Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ulAQMEhiiD6nvLf2GQmHqfhKfDk.roa
File: ulAQMEhiiD6nvLf2GQmHqfhKfDk.roa (raw, json)
Hash identifier: ZXAtCgP1311wjyqhlSRtGFBWuDBaHLdXK24zr+zU3xg=
Subject key identifier: BA:50:10:30:48:62:88:3E:A7:BC:B7:F6:19:09:87:A9:F8:4A:7C:39
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01971D780888390534C71ABA471852D1E06D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ulAQMEhiiD6nvLf2GQmHqfhKfDk.roa
Signing time: Thu 29 May 2025 19:14:55 +0000
ROA not before: Thu 29 May 2025 19:14:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213153
IP address blocks: 185.166.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 21:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1d:78:08:88:39:05:34:c7:1a:ba:47:18:52:d1:e0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 29 19:14:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba5010304862883ea7bcb7f6190987a9f84a7c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:65:38:2b:2e:f0:ae:7e:e2:bc:2c:4c:3e:
7f:f9:ec:c8:90:12:a1:b3:b5:9c:27:8d:51:23:cc:
ea:a9:cd:bf:f1:f2:35:13:04:ab:3e:b0:7c:4d:bd:
eb:13:f4:aa:0d:fb:ee:29:7b:39:4b:ed:5f:a3:c1:
0b:34:df:87:ae:9f:52:fa:e1:d0:52:bf:c9:ea:1e:
b0:0f:28:79:70:ae:b9:77:70:67:75:61:52:bd:08:
78:ed:3c:01:0d:4f:31:0b:29:bd:40:be:a3:27:c5:
24:2e:f7:4c:91:b4:9e:f6:5c:80:f3:b0:bf:13:14:
47:1a:0b:b1:eb:5c:7a:af:94:15:ee:cd:e4:0c:6c:
78:de:76:ad:bb:62:ca:d2:47:87:7c:6f:66:bb:28:
d5:72:6c:dc:cb:f4:c9:fa:38:7c:8e:6a:56:31:39:
4a:7a:29:53:0f:ec:5e:84:bd:56:8d:7f:f0:cb:2d:
b7:3c:4f:69:3b:e8:fc:21:85:d0:a6:ca:a4:27:12:
a8:05:3f:2c:fb:2a:ce:4c:b7:5c:ab:15:4a:b8:af:
58:90:cf:f5:16:81:df:43:bd:d3:d3:b1:b4:76:89:
35:f9:8a:7c:ef:fc:c7:d5:10:fa:64:a4:27:73:5c:
28:55:f7:a0:c5:65:e6:73:aa:cf:c2:e1:07:57:08:
69:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:50:10:30:48:62:88:3E:A7:BC:B7:F6:19:09:87:A9:F8:4A:7C:39
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ulAQMEhiiD6nvLf2GQmHqfhKfDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:e2:72:cb:fc:5a:07:60:89:fb:ae:e1:09:a5:b1:1a:2d:bc:
93:21:95:36:7a:0a:7f:fc:ef:f6:6d:0c:02:01:2f:ef:15:94:
1b:dd:56:82:96:8b:88:14:ce:ec:a5:c6:6f:44:f1:c3:7f:3d:
6a:22:a5:a0:a7:c4:00:13:d9:ee:bb:30:a5:e8:c5:b8:e8:95:
17:1b:a3:5c:bd:56:c8:57:fe:9e:53:6b:df:a0:39:47:30:4f:
8b:65:82:69:ee:af:44:79:1d:99:73:83:7c:da:fa:54:48:dd:
00:31:e7:61:2a:07:71:fb:82:30:ad:6d:b3:e9:43:3b:06:23:
03:08:7e:a0:75:64:7d:b7:0b:a8:97:32:57:21:27:47:ef:6c:
cb:a8:a5:f4:61:18:a4:f8:ef:0c:a8:95:b9:90:aa:83:78:db:
05:b5:e7:99:d1:08:e9:26:7c:b5:1b:82:6a:33:6b:c4:56:40:
1e:22:6f:a1:19:dd:bc:e2:66:fd:11:0c:69:71:84:b4:6b:ba:
9a:bf:cd:36:01:bb:e5:20:f5:3c:33:71:84:6b:ea:c2:78:91:
5a:c5:87:4b:7f:0e:42:d0:54:36:f5:33:bb:be:47:39:8e:20:
f9:82:50:2a:fc:e4:57:e4:24:6c:61:ea:9e:5b:31:7e:79:76:
b0:51:a3:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcdeAiIOQU0xxq6RxhS0eBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTI5MTkxNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTUwMTAzMDQ4NjI4ODNlYTdiY2I3ZjYxOTA5ODdhOWY4NGE3YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU5lOCsu8K5+4rwsTD5/+ezIkBKh
s7WcJ41RI8zqqc2/8fI1EwSrPrB8Tb3rE/SqDfvuKXs5S+1fo8ELNN+Hrp9S+uHQ
Ur/J6h6wDyh5cK65d3BndWFSvQh47TwBDU8xCym9QL6jJ8UkLvdMkbSe9lyA87C/
ExRHGgux61x6r5QV7s3kDGx43natu2LK0keHfG9muyjVcmzcy/TJ+jh8jmpWMTlK
eilTD+xehL1WjX/wyy23PE9pO+j8IYXQpsqkJxKoBT8s+yrOTLdcqxVKuK9YkM/1
FoHfQ73T07G0dok1+Yp87/zH1RD6ZKQnc1woVfegxWXmc6rPwuEHVwhpSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpQEDBIYog+p7y39hkJh6n4Snw5MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdWxBUU1FaGlpRDZudkxmMkdRbUhxZmhLZkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaasMA0G
CSqGSIb3DQEBCwUAA4IBAQCm4nLL/FoHYIn7ruEJpbEaLbyTIZU2egp//O/2bQwC
AS/vFZQb3VaClouIFM7spcZvRPHDfz1qIqWgp8QAE9nuuzCl6MW46JUXG6NcvVbI
V/6eU2vfoDlHME+LZYJp7q9EeR2Zc4N82vpUSN0AMedhKgdx+4IwrW2z6UM7BiMD
CH6gdWR9twuolzJXISdH72zLqKX0YRik+O8MqJW5kKqDeNsFteeZ0QjpJny1G4Jq
M2vEVkAeIm+hGd284mb9EQxpcYS0a7qav802AbvlIPU8M3GEa+rCeJFaxYdLfw5C
0FQ29TO7vkc5jiD5glAq/ORX5CRsYeqeWzF+eXawUaM9
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:35:32 2025 by rpki-client