Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/UiH643w1GrSMb8MdWOXuMKoflu8.roa
File: UiH643w1GrSMb8MdWOXuMKoflu8.roa (raw, json)
Hash identifier: Ox1u3sls+4F8aVo0Ns4HTUNM65vIvg8OdP6tILBOlsE=
Subject key identifier: 52:21:FA:E3:7C:35:1A:B4:8C:6F:C3:1D:58:E5:EE:30:AA:1F:96:EF
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 0194258EC8F5F8792778E230DDD13BC38CBF
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/UiH643w1GrSMb8MdWOXuMKoflu8.roa
Signing time: Thu 02 Jan 2025 05:48:22 +0000
ROA not before: Thu 02 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39358
IP address blocks: 194.126.231.0/24 maxlen: 24
195.114.106.0/23 maxlen: 24
195.114.106.0/24 maxlen: 24
195.114.107.0/24 maxlen: 24
2001:67c:3e8::/47 maxlen: 48
2001:67c:3e8::/48 maxlen: 48
2001:67c:3e9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:c8:f5:f8:79:27:78:e2:30:dd:d1:3b:c3:8c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Jan 2 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5221fae37c351ab48c6fc31d58e5ee30aa1f96ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:92:da:50:cd:69:91:f5:29:6a:00:4b:a1:ca:
75:cf:90:e6:a0:c4:8e:3b:87:82:03:a0:74:c3:48:
cf:2c:01:a6:51:43:8f:4b:6e:e2:5f:f7:ba:3b:04:
0c:d4:c7:63:fe:c4:0f:3f:06:da:56:02:b1:07:3b:
40:0d:66:fe:f6:f8:f9:cd:c7:2f:ed:37:2a:d1:1a:
e5:3d:c2:e3:d1:0e:03:62:7b:74:e5:b2:b9:8b:74:
3f:e8:d7:30:b0:bb:52:22:e9:f9:18:23:19:a6:a3:
95:50:7d:13:f6:97:9e:0f:a3:d5:e8:08:3a:3c:54:
86:9a:a3:fb:99:a5:02:bf:bc:c2:39:86:d3:94:09:
21:9d:67:e8:b4:92:37:c7:b5:13:5a:b2:5f:3b:47:
6a:9a:a4:3f:6b:1f:15:28:94:94:28:10:f8:d2:1e:
da:c5:26:56:49:7d:0d:57:61:b3:7e:a9:05:52:b7:
b5:63:cb:fb:34:cb:89:d9:05:d0:bb:4d:c2:1a:e7:
3e:c2:71:45:ba:3e:81:05:21:6a:95:8f:60:ce:80:
34:5c:8f:1d:32:cd:8e:cc:21:18:f5:22:9e:04:08:
6b:98:66:a0:22:3e:eb:fa:b9:63:06:32:13:31:58:
18:b2:66:b4:62:08:83:1c:c6:13:84:da:09:7b:2c:
14:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:21:FA:E3:7C:35:1A:B4:8C:6F:C3:1D:58:E5:EE:30:AA:1F:96:EF
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/UiH643w1GrSMb8MdWOXuMKoflu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
IPv6:
2001:67c:3e8::/47
Signature Algorithm: sha256WithRSAEncryption
71:cd:9c:ee:23:b3:78:ac:be:39:43:c7:ef:07:d4:24:f2:8a:
6a:35:d5:2c:fa:6e:72:bd:43:36:3b:b8:4b:2c:82:a1:0c:ad:
0a:9a:e9:02:ce:23:a6:ac:d1:97:6e:4b:51:23:9e:eb:c3:85:
de:a6:91:5d:2f:2c:fb:e2:7f:2c:8a:58:d2:b5:62:7e:68:71:
fe:30:f2:36:65:46:89:eb:6f:d8:c8:a3:dc:26:b8:f0:5a:9d:
b9:8b:47:c4:de:6e:f0:e7:31:ef:d5:39:9d:45:0a:4b:14:52:
06:7b:cc:b2:e2:91:c4:cb:86:f2:6f:41:36:80:9f:29:ce:e3:
de:dc:98:aa:1e:95:b1:d1:4b:e9:93:6f:b8:73:88:c7:1c:0c:
51:28:79:97:66:cc:39:da:88:b5:6b:a4:e8:d0:cb:d2:17:35:
c2:28:36:19:44:d3:99:f0:b9:a5:9a:2f:2d:fe:37:76:15:82:
e5:18:d2:50:a1:0b:d5:f6:e1:5f:4e:59:2f:22:05:02:04:b7:
ca:e2:ce:96:c7:c2:c0:31:74:c2:54:1b:1b:ba:60:0d:88:0d:
ef:69:c0:53:9c:de:f8:2e:70:45:37:b3:c3:2d:a2:49:aa:d5:
fe:0e:8d:c7:d7:f0:57:3b:54:17:99:12:e5:3a:0a:3d:77:34:
a6:f0:13:93
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQljsj1+HkneOIw3dE7w4y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjUwMTAyMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIxZmFlMzdjMzUxYWI0OGM2ZmMzMWQ1OGU1ZWUzMGFhMWY5NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipLaUM1pkfUpagBLocp1z5DmoMSO
O4eCA6B0w0jPLAGmUUOPS27iX/e6OwQM1Mdj/sQPPwbaVgKxBztADWb+9vj5zccv
7Tcq0RrlPcLj0Q4DYnt05bK5i3Q/6NcwsLtSIun5GCMZpqOVUH0T9peeD6PV6Ag6
PFSGmqP7maUCv7zCOYbTlAkhnWfotJI3x7UTWrJfO0dqmqQ/ax8VKJSUKBD40h7a
xSZWSX0NV2GzfqkFUre1Y8v7NMuJ2QXQu03CGuc+wnFFuj6BBSFqlY9gzoA0XI8d
Ms2OzCEY9SKeBAhrmGagIj7r+rljBjITMVgYsma0YgiDHMYThNoJeywUHQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFIh+uN8NRq0jG/DHVjl7jCqH5bvMB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvVWlINjQzdzFHclNNYjhNZFdPWHVNS29mbHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn7nAwQB
w3JqMA8EAgACMAkDBwEgAQZ8A+gwDQYJKoZIhvcNAQELBQADggEBAHHNnO4js3is
vjlDx+8H1CTyimo11Sz6bnK9QzY7uEssgqEMrQqa6QLOI6as0ZduS1EjnuvDhd6m
kV0vLPvifyyKWNK1Yn5ocf4w8jZlRonrb9jIo9wmuPBanbmLR8TebvDnMe/VOZ1F
CksUUgZ7zLLikcTLhvJvQTaAnynO497cmKoelbHRS+mTb7hziMccDFEoeZdmzDna
iLVrpOjQy9IXNcIoNhlE05nwuaWaLy3+N3YVguUY0lChC9X24V9OWS8iBQIEt8ri
zpbHwsAxdMJUGxu6YA2IDe9pwFOc3vgucEU3s8Mtokmq1f4OjcfX8Fc7VBeZEuU6
Cj13NKbwE5M=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:22:59 2025 by rpki-client