Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/UzhPx96yGOR4LTMi9dIu864aqsY.roa
File: UzhPx96yGOR4LTMi9dIu864aqsY.roa (raw, json)
Hash identifier: bKjirubIh89AKZTNw76UL/cnaoe6Ib86+oTooy6mls0=
Subject key identifier: 53:38:4F:C7:DE:B2:18:E4:78:2D:33:22:F5:D2:2E:F3:AE:1A:AA:C6
Certificate issuer: /CN=65295913c07c226100bd39f1ee2c52ea98aaee14
Certificate serial: 01942067F6009BAC15F68D633A2E3238DB46
Authority key identifier: 65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/UzhPx96yGOR4LTMi9dIu864aqsY.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50012
IP address blocks: 185.157.121.0/24 maxlen: 24
193.104.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f6:00:9b:ac:15:f6:8d:63:3a:2e:32:38:db:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65295913c07c226100bd39f1ee2c52ea98aaee14
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53384fc7deb218e4782d3322f5d22ef3ae1aaac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5a:67:63:35:ec:af:f9:04:cd:66:1b:cf:cf:
bd:1f:c1:75:bf:87:25:94:5d:ad:90:1f:d1:30:76:
b2:30:08:f5:69:14:9f:da:1f:8e:dc:bb:8d:d5:dc:
0d:af:00:9b:b2:73:bc:2c:4d:1d:ab:a8:c5:96:04:
56:64:6f:e2:7c:56:d3:44:dc:3a:91:3d:1e:b3:cc:
40:1f:a0:03:be:72:7b:54:54:94:42:eb:c3:a0:be:
3b:7a:8a:dd:7e:69:be:a3:ec:c4:c9:8c:df:ae:aa:
85:91:49:c7:67:ac:47:c6:f0:11:5e:6a:df:60:fc:
df:bf:1b:8e:fa:05:02:40:a0:50:66:f8:27:49:25:
63:fe:41:e5:6a:a3:03:ed:93:93:99:6c:c6:0b:13:
bf:ba:76:20:4c:79:8a:74:76:72:5d:74:c0:13:83:
8b:f6:71:8c:c1:5f:73:90:5c:21:de:82:8d:99:a3:
d5:93:37:fe:b5:39:56:11:f3:5e:51:a6:1e:37:12:
b2:57:55:c1:ec:9a:c0:29:d4:fc:03:fb:a9:7f:85:
e1:30:3d:22:82:36:14:ac:c6:ec:44:a1:46:d4:21:
2a:eb:7f:c2:cc:21:69:8b:db:d4:93:a1:be:f5:c1:
cf:d8:ee:50:e9:75:c5:2d:72:3d:38:1c:fb:35:8f:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:38:4F:C7:DE:B2:18:E4:78:2D:33:22:F5:D2:2E:F3:AE:1A:AA:C6
X509v3 Authority Key Identifier:
keyid:65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/UzhPx96yGOR4LTMi9dIu864aqsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.121.0/24
193.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:79:59:e9:9d:e6:22:45:64:59:c8:fa:72:87:b9:11:c0:28:
d2:94:af:5d:f3:c7:60:06:38:51:f7:77:9e:a3:cf:5d:9f:00:
28:58:53:04:7b:d6:84:8f:6a:ad:9a:3e:31:4a:e2:3b:6b:a4:
23:cd:c4:72:5a:58:17:a7:de:62:f7:2d:77:07:ec:95:a3:e3:
14:b6:e1:ae:9b:e0:5f:e1:b7:e3:a3:4d:b8:dc:13:15:d8:10:
5f:bd:c6:2f:9c:4d:44:64:14:59:72:fe:54:8a:d6:bc:01:87:
f6:60:a3:6e:7d:d9:2e:f5:ac:dc:4e:59:18:17:f0:ce:40:36:
fe:d0:8e:16:2a:fd:5d:5f:a2:2f:65:dd:d4:78:49:76:e7:0a:
75:53:7d:94:05:9b:86:31:91:fd:a3:c3:b7:32:ca:16:d3:04:
f8:94:ea:0c:c5:09:c0:e7:31:d1:f0:36:ea:96:e6:87:6b:c5:
76:c8:a7:30:44:58:8c:b7:96:b4:f5:a2:c4:6b:82:d6:59:0e:
1c:ee:77:d6:43:cc:e7:6e:22:9e:f3:18:76:48:f4:5d:5a:a6:
31:e0:ac:4f:c9:22:fb:b0:eb:96:37:ed:c3:aa:35:2b:de:20:
4c:24:5e:a9:15:bc:ef:e6:fe:d0:00:a4:82:8c:6a:25:e5:38:
33:2c:38:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ/YAm6wV9o1jOi4yONtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Mjk1OTEzYzA3YzIyNjEwMGJkMzlmMWVlMmM1MmVhOThh
YWVlMTQwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM4NGZjN2RlYjIxOGU0NzgyZDMzMjJmNWQyMmVmM2FlMWFhYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlpnYzXsr/kEzWYbz8+9H8F1v4cl
lF2tkB/RMHayMAj1aRSf2h+O3LuN1dwNrwCbsnO8LE0dq6jFlgRWZG/ifFbTRNw6
kT0es8xAH6ADvnJ7VFSUQuvDoL47eordfmm+o+zEyYzfrqqFkUnHZ6xHxvARXmrf
YPzfvxuO+gUCQKBQZvgnSSVj/kHlaqMD7ZOTmWzGCxO/unYgTHmKdHZyXXTAE4OL
9nGMwV9zkFwh3oKNmaPVkzf+tTlWEfNeUaYeNxKyV1XB7JrAKdT8A/upf4XhMD0i
gjYUrMbsRKFG1CEq63/CzCFpi9vUk6G+9cHP2O5Q6XXFLXI9OBz7NY+CDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFM4T8feshjkeC0zIvXSLvOuGqrGMB8GA1UdIwQY
MBaAFGUpWRPAfCJhAL058e4sUuqYqu4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYt
NjQyMzZmYzM2ZDFkLzEvVXpoUHg5NnlHT1I0TFRNaTlkSXU4NjRhcXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYtNjQyMzZmYzM2ZDFk
LzEvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZ15AwQA
wWhVMA0GCSqGSIb3DQEBCwUAA4IBAQCweVnpneYiRWRZyPpyh7kRwCjSlK9d88dg
BjhR93eeo89dnwAoWFMEe9aEj2qtmj4xSuI7a6QjzcRyWlgXp95i9y13B+yVo+MU
tuGum+Bf4bfjo0243BMV2BBfvcYvnE1EZBRZcv5Uita8AYf2YKNufdku9azcTlkY
F/DOQDb+0I4WKv1dX6IvZd3UeEl25wp1U32UBZuGMZH9o8O3MsoW0wT4lOoMxQnA
5zHR8DbqluaHa8V2yKcwRFiMt5a09aLEa4LWWQ4c7nfWQ8znbiKe8xh2SPRdWqYx
4KxPySL7sOuWN+3DqjUr3iBMJF6pFbzv5v7QAKSCjGol5TgzLDgr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:29 2025 by rpki-client