Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/UT_ZqedtuCB3HHv5lCRNjDUnZHE.roa
File: UT_ZqedtuCB3HHv5lCRNjDUnZHE.roa (raw, json)
Hash identifier: /rFlwg+a07MXWPZmqC8xSpbpKsUCk+WTtzjGaygl83Y=
Subject key identifier: 51:3F:D9:A9:E7:6D:B8:20:77:1C:7B:F9:94:24:4D:8C:35:27:64:71
Certificate issuer: /CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Certificate serial: 019426D9E99DE4B9E257590A525921A10BF4
Authority key identifier: 73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/UT_ZqedtuCB3HHv5lCRNjDUnZHE.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49984
IP address blocks: 5.199.232.0/21 maxlen: 21
178.210.128.0/19 maxlen: 19
185.42.128.0/22 maxlen: 22
2a01:a240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e9:9d:e4:b9:e2:57:59:0a:52:59:21:a1:0b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=513fd9a9e76db820771c7bf994244d8c35276471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:6e:06:0b:2b:98:2b:1e:ec:dd:10:9b:e4:
4f:b7:fc:e0:00:d1:c6:6f:aa:39:ee:fd:2e:4d:91:
5a:0d:84:60:dc:d5:50:9a:d2:e7:b7:11:28:a9:b2:
2f:e9:2b:80:ca:53:f0:da:e6:d8:db:c1:a7:4f:66:
b0:29:0f:a2:44:fe:29:5a:7c:7e:f6:7f:d7:2c:f3:
dd:97:c0:71:a1:58:3e:3e:af:ae:e2:9c:6a:68:52:
c6:62:ba:9c:78:ec:40:57:e1:a3:3a:55:97:6d:88:
a8:20:f4:9c:c2:9d:3c:37:a8:08:80:a2:71:4b:f6:
39:8b:eb:e0:b5:36:4f:d8:0f:f6:bf:c6:c6:0a:29:
1c:42:9d:43:7f:bb:77:b7:6a:65:23:32:61:72:57:
98:aa:18:8f:20:8a:89:76:ea:24:57:6f:5c:4f:a3:
10:14:4c:84:dc:ce:66:7a:ea:91:c4:fa:63:74:6a:
63:f5:5a:1e:1b:c2:51:3a:be:b5:ea:c9:d6:18:4d:
50:9f:96:3d:2f:eb:db:c6:bf:e7:6d:e8:3a:83:30:
9b:91:f6:ea:01:22:75:f6:12:c3:47:6e:d5:f9:00:
96:71:82:02:dd:c2:8b:e6:8d:02:d2:dc:ca:a7:c8:
98:b9:00:e2:57:e0:e7:6a:86:3f:fe:84:52:13:41:
18:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3F:D9:A9:E7:6D:B8:20:77:1C:7B:F9:94:24:4D:8C:35:27:64:71
X509v3 Authority Key Identifier:
keyid:73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/UT_ZqedtuCB3HHv5lCRNjDUnZHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.232.0/21
178.210.128.0/19
185.42.128.0/22
IPv6:
2a01:a240::/32
Signature Algorithm: sha256WithRSAEncryption
18:24:97:b4:e9:41:d6:55:23:5b:21:59:bc:48:3b:d8:71:a6:
af:d3:50:91:fd:37:07:0f:7c:c2:1d:59:d9:55:2f:37:0c:97:
df:c9:9c:1a:18:c2:ab:65:e6:fe:c2:ef:e6:3d:cf:38:48:15:
56:86:75:5c:53:d6:67:2a:9f:53:70:f7:f8:34:e1:6a:5e:5b:
3a:57:94:78:eb:e3:1c:3a:ad:9b:7f:db:92:70:fd:c1:ae:ba:
57:b7:41:a9:38:05:3c:fd:77:36:fa:c4:e7:01:cd:81:bc:3d:
45:7c:ee:e5:25:b4:5f:7e:0a:cf:64:ce:2a:96:65:01:2d:a0:
fb:bd:5b:9b:f4:8f:8e:1f:4a:ef:b7:8e:13:73:9e:da:e0:fc:
e1:10:e2:2e:7f:34:45:d0:bc:c0:2f:74:c5:e0:e6:d2:1f:bf:
51:e1:24:60:b1:b8:66:90:9b:22:6f:18:7d:b1:d8:3e:c9:79:
e4:25:d3:53:a8:92:38:57:52:6a:40:6d:e8:c7:e9:ea:3c:59:
1a:bb:3a:84:10:0c:3f:4d:59:a6:d2:2e:dc:74:95:a3:86:90:
7d:ae:e1:cc:27:bb:96:8c:98:34:30:56:1f:00:ed:1d:f6:66:
39:53:20:57:a8:08:f4:a6:0f:0d:f0:7d:0b:01:73:e4:08:0e:
d9:45:24:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2emd5LniV1kKUlkhoQv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGQyODk0NTY4YWViZDA1YWQ2NDMyZDUzY2Y3MGUyY2Q3
ODhlNmUwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNmZDlhOWU3NmRiODIwNzcxYzdiZjk5NDI0NGQ4YzM1Mjc2NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraFuBgsrmCse7N0Qm+RPt/zgANHG
b6o57v0uTZFaDYRg3NVQmtLntxEoqbIv6SuAylPw2ubY28GnT2awKQ+iRP4pWnx+
9n/XLPPdl8BxoVg+Pq+u4pxqaFLGYrqceOxAV+GjOlWXbYioIPScwp08N6gIgKJx
S/Y5i+vgtTZP2A/2v8bGCikcQp1Df7t3t2plIzJhcleYqhiPIIqJduokV29cT6MQ
FEyE3M5meuqRxPpjdGpj9VoeG8JROr616snWGE1Qn5Y9L+vbxr/nbeg6gzCbkfbq
ASJ19hLDR27V+QCWcYIC3cKL5o0C0tzKp8iYuQDiV+DnaoY//oRSE0EYbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFE/2annbbggdxx7+ZQkTYw1J2RxMB8GA1UdIwQY
MBaAFHPdKJRWiuvQWtZDLVPPcOLNeI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgt
YTY3ZGNhOGEwODhjLzEvVVRfWnFlZHR1Q0IzSEh2NWxDUk5qRFVuWkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgtYTY3ZGNhOGEwODhj
LzEvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBcfoAwQF
stKAAwQCuSqAMA0EAgACMAcDBQAqAaJAMA0GCSqGSIb3DQEBCwUAA4IBAQAYJJe0
6UHWVSNbIVm8SDvYcaav01CR/TcHD3zCHVnZVS83DJffyZwaGMKrZeb+wu/mPc84
SBVWhnVcU9ZnKp9TcPf4NOFqXls6V5R46+McOq2bf9uScP3BrrpXt0GpOAU8/Xc2
+sTnAc2BvD1FfO7lJbRffgrPZM4qlmUBLaD7vVub9I+OH0rvt44Tc57a4PzhEOIu
fzRF0LzAL3TF4ObSH79R4SRgsbhmkJsibxh9sdg+yXnkJdNTqJI4V1JqQG3ox+nq
PFkauzqEEAw/TVmm0i7cdJWjhpB9ruHMJ7uWjJg0MFYfAO0d9mY5UyBXqAj0pg8N
8H0LAXPkCA7ZRSTP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:19 2025 by rpki-client