Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/UgQOVXjSfDZ0oMmnpF9LnBZc5Iw.roa
File: UgQOVXjSfDZ0oMmnpF9LnBZc5Iw.roa (raw, json)
Hash identifier: EuORew0X+P8iEghXgdkM03dJatTHGRU6W9xGTUJPJEY=
Subject key identifier: 52:04:0E:55:78:D2:7C:36:74:A0:C9:A7:A4:5F:4B:9C:16:5C:E4:8C
Certificate issuer: /CN=0de2720c57db027610c821c84047b110bc36ddc3
Certificate serial: 0194221F8145CC01596AD013547F1C4A9576
Authority key identifier: 0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/UgQOVXjSfDZ0oMmnpF9LnBZc5Iw.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202829
IP address blocks: 185.152.188.0/22 maxlen: 24
194.11.16.0/24 maxlen: 24
194.11.19.0/24 maxlen: 24
194.11.25.0/24 maxlen: 24
194.11.83.0/24 maxlen: 24
2a07:80c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:81:45:cc:01:59:6a:d0:13:54:7f:1c:4a:95:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0de2720c57db027610c821c84047b110bc36ddc3
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52040e5578d27c3674a0c9a7a45f4b9c165ce48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:35:7d:c7:0e:04:13:36:a2:27:9d:db:bb:e2:
e8:29:ba:39:5e:0b:28:1f:ae:7a:8f:7f:05:fa:f7:
8a:47:71:65:87:be:78:ea:e0:21:e7:bc:77:e6:09:
fa:fb:1d:fa:89:f2:ad:d4:e9:3a:fb:8d:b3:8b:1e:
31:c3:72:bb:47:35:68:a7:85:27:fc:df:7c:0f:77:
8b:89:12:5a:82:97:33:0b:b8:be:f1:d0:07:e4:e5:
63:7e:b5:d7:c0:5c:3f:3e:a6:ca:48:b9:8a:87:95:
5e:a3:32:6e:cd:e6:c4:c8:e0:d8:b3:42:a9:14:79:
c1:ed:4b:32:37:b8:30:0b:cb:27:e5:79:c9:19:2a:
fa:e8:f1:f2:ba:8f:6b:fa:21:69:73:3e:0d:f5:74:
40:db:bd:df:aa:44:c7:d0:f2:a9:24:84:ff:e5:64:
bb:28:cd:db:66:93:73:20:2b:64:23:02:64:51:d1:
d2:d5:57:6e:76:dc:a7:fb:f5:65:58:a0:ae:76:28:
a0:ba:7e:f4:9b:d4:92:95:d0:80:99:a4:04:fc:bb:
bf:63:92:98:13:16:ec:62:88:30:d4:db:dc:ee:d4:
05:2d:3e:97:d7:14:38:43:9a:ad:0c:55:43:0a:19:
03:7d:10:34:db:58:f5:47:e9:34:24:60:e2:3d:b8:
f4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:04:0E:55:78:D2:7C:36:74:A0:C9:A7:A4:5F:4B:9C:16:5C:E4:8C
X509v3 Authority Key Identifier:
keyid:0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/UgQOVXjSfDZ0oMmnpF9LnBZc5Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.188.0/22
194.11.16.0/24
194.11.19.0/24
194.11.25.0/24
194.11.83.0/24
IPv6:
2a07:80c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:3b:fd:51:64:83:50:5a:47:df:6e:ca:1e:b1:f9:66:14:c4:
d3:c8:10:f9:8b:8e:10:ee:b6:7a:c2:24:40:19:9f:5a:0d:d4:
db:f1:ab:3d:cf:60:fd:e7:cf:cc:10:08:6b:54:b5:8f:60:31:
38:3e:55:00:dd:0e:b6:f6:66:57:b0:d5:5d:dd:5b:79:ed:28:
74:35:f3:4d:f2:43:0c:68:d7:8f:f3:46:b0:1d:42:db:32:ac:
28:52:5e:86:3e:b5:13:5c:1c:a1:ad:35:05:a1:e7:3e:e2:12:
15:2c:84:14:d0:f3:2f:58:12:c3:9b:ca:36:3e:3b:4b:9d:05:
55:b0:8b:bd:21:86:4e:95:a1:62:7d:ad:3e:b3:a7:8f:9e:50:
f4:ee:68:de:bf:ba:89:6e:a2:c8:85:bb:6f:68:04:cf:46:23:
46:7e:01:0f:2f:21:22:ba:a5:cf:cd:e9:a1:62:93:82:77:dc:
6c:a2:5d:d7:e2:18:63:db:4e:7d:7a:0f:14:88:17:27:d8:f5:
23:c0:a8:a3:7a:fe:b6:9a:9e:99:b9:cc:30:e5:eb:98:25:cc:
9d:e9:c6:49:d8:7b:02:72:64:10:7a:38:05:84:75:07:40:fe:
42:27:f0:f5:10:a7:66:92:35:05:8f:d5:8d:18:ba:86:77:07:
aa:f7:ff:11
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQiH4FFzAFZatATVH8cSpV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZTI3MjBjNTdkYjAyNzYxMGM4MjFjODQwNDdiMTEwYmMz
NmRkYzMwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA0MGU1NTc4ZDI3YzM2NzRhMGM5YTdhNDVmNGI5YzE2NWNlNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDV9xw4EEzaiJ53bu+LoKbo5Xgso
H656j38F+veKR3Flh7546uAh57x35gn6+x36ifKt1Ok6+42zix4xw3K7RzVop4Un
/N98D3eLiRJagpczC7i+8dAH5OVjfrXXwFw/PqbKSLmKh5VeozJuzebEyODYs0Kp
FHnB7UsyN7gwC8sn5XnJGSr66PHyuo9r+iFpcz4N9XRA273fqkTH0PKpJIT/5WS7
KM3bZpNzICtkIwJkUdHS1Vdudtyn+/VlWKCudiigun70m9SSldCAmaQE/Lu/Y5KY
ExbsYogw1Nvc7tQFLT6X1xQ4Q5qtDFVDChkDfRA021j1R+k0JGDiPbj0AQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFIEDlV40nw2dKDJp6RfS5wWXOSMMB8GA1UdIwQY
MBaAFA3icgxX2wJ2EMghyEBHsRC8Nt3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAt
NjMxMGJmNjMwNTFmLzEvVWdRT1ZYalNmRFowb01tbnBGOUxuQlpjNUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAtNjMxMGJmNjMwNTFm
LzEvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuZi8AwQA
wgsQAwQAwgsTAwQAwgsZAwQAwgtTMA0EAgACMAcDBQMqB4DAMA0GCSqGSIb3DQEB
CwUAA4IBAQBNO/1RZINQWkffbsoesflmFMTTyBD5i44Q7rZ6wiRAGZ9aDdTb8as9
z2D958/MEAhrVLWPYDE4PlUA3Q629mZXsNVd3Vt57Sh0NfNN8kMMaNeP80awHULb
MqwoUl6GPrUTXByhrTUFoec+4hIVLIQU0PMvWBLDm8o2PjtLnQVVsIu9IYZOlaFi
fa0+s6ePnlD07mjev7qJbqLIhbtvaATPRiNGfgEPLyEiuqXPzemhYpOCd9xsol3X
4hhj2059eg8UiBcn2PUjwKijev62mp6Zucww5euYJcyd6cZJ2HsCcmQQejgFhHUH
QP5CJ/D1EKdmkjUFj9WNGLqGdweq9/8R
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:06 2025 by rpki-client