD415HniQV5dmVgJkGtdGIbBfhf0sKPiigUdZsCYX1
WbkW5l8MWBRjD+aDbtDsrYYqhmkbtlmbra94uEheYpqfek5a7NfO2kldKJDViuzG
8U/aRJQA86jOE/eDPjDkeMB/ORNE1EJXNLjHZRMozbH0iZxJZJA9iwcPfA24HJkb
Zz1z3+aBXnA1Wbg7XW4rHAlmAd3mY9Br8PiykKm1WjJzUBcoQSM1mLPPchwO82a1
ufzr3fB3oKjMmzymZ/abzLfjfGStFfNcCLQjH6epgdHW3PaF7tBTM7+W1wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFCQAnNrNSeQWjKWM56FGoDzunLiMB8GA1UdIwQY
MBaAFOG6Syhn2tOLc6RpGCQe/HKiEmL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2Et
ZGM2NGFlNzI1NzhlLzEvVUpBQ2MyczFKNUJhTXBZem5vVWFnUE82Y3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2EtZGM2NGFlNzI1Nzhl
LzEvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFWRDAAwQC
uTh8AwQCueQoMA0EAgACMAcDBQMqABfoMA0GCSqGSIb3DQEBCwUAA4IBAQA56AYb
eEB22eme+OWVU+RfMRVTjTGGIG3M2astofCh346znKJefwSdqFMvqYa7T6fuzSKM
V2xsHDN4KzwtRKI95PPvPsMuTws7e5vL1ZzKda6srlVZl70mMX64lrC1AKEy8Z8p
ghD7BIXdMCheiOmnRtNswKlUizqS2wtWe6Vh+PnlFsyQHDZ302eL0cXc9zfjod0k
2TxWjyNqGbw9pa3Qa+8kKfAKCg8b82Xa9fI9882Zojobwd4ywQlqBzjbVSRCYgXz
cJktctp6tnOIKwbxE4Nb5L8wGUB16GSdKgjjPfQWFsaVErc0YQ6ZcOfk6jcGLvN+
X+rlTzbJelpXEzLA
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:42:30 2025 by rpki-client