Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/Ub0-2eebJKS-_wvCTAHAPvwqWX4.roa
File: Ub0-2eebJKS-_wvCTAHAPvwqWX4.roa (raw, json)
Hash identifier: 0xujblS4gzQTs2C+FBv84ZMPXRiL3fTGBn6jldT/5T8=
Subject key identifier: 51:BD:3E:D9:E7:9B:24:A4:BE:FF:0B:C2:4C:01:C0:3E:FC:2A:59:7E
Certificate issuer: /CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Certificate serial: 019638031D2A229F49265D1848553987608B
Authority key identifier: 0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/Ub0-2eebJKS-_wvCTAHAPvwqWX4.roa
Signing time: Tue 15 Apr 2025 05:54:10 +0000
ROA not before: Tue 15 Apr 2025 05:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 93.91.192.0/20 maxlen: 20
93.91.192.0/24 maxlen: 24
93.91.193.0/24 maxlen: 24
93.91.195.0/24 maxlen: 24
93.91.196.0/24 maxlen: 24
93.91.197.0/24 maxlen: 24
93.91.200.0/24 maxlen: 24
93.91.201.0/24 maxlen: 24
93.91.204.0/24 maxlen: 24
95.170.192.0/19 maxlen: 19
95.170.192.0/24 maxlen: 24
95.170.193.0/24 maxlen: 24
95.170.194.0/24 maxlen: 24
95.170.196.0/24 maxlen: 24
95.170.199.0/24 maxlen: 24
95.170.200.0/24 maxlen: 24
95.170.201.0/24 maxlen: 24
95.170.202.0/24 maxlen: 24
95.170.203.0/24 maxlen: 24
95.170.204.0/24 maxlen: 24
95.170.205.0/24 maxlen: 24
95.170.206.0/24 maxlen: 24
95.170.207.0/24 maxlen: 24
95.170.208.0/24 maxlen: 24
95.170.214.0/24 maxlen: 24
95.170.215.0/24 maxlen: 24
95.170.216.0/24 maxlen: 24
95.170.217.0/24 maxlen: 24
95.170.218.0/24 maxlen: 24
95.170.219.0/24 maxlen: 24
95.170.220.0/24 maxlen: 24
95.170.221.0/24 maxlen: 24
95.170.222.0/24 maxlen: 24
109.127.64.0/18 maxlen: 18
109.127.64.0/20 maxlen: 20
109.127.64.0/21 maxlen: 21
109.127.72.0/21 maxlen: 21
109.127.80.0/24 maxlen: 24
109.127.82.0/24 maxlen: 24
109.127.86.0/24 maxlen: 24
109.127.88.0/24 maxlen: 24
109.127.89.0/24 maxlen: 24
109.127.90.0/24 maxlen: 24
109.127.91.0/24 maxlen: 24
109.127.93.0/24 maxlen: 24
109.127.94.0/24 maxlen: 24
109.127.95.0/24 maxlen: 24
109.127.107.0/24 maxlen: 24
130.193.128.0/17 maxlen: 17
130.193.128.0/19 maxlen: 19
130.193.131.0/24 maxlen: 24
130.193.132.0/22 maxlen: 22
130.193.144.0/24 maxlen: 24
130.193.145.0/24 maxlen: 24
130.193.146.0/24 maxlen: 24
130.193.147.0/24 maxlen: 24
130.193.148.0/24 maxlen: 24
130.193.149.0/24 maxlen: 24
130.193.150.0/23 maxlen: 23
130.193.150.0/24 maxlen: 24
130.193.151.0/24 maxlen: 24
130.193.152.0/23 maxlen: 23
130.193.154.0/23 maxlen: 23
130.193.160.0/20 maxlen: 20
130.193.160.0/24 maxlen: 24
130.193.165.0/24 maxlen: 24
130.193.166.0/24 maxlen: 24
130.193.176.0/20 maxlen: 20
130.193.176.0/21 maxlen: 21
130.193.184.0/21 maxlen: 21
130.193.192.0/20 maxlen: 20
130.193.208.0/20 maxlen: 20
130.193.224.0/20 maxlen: 20
130.193.240.0/20 maxlen: 20
2a04:a040::/29 maxlen: 29
2a04:a040::/32 maxlen: 32
2a04:a041::/32 maxlen: 32
2a04:a042::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:03:1d:2a:22:9f:49:26:5d:18:48:55:39:87:60:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Validity
Not Before: Apr 15 05:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51bd3ed9e79b24a4beff0bc24c01c03efc2a597e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d8:1c:02:ab:86:bc:03:a2:81:4a:58:0e:ec:
c8:c4:04:8f:59:2f:a4:28:cd:5d:04:9e:e9:bf:9f:
9a:5a:8a:cb:a6:e9:8a:cc:35:0c:45:f0:e4:92:42:
c6:8f:56:86:73:de:61:41:5f:d9:be:44:56:36:8f:
b6:8d:65:f4:e2:c3:f0:d4:f0:bf:53:fc:0c:42:2e:
eb:59:74:73:e3:4a:19:c6:d8:ac:66:f6:87:6d:41:
46:f3:46:b8:4a:9d:c3:79:70:c3:5e:13:13:a4:60:
2f:f2:3b:80:28:26:f9:7e:59:8f:65:01:81:53:0d:
7e:a4:73:02:b5:22:e7:69:dc:96:61:28:63:b9:4a:
0c:ce:40:8a:d4:b8:3e:1c:23:2e:cd:a7:51:c8:8e:
b0:56:b1:e2:99:cc:87:91:cd:45:51:90:28:0d:f4:
9f:af:b2:fa:64:47:d3:55:37:17:9a:fe:22:f6:32:
e2:ce:23:a7:bf:27:bc:2c:de:30:3d:a4:df:02:a1:
2a:6c:80:dc:49:55:5a:05:9f:06:e1:59:19:0a:9f:
d4:c3:b6:bb:ce:35:85:52:b1:4f:d7:91:70:4f:24:
1c:f6:0d:21:d4:cc:60:8b:e7:4c:eb:68:b5:5d:ac:
cc:e0:44:1e:7c:35:16:56:b1:82:46:b1:fe:85:fa:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BD:3E:D9:E7:9B:24:A4:BE:FF:0B:C2:4C:01:C0:3E:FC:2A:59:7E
X509v3 Authority Key Identifier:
keyid:0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/Ub0-2eebJKS-_wvCTAHAPvwqWX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.192.0/20
95.170.192.0/19
109.127.64.0/18
130.193.128.0/17
IPv6:
2a04:a040::/29
Signature Algorithm: sha256WithRSAEncryption
2c:21:96:1b:56:67:88:8f:44:0f:0f:af:d1:44:3c:f9:ed:da:
48:f3:62:14:17:86:ca:0a:1c:a0:d4:9c:74:29:48:a4:a2:bc:
68:6a:29:bc:9d:e4:5d:91:97:29:67:14:5f:a4:a5:a0:31:26:
38:c2:82:a3:c3:83:38:e0:a3:7d:78:12:5b:d7:96:17:1a:98:
09:42:09:53:dc:a0:39:4c:92:09:94:f4:9a:60:60:54:7c:ec:
27:64:96:5f:4b:1e:49:b9:fd:fc:fc:4d:9c:5e:9d:c5:74:67:
7d:30:14:64:50:66:11:cd:ed:df:55:e3:41:08:ff:21:72:e8:
3f:f7:49:44:1c:e9:87:e0:16:9e:93:9e:bd:4d:5e:0c:d6:c0:
3d:98:9d:48:2b:4d:40:1a:1c:d2:1a:66:73:e0:cb:78:e9:29:
39:66:f9:a3:b4:37:42:6c:98:9a:60:31:5e:1d:80:cd:09:a8:
77:5d:12:7c:c2:4f:91:cc:96:ef:43:fc:2e:c0:bb:99:36:31:
fe:4d:75:d3:7b:84:6c:ce:80:9c:e6:b6:14:1b:e0:fe:f0:17:
a7:b5:df:1d:8b:f1:1d:59:7a:8b:66:51:5b:da:24:0a:e0:8b:
55:50:f5:e4:0d:77:20:11:92:7e:9f:c3:18:f8:a1:4a:32:bd:
b2:ca:19:8e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZY4Ax0qIp9JJl0YSFU5h2CLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMGY3YTA0ZGQ3MjQ5YTVkMTRiN2RlMDU0MmE0MTk3Mzgw
MDA2Y2MwHhcNMjUwNDE1MDU1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJkM2VkOWU3OWIyNGE0YmVmZjBiYzI0YzAxYzAzZWZjMmE1OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dgcAquGvAOigUpYDuzIxASPWS+k
KM1dBJ7pv5+aWorLpumKzDUMRfDkkkLGj1aGc95hQV/ZvkRWNo+2jWX04sPw1PC/
U/wMQi7rWXRz40oZxtisZvaHbUFG80a4Sp3DeXDDXhMTpGAv8juAKCb5flmPZQGB
Uw1+pHMCtSLnadyWYShjuUoMzkCK1Lg+HCMuzadRyI6wVrHimcyHkc1FUZAoDfSf
r7L6ZEfTVTcXmv4i9jLiziOnvye8LN4wPaTfAqEqbIDcSVVaBZ8G4VkZCp/Uw7a7
zjWFUrFP15FwTyQc9g0h1Mxgi+dM62i1XazM4EQefDUWVrGCRrH+hfo9sQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFG9PtnnmySkvv8LwkwBwD78Kll+MB8GA1UdIwQY
MBaAFAwPegTdckml0Ut94FQqQZc4AAbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTIt
YTNjYmVmZmY3Nzc3LzEvVWIwLTJlZWJKS1MtX3d2Q1RBSEFQdndxV1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTItYTNjYmVmZmY3Nzc3
LzEvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVvAAwQF
X6rAAwQGbX9AAwQHgsGAMA0EAgACMAcDBQMqBKBAMA0GCSqGSIb3DQEBCwUAA4IB
AQAsIZYbVmeIj0QPD6/RRDz57dpI82IUF4bKChyg1Jx0KUikorxoaim8neRdkZcp
ZxRfpKWgMSY4woKjw4M44KN9eBJb15YXGpgJQglT3KA5TJIJlPSaYGBUfOwnZJZf
Sx5Juf38/E2cXp3FdGd9MBRkUGYRze3fVeNBCP8hcug/90lEHOmH4Baek569TV4M
1sA9mJ1IK01AGhzSGmZz4Mt46Sk5ZvmjtDdCbJiaYDFeHYDNCah3XRJ8wk+RzJbv
Q/wuwLuZNjH+TXXTe4RszoCc5rYUG+D+8Bentd8di/EdWXqLZlFb2iQK4ItVUPXk
DXcgEZJ+n8MY+KFKMr2yyhmO
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:45:29 2025 by rpki-client