Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/uJ1wgWjtfF_PUvxzUj8noSaLQx0.roa
File: uJ1wgWjtfF_PUvxzUj8noSaLQx0.roa (raw, json)
Hash identifier: 5K3mYspcTrH8J1dlAJJG2SBHWuIALi8AQG16SYzuq8w=
Subject key identifier: B8:9D:70:81:68:ED:7C:5F:CF:52:FC:73:52:3F:27:A1:26:8B:43:1D
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 019421B17E06AA293F73C1FC4F3645A8074C
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/uJ1wgWjtfF_PUvxzUj8noSaLQx0.roa
Signing time: Wed 01 Jan 2025 11:47:47 +0000
ROA not before: Wed 01 Jan 2025 11:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207990
IP address blocks: 45.133.136.0/24 maxlen: 32
88.218.144.0/22 maxlen: 32
91.193.100.0/22 maxlen: 32
95.175.80.0/20 maxlen: 32
95.214.84.0/22 maxlen: 32
178.239.22.0/23 maxlen: 32
185.23.200.0/23 maxlen: 32
185.247.228.0/24 maxlen: 32
185.247.229.0/24 maxlen: 32
185.247.230.0/23 maxlen: 32
185.251.44.0/23 maxlen: 32
185.251.46.0/23 maxlen: 32
185.251.248.0/23 maxlen: 32
185.251.250.0/23 maxlen: 32
193.8.80.0/22 maxlen: 32
194.156.112.0/22 maxlen: 32
195.66.220.0/22 maxlen: 32
195.158.208.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:7e:06:aa:29:3f:73:c1:fc:4f:36:45:a8:07:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Jan 1 11:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b89d708168ed7c5fcf52fc73523f27a1268b431d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:4a:2e:84:1f:c0:52:5f:d5:ca:df:24:a0:
0b:55:7e:2a:61:03:6c:35:56:4b:0c:19:3b:d0:5c:
b4:f1:27:90:25:b2:bd:d2:e8:55:41:4f:90:ff:b1:
59:19:f1:f6:d5:1a:fc:cc:52:d1:2c:e2:02:48:f5:
0b:16:1d:55:56:6f:9c:ea:09:75:f0:4d:a8:ba:e5:
59:0b:e6:a9:d9:61:fd:c7:74:f8:cd:63:e9:60:24:
84:f8:55:83:89:76:b1:0a:f7:30:1f:cc:b3:87:71:
16:b5:fc:f9:3a:3f:10:d5:05:17:e3:da:a1:0c:a3:
ca:d6:c4:d0:56:1f:bd:f6:7d:9d:55:af:f3:96:bd:
24:b4:da:c5:4e:ef:68:c7:95:30:c4:07:10:d7:45:
fa:fc:4b:ed:a3:4c:2d:c2:c4:db:b3:43:a0:a5:0f:
2a:68:67:42:6f:f5:95:09:e2:ec:8f:97:81:bf:4b:
7e:a0:0f:60:23:8b:b5:d5:56:ac:79:f3:b5:a7:26:
4d:8b:bb:37:17:35:0e:ee:f1:c8:ff:59:e8:13:7b:
fa:09:22:bf:d7:3b:8f:77:44:c5:8b:0a:69:eb:65:
3a:79:48:10:de:bf:14:7b:f8:a5:10:db:2f:0f:f0:
d0:69:d5:80:14:c0:4f:87:77:c6:2a:5f:c5:fd:20:
92:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9D:70:81:68:ED:7C:5F:CF:52:FC:73:52:3F:27:A1:26:8B:43:1D
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/uJ1wgWjtfF_PUvxzUj8noSaLQx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
88.218.144.0/22
91.193.100.0/22
95.175.80.0/20
95.214.84.0/22
178.239.22.0/23
185.23.200.0/23
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
193.8.80.0/22
194.156.112.0/22
195.66.220.0/22
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:50:60:84:30:24:f0:c1:96:87:9b:00:38:8c:cd:75:43:80:
7d:f2:98:fa:53:72:c3:53:08:57:bd:e0:49:21:e1:29:d8:60:
6a:3d:62:7c:5f:5c:5b:8a:ca:db:2d:e2:e4:47:56:6c:fb:f1:
8b:ac:54:0c:3e:c8:7a:57:85:57:77:29:2c:d1:3a:c6:fc:f4:
07:e3:3c:bf:15:6a:f1:35:16:27:6a:70:53:33:63:74:fd:15:
e9:85:93:a5:0e:ac:68:04:dd:f5:81:5d:bc:98:16:ef:e8:f5:
e3:0c:1c:42:76:29:84:43:e4:3a:e9:28:c2:1b:21:c5:36:08:
16:5d:c5:df:43:c7:c0:ff:f5:e7:5d:75:31:9a:d1:4e:40:71:
4d:1d:8c:53:f6:9f:75:81:24:f4:94:4f:a0:3f:c0:c1:fd:52:
4c:4a:c7:69:6d:be:e5:f1:2a:cd:b9:4d:52:d2:6b:93:1e:9c:
0a:18:9b:25:32:73:2d:31:1f:a0:c1:06:b7:46:46:cf:fa:ab:
c7:52:8a:73:25:cf:65:7d:7b:5c:6d:5d:8f:c4:70:70:71:52:
75:98:24:02:62:b8:81:73:f3:6b:ce:0a:19:ba:91:45:98:c3:
ec:96:16:96:ea:bf:99:bd:cf:74:45:89:75:d5:47:9c:c2:a0:
b7:b6:de:44
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQhsX4Gqik/c8H8TzZFqAdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjUwMTAxMTE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODlkNzA4MTY4ZWQ3YzVmY2Y1MmZjNzM1MjNmMjdhMTI2OGI0MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBBKLoQfwFJf1crfJKALVX4qYQNs
NVZLDBk70Fy08SeQJbK90uhVQU+Q/7FZGfH21Rr8zFLRLOICSPULFh1VVm+c6gl1
8E2ouuVZC+ap2WH9x3T4zWPpYCSE+FWDiXaxCvcwH8yzh3EWtfz5Oj8Q1QUX49qh
DKPK1sTQVh+99n2dVa/zlr0ktNrFTu9ox5UwxAcQ10X6/Evto0wtwsTbs0OgpQ8q
aGdCb/WVCeLsj5eBv0t+oA9gI4u11VasefO1pyZNi7s3FzUO7vHI/1noE3v6CSK/
1zuPd0TFiwpp62U6eUgQ3r8Ue/ilENsvD/DQadWAFMBPh3fGKl/F/SCSCQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLidcIFo7Xxfz1L8c1I/J6Emi0MdMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvdUoxd2dXanRmRl9QVXZ4elVqOG5vU2FMUXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYWIAwQC
WNqQAwQCW8FkAwQEX69QAwQCX9ZUAwQBsu8WAwQBuRfIAwQCuffkAwQCufssAwQC
ufv4AwQCwQhQAwQCwpxwAwQCw0LcAwQCw57QMA0GCSqGSIb3DQEBCwUAA4IBAQBs
UGCEMCTwwZaHmwA4jM11Q4B98pj6U3LDUwhXveBJIeEp2GBqPWJ8X1xbisrbLeLk
R1Zs+/GLrFQMPsh6V4VXdyks0TrG/PQH4zy/FWrxNRYnanBTM2N0/RXphZOlDqxo
BN31gV28mBbv6PXjDBxCdimEQ+Q66SjCGyHFNggWXcXfQ8fA//XnXXUxmtFOQHFN
HYxT9p91gST0lE+gP8DB/VJMSsdpbb7l8SrNuU1S0muTHpwKGJslMnMtMR+gwQa3
RkbP+qvHUopzJc9lfXtcbV2PxHBwcVJ1mCQCYriBc/NrzgoZupFFmMPslhaW6r+Z
vc90RYl11UecwqC3tt5E
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:06:09 2025 by rpki-client