Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/UPczbud20oB9tgHwFSb2akGSJh4.roa
File: UPczbud20oB9tgHwFSb2akGSJh4.roa (raw, json)
Hash identifier: 4+rja0/RrelXJUDvcZSlg9HpxqQMawG+/C9XB2H3Tfk=
Subject key identifier: 50:F7:33:6E:E7:76:D2:80:7D:B6:01:F0:15:26:F6:6A:41:92:26:1E
Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial: 019420681F767B5ECB0F148926B75EF0D542
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/UPczbud20oB9tgHwFSb2akGSJh4.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.81.117.0/24 maxlen: 24
45.81.118.0/24 maxlen: 24
45.85.240.0/24 maxlen: 24
45.85.241.0/24 maxlen: 24
45.85.243.0/24 maxlen: 24
45.145.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1f:76:7b:5e:cb:0f:14:89:26:b7:5e:f0:d5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50f7336ee776d2807db601f01526f66a4192261e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:3e:a0:37:2c:2b:3f:2b:86:b9:29:cd:64:
47:04:2c:74:10:c8:6c:89:cc:d5:f6:46:e1:0f:19:
b6:71:6b:5c:1e:25:1c:6d:ba:df:ea:c1:1b:72:e3:
2a:ba:b9:b3:80:ac:28:09:ee:22:18:3d:81:3b:c0:
f2:7f:33:d2:fa:e1:9c:cd:a7:98:d0:5c:f9:f2:bc:
5b:c2:59:81:c7:dc:a3:17:e4:52:89:2f:af:fd:ea:
a0:f4:8b:2f:91:98:2a:4e:bb:6d:96:a8:57:fd:e7:
ee:c2:2a:61:cb:75:d3:75:f5:1d:ca:22:21:e8:7e:
b0:4b:30:d6:c9:24:b2:2f:84:49:e3:18:7a:a5:c4:
e7:7b:27:70:82:06:a7:e1:d4:5a:f3:a9:d7:a6:4f:
3d:89:45:af:3c:94:b8:45:04:30:e5:19:9e:b9:8d:
7e:b2:e4:0a:6a:48:43:36:11:15:75:b6:22:d1:84:
5d:9a:3a:ca:32:4e:8e:19:29:2a:b8:9a:67:04:f8:
22:87:51:eb:09:06:d2:7b:59:92:71:31:8c:18:fc:
9b:50:0c:27:13:ad:7d:a8:fe:f4:4b:d6:b8:c2:74:
67:f9:fb:31:5e:bd:31:43:62:1c:a2:f6:58:19:cf:
27:cf:99:06:a2:e7:82:a0:b5:06:cf:67:c5:f8:97:
93:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F7:33:6E:E7:76:D2:80:7D:B6:01:F0:15:26:F6:6A:41:92:26:1E
X509v3 Authority Key Identifier:
keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/UPczbud20oB9tgHwFSb2akGSJh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.117.0-45.81.118.255
45.85.240.0/23
45.85.243.0/24
45.145.216.0/24
Signature Algorithm: sha256WithRSAEncryption
78:07:d5:d0:36:db:1d:ba:f0:dd:9d:21:53:25:31:d0:90:5b:
7d:9e:0e:a7:6b:68:7a:3c:51:6e:7b:5b:a1:22:97:96:bf:7b:
ac:9b:74:3f:4b:1a:ab:b5:3e:3c:7b:8b:25:76:55:42:fc:3b:
71:9c:c0:f2:3b:5b:53:20:90:7a:26:a4:80:a4:8e:f2:30:2c:
cf:f6:98:8a:7f:55:9d:0e:ed:bb:6f:3e:c6:95:91:7b:28:81:
4e:2a:c4:91:78:71:eb:b5:fa:eb:15:ac:65:4e:21:2e:d6:90:
25:32:80:c5:e5:9e:0c:c2:83:2f:07:2c:5f:c1:de:d1:6f:b4:
f7:8e:6d:b7:f8:fb:20:ed:43:c5:20:0f:37:56:9d:b9:d1:5e:
5b:9d:7f:a4:a0:8c:d8:d8:6f:8f:9a:41:b9:a6:3c:77:e9:94:
df:42:24:64:aa:b2:da:56:f4:c5:cf:3e:96:1f:13:61:a7:f9:
a9:8c:bf:ce:ec:55:d8:c0:f6:28:e4:5f:f5:fa:7b:98:2e:f7:
5d:7b:a8:66:d4:9a:66:f8:63:55:25:c0:ab:1f:d3:08:57:16:
ee:f7:c3:b3:97:96:fe:38:92:0f:9c:d8:83:5a:3c:be:0a:cb:
77:19:9a:ce:c5:1b:d5:15:3d:5c:8a:a8:0f:5d:e2:80:dd:4a:
91:d4:8d:ad
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgaB92e17LDxSJJrde8NVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGY3MzM2ZWU3NzZkMjgwN2RiNjAxZjAxNTI2ZjY2YTQxOTIyNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAths+oDcsKz8rhrkpzWRHBCx0EMhs
iczV9kbhDxm2cWtcHiUcbbrf6sEbcuMqurmzgKwoCe4iGD2BO8DyfzPS+uGczaeY
0Fz58rxbwlmBx9yjF+RSiS+v/eqg9IsvkZgqTrttlqhX/efuwiphy3XTdfUdyiIh
6H6wSzDWySSyL4RJ4xh6pcTneydwggan4dRa86nXpk89iUWvPJS4RQQw5RmeuY1+
suQKakhDNhEVdbYi0YRdmjrKMk6OGSkquJpnBPgih1HrCQbSe1mScTGMGPybUAwn
E619qP70S9a4wnRn+fsxXr0xQ2IcovZYGc8nz5kGoueCoLUGz2fF+JeTiQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFD3M27ndtKAfbYB8BUm9mpBkiYeMB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvVVBjemJ1ZDIwb0I5dGdId0ZTYjJha0dTSmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtUXUD
BAAtUXYDBAEtVfADBAAtVfMDBAAtkdgwDQYJKoZIhvcNAQELBQADggEBAHgH1dA2
2x268N2dIVMlMdCQW32eDqdraHo8UW57W6Eil5a/e6ybdD9LGqu1Pjx7iyV2VUL8
O3GcwPI7W1MgkHompICkjvIwLM/2mIp/VZ0O7btvPsaVkXsogU4qxJF4ceu1+usV
rGVOIS7WkCUygMXlngzCgy8HLF/B3tFvtPeObbf4+yDtQ8UgDzdWnbnRXludf6Sg
jNjYb4+aQbmmPHfplN9CJGSqstpW9MXPPpYfE2Gn+amMv87sVdjA9ijkX/X6e5gu
9117qGbUmmb4Y1UlwKsf0whXFu73w7OXlv44kg+c2INaPL4Ky3cZms7FG9UVPVyK
qA9d4oDdSpHUja0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:46:27 2025 by rpki-client