Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UwY-z8V6VfhMrw6yU4BUtAbkwuc.roa
File: UwY-z8V6VfhMrw6yU4BUtAbkwuc.roa (raw, json)
Hash identifier: 63LVygsKASYuzxUcAwVAG9g+18g7zBVNThs+KistELE=
Subject key identifier: 53:06:3E:CF:C5:7A:55:F8:4C:AF:0E:B2:53:80:54:B4:06:E4:C2:E7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019654D903DC06E9B8F7A303B0EC6D647584
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UwY-z8V6VfhMrw6yU4BUtAbkwuc.roa
Signing time: Sun 20 Apr 2025 20:17:10 +0000
ROA not before: Sun 20 Apr 2025 20:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a09:b700::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:2ec0::/29 maxlen: 29
2a13:3040::/29 maxlen: 29
2a13:a100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:d9:03:dc:06:e9:b8:f7:a3:03:b0:ec:6d:64:75:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 20 20:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53063ecfc57a55f84caf0eb2538054b406e4c2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:e9:54:8a:09:4e:5c:e6:01:e1:b9:ab:a3:
e8:14:73:fb:7a:31:71:ae:b6:45:ba:30:6c:79:23:
a5:78:5b:d0:bc:90:15:db:34:58:25:98:bd:25:2d:
34:b1:d4:c1:e4:e6:d5:d4:78:76:a1:aa:e3:21:d7:
a6:ce:f5:74:31:49:e8:f5:5c:ec:30:c9:ed:9c:a6:
32:59:f8:d1:e1:1c:4f:29:14:15:af:db:6f:f7:f1:
3e:72:0c:3d:07:36:dc:e9:4c:53:07:41:06:71:50:
f2:fc:e9:08:6e:3e:8a:5d:3e:c9:a6:84:c7:72:f7:
56:21:03:17:37:60:1f:08:f3:99:80:0b:c9:ef:c8:
4a:f0:47:1c:35:d2:db:5b:44:a1:97:f0:79:3a:b4:
7c:f9:36:32:36:cd:16:36:a6:9a:c8:45:53:5d:44:
93:73:3b:71:78:e9:b6:51:a7:c8:84:14:a3:2a:3f:
91:ef:46:39:a9:2f:be:bd:0d:40:7b:52:6f:26:37:
c8:70:f1:fb:32:e0:6a:2f:73:ca:ff:b7:2d:b7:7d:
f3:02:b1:7a:84:09:e8:32:9f:99:d1:3a:05:dd:68:
42:d5:75:d8:c8:d7:cc:4e:ca:68:98:f2:13:ae:2e:
5c:98:7c:90:00:4f:3d:3a:f3:b1:83:b4:7b:3c:30:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:06:3E:CF:C5:7A:55:F8:4C:AF:0E:B2:53:80:54:B4:06:E4:C2:E7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UwY-z8V6VfhMrw6yU4BUtAbkwuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b700::/29
2a0f:1540::/29
2a0f:dec0::/29
2a0f:e540::/29
2a13:1940::/29
2a13:2ec0::/29
2a13:3040::/29
2a13:a100::/29
Signature Algorithm: sha256WithRSAEncryption
42:7f:8f:f8:66:f2:e9:3c:77:ce:01:d0:be:1a:76:ae:91:f4:
62:cd:f7:3f:92:c3:45:bf:86:55:7a:58:48:e8:e8:a1:ed:94:
4c:da:0a:d0:6c:d7:74:bb:12:e9:06:6b:23:aa:9a:3b:c5:9a:
0d:b8:d6:cb:6b:8d:8a:3c:d1:a1:31:ee:87:53:28:ff:5b:51:
69:02:93:07:30:e5:f7:59:47:ec:cc:b3:09:c9:fe:26:c5:fa:
8b:e7:5f:60:cf:45:e8:b8:b5:c3:ab:4c:6d:ea:d8:99:23:c5:
77:8d:f2:73:4c:d3:02:b1:67:fe:9b:45:86:dd:83:22:67:ab:
04:48:36:59:83:6e:93:64:0c:3a:25:54:5a:82:05:b8:70:c7:
08:52:be:31:41:45:c6:cd:92:d2:e9:ef:80:8e:1b:e4:00:a8:
cf:c0:ad:39:b0:d0:36:24:ab:6d:e4:a3:8f:2e:10:93:89:f3:
18:c8:0a:f4:1f:e0:df:11:d1:57:cd:fc:9a:56:ee:c8:d5:b8:
f7:c3:89:eb:2c:db:44:a1:8f:dc:a2:89:e0:ea:20:9a:b8:50:
e8:18:80:38:ca:6c:27:45:6d:e8:94:f5:30:17:87:98:bc:e3:
0a:41:c2:16:d1:7c:00:7a:3e:f3:3a:33:4b:91:6b:52:b6:88:
71:c0:1e:24
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZU2QPcBum496MDsOxtZHWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDIwMjAxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA2M2VjZmM1N2E1NWY4NGNhZjBlYjI1MzgwNTRiNDA2ZTRjMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue7pVIoJTlzmAeG5q6PoFHP7ejFx
rrZFujBseSOleFvQvJAV2zRYJZi9JS00sdTB5ObV1Hh2oarjIdemzvV0MUno9Vzs
MMntnKYyWfjR4RxPKRQVr9tv9/E+cgw9Bzbc6UxTB0EGcVDy/OkIbj6KXT7JpoTH
cvdWIQMXN2AfCPOZgAvJ78hK8EccNdLbW0Shl/B5OrR8+TYyNs0WNqaayEVTXUST
cztxeOm2UafIhBSjKj+R70Y5qS++vQ1Ae1JvJjfIcPH7MuBqL3PK/7ctt33zArF6
hAnoMp+Z0ToF3WhC1XXYyNfMTspomPITri5cmHyQAE89OvOxg7R7PDAEnQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFMGPs/FelX4TK8OslOAVLQG5MLnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVXdZLXo4VjZWZmhNcnc2eVU0QlV0QWJrd3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgm3AAMF
AyoPFUADBQMqD97AAwUDKg/lQAMFAyoTGUADBQMqEy7AAwUDKhMwQAMFAyoToQAw
DQYJKoZIhvcNAQELBQADggEBAEJ/j/hm8uk8d84B0L4adq6R9GLN9z+Sw0W/hlV6
WEjo6KHtlEzaCtBs13S7EukGayOqmjvFmg241strjYo80aEx7odTKP9bUWkCkwcw
5fdZR+zMswnJ/ibF+ovnX2DPRei4tcOrTG3q2JkjxXeN8nNM0wKxZ/6bRYbdgyJn
qwRINlmDbpNkDDolVFqCBbhwxwhSvjFBRcbNktLp74COG+QAqM/ArTmw0DYkq23k
o48uEJOJ8xjICvQf4N8R0VfN/JpW7sjVuPfDiess20Shj9yiieDqIJq4UOgYgDjK
bCdFbeiU9TAXh5i84wpBwhbRfAB6PvM6M0uRa1K2iHHAHiQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:17 2025 by rpki-client