Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/ulqVIFVosPowykxTM5-oqMzd4Gw.roa
File: ulqVIFVosPowykxTM5-oqMzd4Gw.roa (raw, json)
Hash identifier: GyWK8Gwo9Zktpx8zDLY/DbSmWK69tqfb6z/bHNQk+aU=
Subject key identifier: BA:5A:95:20:55:68:B0:FA:30:CA:4C:53:33:9F:A8:A8:CC:DD:E0:6C
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 01942067CF8DA8E73D4F75387E1036648D58
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/ulqVIFVosPowykxTM5-oqMzd4Gw.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210616
IP address blocks: 212.15.56.0/22 maxlen: 22
212.15.56.0/23 maxlen: 23
212.15.56.0/24 maxlen: 24
212.15.57.0/24 maxlen: 24
212.15.58.0/23 maxlen: 23
212.15.58.0/24 maxlen: 24
212.15.59.0/24 maxlen: 24
212.15.61.0/24 maxlen: 24
212.15.62.0/23 maxlen: 23
212.15.62.0/24 maxlen: 24
212.15.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cf:8d:a8:e7:3d:4f:75:38:7e:10:36:64:8d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba5a95205568b0fa30ca4c53339fa8a8ccdde06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:95:c2:46:d4:af:0e:2b:a8:a0:2b:39:e1:f3:
26:09:3a:af:12:a3:b4:24:0e:05:b9:89:72:24:ba:
d0:70:56:c7:17:e0:f5:8a:87:1c:23:cc:72:f8:f8:
66:4b:e4:8f:0c:c2:0e:ee:34:21:95:78:1f:8b:db:
c6:1b:a5:0a:4d:d8:73:da:54:22:08:f6:f9:00:5f:
3e:aa:ce:72:c5:32:17:38:e4:26:7f:4b:6a:4e:c4:
9f:81:60:e3:1f:ac:bf:fe:10:12:bb:0d:92:f3:0a:
f3:e6:ab:6a:51:c3:d5:6f:fe:26:49:70:1b:ae:9e:
50:8d:79:47:0a:48:8f:bd:6b:0a:df:b6:15:d6:15:
3c:6b:84:57:0c:32:e4:9e:4b:8a:33:18:87:9e:17:
63:2e:fe:48:8b:f9:f6:b7:02:51:70:77:5c:d5:03:
44:25:5e:76:a7:e9:d8:8e:e1:7d:b5:e4:60:fa:50:
2e:10:a1:2d:06:b6:27:92:33:6b:14:32:b8:22:3f:
54:93:12:67:f4:dc:f0:e3:3a:d4:01:3b:d4:a3:93:
cb:ec:10:32:8f:69:89:a4:68:c8:bb:7d:20:92:61:
e4:a1:d8:80:7a:cd:66:6a:4d:8b:b7:33:1e:eb:f9:
13:cb:5c:b7:09:1c:82:90:ef:de:6a:64:c0:db:69:
6b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5A:95:20:55:68:B0:FA:30:CA:4C:53:33:9F:A8:A8:CC:DD:E0:6C
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/ulqVIFVosPowykxTM5-oqMzd4Gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.56.0/22
212.15.61.0-212.15.63.255
Signature Algorithm: sha256WithRSAEncryption
6e:63:90:d5:23:ef:28:56:9e:91:13:c5:59:6b:7b:e2:8d:09:
57:2a:2b:08:80:9a:de:3d:7f:fc:7b:9e:24:58:96:5f:27:18:
6c:ef:a9:14:f6:6f:1c:bb:2d:16:ff:69:b6:81:5a:78:21:28:
ae:4e:7d:11:f6:6d:85:fc:e3:06:0f:6e:30:b8:71:aa:05:36:
2d:64:b8:5d:44:4d:52:bd:09:56:d1:36:7a:ac:db:9c:19:aa:
48:7d:db:9a:1d:d8:b6:ea:49:7a:15:2b:3d:6d:6e:95:45:7b:
5c:ba:3c:74:7c:dd:1f:9a:8b:62:03:d6:80:8d:08:66:1b:35:
00:f1:8a:24:77:95:bd:cb:0e:20:79:21:d9:37:cf:85:29:12:
da:73:4b:70:d7:8d:71:3c:dd:72:e5:f9:9b:1a:4d:bf:3a:94:
90:c1:d3:a9:b3:c6:9d:43:4f:dd:19:f6:fe:00:98:a9:76:8c:
b8:d4:e8:bb:b0:7e:a7:d4:28:ed:05:1e:af:58:2c:43:40:cd:
59:86:b8:5f:ab:fc:44:97:25:99:00:4e:9d:2f:73:b6:43:41:
f6:86:a2:49:42:a0:ba:d8:35:65:ae:ae:40:cf:f7:e0:06:ed:
cd:79:db:21:9b:a0:ec:bf:00:cb:9d:d8:23:65:8d:57:fb:ec:
aa:28:60:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQgZ8+NqOc9T3U4fhA2ZI1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVhOTUyMDU1NjhiMGZhMzBjYTRjNTMzMzlmYThhOGNjZGRlMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5XCRtSvDiuooCs54fMmCTqvEqO0
JA4FuYlyJLrQcFbHF+D1ioccI8xy+PhmS+SPDMIO7jQhlXgfi9vGG6UKTdhz2lQi
CPb5AF8+qs5yxTIXOOQmf0tqTsSfgWDjH6y//hASuw2S8wrz5qtqUcPVb/4mSXAb
rp5QjXlHCkiPvWsK37YV1hU8a4RXDDLknkuKMxiHnhdjLv5Ii/n2twJRcHdc1QNE
JV52p+nYjuF9teRg+lAuEKEtBrYnkjNrFDK4Ij9UkxJn9Nzw4zrUATvUo5PL7BAy
j2mJpGjIu30gkmHkodiAes1mak2LtzMe6/kTy1y3CRyCkO/eamTA22lr8QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLpalSBVaLD6MMpMUzOfqKjM3eBsMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvdWxxVklGVm9zUG93eWt4VE01LW9xTXpkNEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1A84MAwD
BADUDz0DBAbUDwAwDQYJKoZIhvcNAQELBQADggEBAG5jkNUj7yhWnpETxVlre+KN
CVcqKwiAmt49f/x7niRYll8nGGzvqRT2bxy7LRb/abaBWnghKK5OfRH2bYX84wYP
bjC4caoFNi1kuF1ETVK9CVbRNnqs25wZqkh925od2LbqSXoVKz1tbpVFe1y6PHR8
3R+ai2ID1oCNCGYbNQDxiiR3lb3LDiB5Idk3z4UpEtpzS3DXjXE83XLl+ZsaTb86
lJDB06mzxp1DT90Z9v4AmKl2jLjU6LuwfqfUKO0FHq9YLENAzVmGuF+r/ESXJZkA
Tp0vc7ZDQfaGoklCoLrYNWWurkDP9+AG7c152yGboOy/AMud2CNljVf77KooYJA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:03 2025 by rpki-client