Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/uwL3ypGLb_CaISyODq46_j9FKrM.roa
File: uwL3ypGLb_CaISyODq46_j9FKrM.roa (raw, json)
Hash identifier: xCrbMi0hxh88kUV/oxrokW/pEF8foYlLuuOWDjfscJA=
Subject key identifier: BB:02:F7:CA:91:8B:6F:F0:9A:21:2C:8E:0E:AE:3A:FE:3F:45:2A:B3
Certificate issuer: /CN=e1e8b7cab521e88e8022a36424544185538a7b33
Certificate serial: 0196F3781011C751B13449547A0331277FDE
Authority key identifier: E1:E8:B7:CA:B5:21:E8:8E:80:22:A3:64:24:54:41:85:53:8A:7B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/uwL3ypGLb_CaISyODq46_j9FKrM.roa
Signing time: Wed 21 May 2025 15:30:53 +0000
ROA not before: Wed 21 May 2025 15:30:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48214
IP address blocks: 185.154.190.0/24 maxlen: 24
2a13:1640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:78:10:11:c7:51:b1:34:49:54:7a:03:31:27:7f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8b7cab521e88e8022a36424544185538a7b33
Validity
Not Before: May 21 15:30:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb02f7ca918b6ff09a212c8e0eae3afe3f452ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:60:78:b3:db:a2:fd:61:19:7f:f5:21:77:15:
90:7a:e7:be:f2:93:b8:17:cb:ac:a4:38:70:35:f0:
5d:7c:2c:95:f8:9e:cc:ce:ed:74:2b:72:e6:0b:81:
a3:ff:10:6a:73:1c:28:a9:4b:a1:97:20:97:a1:44:
77:cb:d5:96:c3:d9:47:da:fd:da:eb:34:83:bd:81:
0e:c2:e6:90:4a:dd:50:5a:7e:d8:a5:00:7b:9c:cb:
ea:2f:04:d2:2e:85:16:93:5b:71:b7:90:ff:06:ee:
06:47:63:0c:a4:fb:25:97:02:5a:57:a1:77:e4:e2:
43:26:a9:f1:68:3c:85:4d:df:8b:40:9b:c5:3c:22:
26:12:01:22:26:8a:7a:df:f4:54:4a:b7:de:31:94:
41:38:0e:ea:d1:ae:0a:4f:fe:23:f0:81:a5:8b:0c:
6c:5b:e8:f6:6d:0f:f7:63:4d:d3:37:b9:9c:db:3a:
c6:07:ed:a2:71:f9:6c:5d:9c:3e:8b:36:25:2f:53:
b3:14:0b:37:0e:b4:17:b9:34:0d:14:94:a8:0c:24:
dd:87:7c:ec:5c:4b:4e:f7:00:76:05:67:46:25:71:
f1:9b:26:82:92:bc:1b:60:9e:8a:34:e9:66:90:6b:
96:e6:c3:c4:37:f9:25:da:aa:b8:91:59:bf:9a:7d:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:02:F7:CA:91:8B:6F:F0:9A:21:2C:8E:0E:AE:3A:FE:3F:45:2A:B3
X509v3 Authority Key Identifier:
keyid:E1:E8:B7:CA:B5:21:E8:8E:80:22:A3:64:24:54:41:85:53:8A:7B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/uwL3ypGLb_CaISyODq46_j9FKrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.190.0/24
IPv6:
2a13:1640::/29
Signature Algorithm: sha256WithRSAEncryption
4a:04:63:1d:ee:d6:ff:b0:99:f4:f8:9e:80:02:c9:fa:68:8b:
a1:d6:f5:88:7e:8c:80:fc:ec:a1:6a:38:63:c6:15:1b:40:f8:
47:7c:d7:e5:7d:a4:ea:3b:9b:40:72:cd:38:46:9e:66:30:1b:
27:fc:25:63:bc:63:aa:f7:f9:ff:75:0b:ac:a2:3a:80:36:e4:
77:07:6a:7f:78:5a:45:24:2f:87:08:c1:d2:2e:2f:ed:72:ed:
c4:0f:2a:ad:69:a8:af:b6:2d:76:44:2b:cb:10:38:9a:25:4b:
8e:89:f3:4e:78:0a:8f:16:2e:13:73:d1:40:b1:86:14:03:74:
7b:00:a2:0d:e2:9f:3d:61:29:e7:35:14:32:ff:63:2d:cf:ee:
9f:6e:0c:5d:ab:b3:ad:4d:95:00:85:6c:84:dc:55:8b:5c:65:
b3:b9:0c:1a:5d:58:a3:42:2c:06:30:66:7a:da:fb:3b:f5:86:
ba:32:18:69:08:68:e1:2f:02:86:ba:00:43:87:a5:5c:cf:08:
ac:87:61:0a:53:1a:cf:2a:72:d1:60:b6:3b:40:b9:7a:47:a9:
09:8b:59:e9:d4:0c:ca:7b:e0:24:69:8c:e5:eb:52:b6:f0:0a:
9f:6a:25:12:38:03:b7:fa:cc:70:e2:5a:6c:9e:ca:8e:19:f2:
40:bb:86:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZbzeBARx1GxNElUegMxJ3/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThiN2NhYjUyMWU4OGU4MDIyYTM2NDI0NTQ0MTg1NTM4
YTdiMzMwHhcNMjUwNTIxMTUzMDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAyZjdjYTkxOGI2ZmYwOWEyMTJjOGUwZWFlM2FmZTNmNDUyYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGB4s9ui/WEZf/UhdxWQeue+8pO4
F8uspDhwNfBdfCyV+J7Mzu10K3LmC4Gj/xBqcxwoqUuhlyCXoUR3y9WWw9lH2v3a
6zSDvYEOwuaQSt1QWn7YpQB7nMvqLwTSLoUWk1txt5D/Bu4GR2MMpPsllwJaV6F3
5OJDJqnxaDyFTd+LQJvFPCImEgEiJop63/RUSrfeMZRBOA7q0a4KT/4j8IGliwxs
W+j2bQ/3Y03TN7mc2zrGB+2icflsXZw+izYlL1OzFAs3DrQXuTQNFJSoDCTdh3zs
XEtO9wB2BWdGJXHxmyaCkrwbYJ6KNOlmkGuW5sPEN/kl2qq4kVm/mn1NdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLsC98qRi2/wmiEsjg6uOv4/RSqzMB8GA1UdIwQY
MBaAFOHot8q1IeiOgCKjZCRUQYVTinszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVpM3lyVWg2STZBSXFOa0pGUkJoVk9LZXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8xNGYyYzUtNDZmZS00NjcwLTlkZDYt
MjFjNTg0NzBiOGQyLzEvdXdMM3lwR0xiX0NhSVN5T0RxNDZfajlGS3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8xNGYyYzUtNDZmZS00NjcwLTlkZDYtMjFjNTg0NzBiOGQy
LzEvNGVpM3lyVWg2STZBSXFOa0pGUkJoVk9LZXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZq+MA0E
AgACMAcDBQMqExZAMA0GCSqGSIb3DQEBCwUAA4IBAQBKBGMd7tb/sJn0+J6AAsn6
aIuh1vWIfoyA/OyhajhjxhUbQPhHfNflfaTqO5tAcs04Rp5mMBsn/CVjvGOq9/n/
dQusojqANuR3B2p/eFpFJC+HCMHSLi/tcu3EDyqtaaivti12RCvLEDiaJUuOifNO
eAqPFi4Tc9FAsYYUA3R7AKIN4p89YSnnNRQy/2Mtz+6fbgxdq7OtTZUAhWyE3FWL
XGWzuQwaXVijQiwGMGZ62vs79Ya6MhhpCGjhLwKGugBDh6Vczwish2EKUxrPKnLR
YLY7QLl6R6kJi1np1AzKe+AkaYzl61K28AqfaiUSOAO3+sxw4lpsnsqOGfJAu4ao
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:19:58 2025 by rpki-client