Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uhUfOemLlSizJlvnI4iZXIRsvD4.roa
File: uhUfOemLlSizJlvnI4iZXIRsvD4.roa (raw, json)
Hash identifier: VkvlIs3PMisicDeiEnRW3SF8FPJpEZKckV5h24sjnkw=
Subject key identifier: BA:15:1F:39:E9:8B:95:28:B3:26:5B:E7:23:88:99:5C:84:6C:BC:3E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FB9296128CE842B8C0F4052716BB85
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uhUfOemLlSizJlvnI4iZXIRsvD4.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.114.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.232.0/24 maxlen: 24
88.209.233.0/24 maxlen: 24
88.209.234.0/24 maxlen: 24
88.209.235.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:92:96:12:8c:e8:42:b8:c0:f4:05:27:16:bb:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba151f39e98b9528b3265be72388995c846cbc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:d6:67:92:97:9b:14:69:26:47:96:be:a4:
b5:5d:49:e1:2d:d2:c2:33:56:1c:35:c2:b3:9f:13:
c7:7d:8c:80:cd:05:5b:cb:85:57:78:34:73:68:47:
f0:0a:ac:0b:77:8b:38:b1:8e:cc:62:34:06:c0:51:
b8:00:1e:2f:0d:29:c4:0e:df:6c:1b:85:96:90:6d:
ad:cb:d5:9a:60:96:35:91:71:54:32:5b:ad:20:9e:
1d:26:5c:5b:24:15:bb:57:6b:40:0d:11:70:c0:61:
ba:04:2e:af:76:12:cf:98:52:6c:b5:f9:0d:cd:ba:
31:73:8c:65:fd:c6:c3:c2:db:2b:28:1d:88:b8:38:
41:26:e4:3c:f1:06:ca:70:a1:38:a7:5c:c7:4d:16:
75:55:72:4c:3c:c4:71:82:95:f2:72:94:20:b9:b5:
fd:f1:0d:88:37:cd:4d:dc:78:81:d8:6b:61:c8:07:
6c:30:ac:04:75:4c:b3:7e:06:cb:d2:51:3c:5b:0d:
c4:d5:d8:9e:d7:5e:87:55:4f:b7:a5:bb:e3:e4:fe:
fa:ac:75:dd:42:9c:a8:3a:94:6e:75:23:fe:b7:5c:
92:10:97:7d:39:5a:a3:85:d5:86:27:1a:e1:41:52:
e9:ef:2d:b1:37:44:e9:1b:f9:0f:6d:60:6a:cc:38:
3a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:15:1F:39:E9:8B:95:28:B3:26:5B:E7:23:88:99:5C:84:6C:BC:3E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uhUfOemLlSizJlvnI4iZXIRsvD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
77.242.159.0/24
88.151.63.0/24
88.209.203.0/24
88.209.229.0-88.209.230.255
88.209.232.0/22
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
16:e5:ec:15:d5:c7:0d:47:51:b0:c5:3e:20:4b:c1:79:3f:c1:
68:00:4d:32:f5:7e:98:c6:e8:29:b7:9e:97:f4:41:ef:23:7e:
2a:41:41:63:22:8b:c1:ec:6d:6c:ee:bd:d1:5d:51:f5:16:9f:
26:fb:8c:27:97:dc:9e:c9:36:c3:a0:04:6b:90:87:7a:e4:31:
9c:b5:62:15:87:b6:f9:a5:40:17:f9:a3:61:c4:99:49:69:90:
39:4e:91:e5:94:5b:49:36:43:61:be:f4:58:a1:26:99:68:4a:
07:ba:62:83:a7:31:2d:0a:80:cc:9c:1b:52:43:b8:7f:c4:e3:
6d:49:c5:17:b4:96:6a:a4:aa:63:8b:b9:2a:52:d8:22:38:22:
e6:6f:36:5b:ad:8e:35:85:69:62:a5:e2:9e:90:6a:47:63:79:
f1:22:cf:e6:d3:6d:99:23:7f:da:3c:f6:10:30:3d:b2:0e:2b:
24:ff:ab:76:5a:93:08:21:c6:31:e4:47:c2:55:c8:85:e7:d0:
f8:39:5b:9f:07:b7:0b:b7:1e:4c:51:21:df:c1:53:8e:e2:30:
de:30:ee:6c:6e:20:89:7d:b8:ae:ef:fd:06:f1:6c:98:42:4b:
6a:0a:de:c1:0f:d5:47:13:2c:b6:2e:c5:d5:7b:17:85:ad:0f:
ee:a3:c0:81
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQi+5KWEozoQrjA9AUnFruFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTE1MWYzOWU5OGI5NTI4YjMyNjViZTcyMzg4OTk1Yzg0NmNiYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXXWZ5KXmxRpJkeWvqS1XUnhLdLC
M1YcNcKznxPHfYyAzQVby4VXeDRzaEfwCqwLd4s4sY7MYjQGwFG4AB4vDSnEDt9s
G4WWkG2ty9WaYJY1kXFUMlutIJ4dJlxbJBW7V2tADRFwwGG6BC6vdhLPmFJstfkN
zboxc4xl/cbDwtsrKB2IuDhBJuQ88QbKcKE4p1zHTRZ1VXJMPMRxgpXycpQgubX9
8Q2IN81N3HiB2GthyAdsMKwEdUyzfgbL0lE8Ww3E1die116HVU+3pbvj5P76rHXd
QpyoOpRudSP+t1ySEJd9OVqjhdWGJxrhQVLp7y2xN0TpG/kPbWBqzDg6mwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLoVHznpi5UosyZb5yOImVyEbLw+MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdWhVZk9lbUxsU2l6Smx2bkk0aVpYSVJzdkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABbZyAwQA
TfKfAwQAWJc/AwQAWNHLMAwDBABY0eUDBABY0eYDBAJY0egDBABY0f8DBABcNNYw
DQYJKoZIhvcNAQELBQADggEBABbl7BXVxw1HUbDFPiBLwXk/wWgATTL1fpjG6Cm3
npf0Qe8jfipBQWMii8HsbWzuvdFdUfUWnyb7jCeX3J7JNsOgBGuQh3rkMZy1YhWH
tvmlQBf5o2HEmUlpkDlOkeWUW0k2Q2G+9FihJploSge6YoOnMS0KgMycG1JDuH/E
421JxRe0lmqkqmOLuSpS2CI4IuZvNlutjjWFaWKl4p6QakdjefEiz+bTbZkjf9o8
9hAwPbIOKyT/q3ZakwghxjHkR8JVyIXn0Pg5W58Htwu3HkxRId/BU47iMN4w7mxu
IIl9uK7v/QbxbJhCS2oK3sEP1UcTLLYuxdV7F4WtD+6jwIE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:43:00 2025 by rpki-client