Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/U6LKInYX6jQwBV8KMEesVDrNWSk.roa
File: U6LKInYX6jQwBV8KMEesVDrNWSk.roa (raw, json)
Hash identifier: g36WmG/r5q9WK7xtEoYV2z/lqj+2PVHpdEIB93a9SEM=
Subject key identifier: 53:A2:CA:22:76:17:EA:34:30:05:5F:0A:30:47:AC:54:3A:CD:59:29
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 019423D74674A41FF9CAEBEACD38B857D6A9
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/U6LKInYX6jQwBV8KMEesVDrNWSk.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6168
IP address blocks: 151.253.180.0/24 maxlen: 24
151.253.181.0/24 maxlen: 24
194.170.246.0/24 maxlen: 24
195.229.47.0/24 maxlen: 24
213.42.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:46:74:a4:1f:f9:ca:eb:ea:cd:38:b8:57:d6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a2ca227617ea3430055f0a3047ac543acd5929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bd:c8:ed:b3:e4:47:a9:84:d5:53:26:c5:fe:
ab:23:0d:6c:50:38:31:b4:d5:85:f2:8b:f7:1f:92:
f8:ed:d0:98:bd:00:08:60:4c:ba:5f:6c:ea:02:86:
29:ad:03:2d:6c:39:64:c2:2f:9c:3e:a9:9b:f4:cc:
09:62:ee:de:91:24:e2:2c:15:97:09:2d:f3:e4:ce:
70:0f:4e:59:ac:e7:f2:86:40:ce:42:ba:de:5e:96:
b2:64:4d:ef:2d:75:0e:84:9a:e8:4d:cf:c7:3b:fc:
d5:48:db:0e:da:10:78:58:58:53:5f:85:e0:65:3f:
80:cf:0e:d0:e5:02:de:cf:b5:a3:d5:ef:ef:4e:2e:
cc:7d:31:5c:11:fa:bc:ef:43:f1:1c:77:08:11:66:
8c:82:ce:1b:0f:74:cd:05:19:84:6f:8d:38:cf:47:
11:ad:04:cd:20:da:49:e4:d6:e4:4a:8f:fe:9d:e7:
81:75:63:2f:83:bd:9b:8a:f8:c5:3d:d5:f0:20:e2:
b1:20:55:9d:42:36:09:6e:57:b8:a6:95:12:11:ae:
d1:4c:91:02:0f:1d:05:ba:93:97:f7:07:81:e6:22:
dc:20:ee:92:44:e6:00:70:3c:a3:0c:13:83:27:10:
86:2e:2b:e7:a0:54:aa:ab:ee:82:5e:3f:f3:dd:cf:
8d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A2:CA:22:76:17:EA:34:30:05:5F:0A:30:47:AC:54:3A:CD:59:29
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/U6LKInYX6jQwBV8KMEesVDrNWSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.253.180.0/23
194.170.246.0/24
195.229.47.0/24
213.42.110.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:0c:84:97:7c:36:bc:d4:b3:f3:9c:12:1f:f7:11:da:a8:09:
b5:22:8d:05:7c:7a:22:ac:fe:a8:f9:ea:2e:9f:c7:75:c6:93:
66:e1:f2:b8:2b:65:f6:2b:ab:ad:d5:bf:49:0d:b2:79:0a:6a:
64:20:0f:43:8d:1a:01:11:f1:66:ce:24:1b:f7:b7:19:16:48:
27:00:4c:29:2d:c5:3d:f8:72:c5:b1:73:d2:20:e2:9b:f3:9e:
c9:42:87:6a:90:85:42:49:b4:c7:2c:33:f0:2b:4e:69:2b:6c:
f1:55:b0:1e:7f:13:8e:ce:4f:2f:df:b2:14:84:86:a6:1a:4d:
48:39:7c:a6:3b:7c:be:e9:41:dd:22:2e:e5:fb:96:c8:01:0f:
c2:8d:7f:79:d8:a0:e1:bd:d0:2b:6a:ca:f0:76:89:76:20:9e:
9c:dc:b0:97:4f:c2:0e:75:62:d2:f6:50:2c:9a:71:4b:9f:b1:
cd:a1:96:76:19:e3:fd:a7:e7:e1:9f:05:96:83:bb:ee:72:7d:
a4:38:c8:f1:91:8c:3b:3b:a8:83:74:91:b0:22:db:b5:ab:a5:
0f:59:ed:0c:ef:35:1f:37:bb:f3:92:4a:fa:6b:26:e8:46:74:
67:c1:3b:a7:4e:fd:f0:b1:21:79:64:53:0c:6c:28:06:f9:76:
dd:c4:77:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj10Z0pB/5yuvqzTi4V9apMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EyY2EyMjc2MTdlYTM0MzAwNTVmMGEzMDQ3YWM1NDNhY2Q1OTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr3I7bPkR6mE1VMmxf6rIw1sUDgx
tNWF8ov3H5L47dCYvQAIYEy6X2zqAoYprQMtbDlkwi+cPqmb9MwJYu7ekSTiLBWX
CS3z5M5wD05ZrOfyhkDOQrreXpayZE3vLXUOhJroTc/HO/zVSNsO2hB4WFhTX4Xg
ZT+Azw7Q5QLez7Wj1e/vTi7MfTFcEfq870PxHHcIEWaMgs4bD3TNBRmEb404z0cR
rQTNINpJ5NbkSo/+neeBdWMvg72bivjFPdXwIOKxIFWdQjYJble4ppUSEa7RTJEC
Dx0FupOX9weB5iLcIO6SROYAcDyjDBODJxCGLivnoFSqq+6CXj/z3c+N0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFOiyiJ2F+o0MAVfCjBHrFQ6zVkpMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvVTZMS0luWVg2alF3QlY4S01FZXNWRHJOV1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBl/20AwQA
wqr2AwQAw+UvAwQA1SpuMA0GCSqGSIb3DQEBCwUAA4IBAQBdDISXfDa81LPznBIf
9xHaqAm1Io0FfHoirP6o+eoun8d1xpNm4fK4K2X2K6ut1b9JDbJ5CmpkIA9DjRoB
EfFmziQb97cZFkgnAEwpLcU9+HLFsXPSIOKb857JQodqkIVCSbTHLDPwK05pK2zx
VbAefxOOzk8v37IUhIamGk1IOXymO3y+6UHdIi7l+5bIAQ/CjX952KDhvdArasrw
dol2IJ6c3LCXT8IOdWLS9lAsmnFLn7HNoZZ2GeP9p+fhnwWWg7vucn2kOMjxkYw7
O6iDdJGwItu1q6UPWe0M7zUfN7vzkkr6ayboRnRnwTunTv3wsSF5ZFMMbCgG+Xbd
xHdR
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:47:14 2025 by rpki-client