Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/2UZkcfvHBD0nlLVShbBCdFbgaEM.roa
File: 2UZkcfvHBD0nlLVShbBCdFbgaEM.roa (raw, json)
Hash identifier: HqtlmZWEJIZpNtC58lOjwfZX2SNzuDVgWAhhp7ppdfQ=
Subject key identifier: D9:46:64:71:FB:C7:04:3D:27:94:B5:52:85:B0:42:74:56:E0:68:43
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 019425FC21484F1AB9799717B66BD4C8BCE3
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/2UZkcfvHBD0nlLVShbBCdFbgaEM.roa
Signing time: Thu 02 Jan 2025 07:47:47 +0000
ROA not before: Thu 02 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197133
IP address blocks: 91.197.136.0/22 maxlen: 24
178.248.208.0/21 maxlen: 24
178.251.248.0/21 maxlen: 24
185.32.100.0/23 maxlen: 24
185.32.102.0/24 maxlen: 24
185.114.128.0/22 maxlen: 24
193.202.121.0/24 maxlen: 24
194.69.194.0/23 maxlen: 24
194.143.132.0/23 maxlen: 24
217.114.200.0/21 maxlen: 24
217.114.207.0/24 maxlen: 24
2a02:1740::/32 maxlen: 48
2a03:d280::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:21:48:4f:1a:b9:79:97:17:b6:6b:d4:c8:bc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jan 2 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9466471fbc7043d2794b55285b0427456e06843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:9a:94:e3:b9:32:67:00:a5:54:d0:29:f6:
d3:5b:98:f9:06:58:8f:3d:50:0d:72:3d:af:f8:5c:
87:70:1f:80:df:b7:ad:4e:4a:72:3c:2c:63:69:7a:
7c:56:1f:8a:63:d8:a3:80:1b:63:b7:ac:2b:52:2c:
07:51:67:13:40:6c:31:8e:0e:f6:0a:5f:b3:b8:ff:
9c:c8:b1:30:1f:e2:b3:f6:01:cb:9b:59:0d:cf:0d:
1f:9e:3e:1b:94:f5:55:45:8e:ec:28:9a:9e:4a:31:
90:ec:7e:f9:bf:5f:a2:00:3c:9b:58:90:2b:3f:2e:
26:43:1e:a1:13:18:1e:96:5e:87:19:5b:41:4a:8f:
2c:b4:e2:0d:0c:50:68:2f:b0:44:3b:37:67:f7:69:
c2:ae:0c:be:11:70:9b:1c:12:9a:ca:6b:87:e0:63:
55:ca:ac:4d:a2:18:07:87:fc:8e:cb:72:dd:34:2c:
06:d9:ef:b1:56:c0:91:13:c9:c1:29:04:f0:b3:db:
49:14:52:9b:55:16:71:a8:2a:95:a1:fe:1d:e4:00:
17:ac:39:58:d5:d0:ca:ad:ce:9b:f4:7f:d4:f9:5c:
e9:36:01:b2:50:08:f8:33:95:97:67:a8:3e:c9:90:
05:b4:09:4e:0f:22:ae:ac:fb:c5:54:b2:a9:72:cb:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:46:64:71:FB:C7:04:3D:27:94:B5:52:85:B0:42:74:56:E0:68:43
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/2UZkcfvHBD0nlLVShbBCdFbgaEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.136.0/22
178.248.208.0/21
178.251.248.0/21
185.32.100.0-185.32.102.255
185.114.128.0/22
193.202.121.0/24
194.69.194.0/23
194.143.132.0/23
217.114.200.0/21
IPv6:
2a02:1740::/32
2a03:d280::/32
Signature Algorithm: sha256WithRSAEncryption
ab:d3:82:90:21:8a:f7:92:31:f9:76:33:47:aa:11:5e:d0:37:
72:e3:f9:19:cc:64:ac:3f:24:f0:b9:06:00:49:77:e7:61:c7:
7e:95:39:d5:eb:28:49:b2:d4:52:17:2f:e3:6a:15:f3:b9:ad:
6c:d7:a5:ca:65:39:4c:3c:10:5a:d2:0b:e2:7d:9f:ad:99:9e:
1a:9f:4a:ee:4a:24:1e:80:43:2b:8e:08:fb:d7:0a:04:3d:ec:
4c:6c:2d:55:ba:22:a4:11:bd:e6:14:6c:b7:7f:c0:d4:1b:16:
d3:52:36:56:72:db:92:ed:c1:80:5a:23:fc:0b:0e:41:f8:01:
06:a3:8e:bc:9c:0d:81:62:79:59:c4:ca:3e:44:dc:11:0e:ee:
16:4c:13:02:0b:d2:cc:cc:18:39:5e:38:99:6a:92:64:ae:6a:
47:73:c2:84:39:d4:5e:c9:b1:99:39:25:ea:cc:78:af:7c:cb:
47:c3:f7:0d:8b:af:ef:04:eb:f0:e6:7c:5d:cb:3f:f8:95:7b:
ca:6c:e0:b0:95:73:7b:70:45:60:79:78:c2:17:a2:74:4b:2d:
d1:0a:4c:e6:33:ac:f2:90:90:ad:a4:f5:30:93:91:cf:b3:ec:
11:bc:a7:16:7f:9f:d0:30:ab:6e:ba:be:9e:f4:4f:7b:33:53:
af:8e:15:6c
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQl/CFITxq5eZcXtmvUyLzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjUwMTAyMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ2NjQ3MWZiYzcwNDNkMjc5NGI1NTI4NWIwNDI3NDU2ZTA2ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbyalOO5MmcApVTQKfbTW5j5BliP
PVANcj2v+FyHcB+A37etTkpyPCxjaXp8Vh+KY9ijgBtjt6wrUiwHUWcTQGwxjg72
Cl+zuP+cyLEwH+Kz9gHLm1kNzw0fnj4blPVVRY7sKJqeSjGQ7H75v1+iADybWJAr
Py4mQx6hExgell6HGVtBSo8stOINDFBoL7BEOzdn92nCrgy+EXCbHBKaymuH4GNV
yqxNohgHh/yOy3LdNCwG2e+xVsCRE8nBKQTws9tJFFKbVRZxqCqVof4d5AAXrDlY
1dDKrc6b9H/U+VzpNgGyUAj4M5WXZ6g+yZAFtAlODyKurPvFVLKpcsuDgQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNlGZHH7xwQ9J5S1UoWwQnRW4GhDMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvMlVaa2NmdkhCRDBubExWU2hiQkNkRmJnYUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8WIAwQD
svjQAwQDsvv4MAwDBAK5IGQDBAC5IGYDBAK5coADBADBynkDBAHCRcIDBAHCj4QD
BAPZcsgwFAQCAAIwDgMFACoCF0ADBQAqA9KAMA0GCSqGSIb3DQEBCwUAA4IBAQCr
04KQIYr3kjH5djNHqhFe0Ddy4/kZzGSsPyTwuQYASXfnYcd+lTnV6yhJstRSFy/j
ahXzua1s16XKZTlMPBBa0gvifZ+tmZ4an0ruSiQegEMrjgj71woEPexMbC1VuiKk
Eb3mFGy3f8DUGxbTUjZWctuS7cGAWiP8Cw5B+AEGo468nA2BYnlZxMo+RNwRDu4W
TBMCC9LMzBg5XjiZapJkrmpHc8KEOdReybGZOSXqzHivfMtHw/cNi6/vBOvw5nxd
yz/4lXvKbOCwlXN7cEVgeXjCF6J0Sy3RCkzmM6zykJCtpPUwk5HPs+wRvKcWf5/Q
MKtuur6e9E97M1OvjhVs
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:40:25 2025 by rpki-client