Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/uZ6cxSQ0225PPhp2j-kmEHUZR1Q.roa
File: uZ6cxSQ0225PPhp2j-kmEHUZR1Q.roa (raw, json)
Hash identifier: BajzGRYh0a52YWAxzOkIkSFUZpyzgre8aTootK/khPY=
Subject key identifier: B9:9E:9C:C5:24:34:DB:6E:4F:3E:1A:76:8F:E9:26:10:75:19:47:54
Certificate issuer: /CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Certificate serial: 01942369FA5FA1159543DDB83931EC1EB8E8
Authority key identifier: 0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/uZ6cxSQ0225PPhp2j-kmEHUZR1Q.roa
Signing time: Wed 01 Jan 2025 19:48:55 +0000
ROA not before: Wed 01 Jan 2025 19:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15456
IP address blocks: 62.116.128.0/18 maxlen: 24
62.116.128.0/19 maxlen: 24
62.116.160.0/19 maxlen: 24
85.236.32.0/19 maxlen: 24
185.91.244.0/22 maxlen: 24
2001:4178::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fa:5f:a1:15:95:43:dd:b8:39:31:ec:1e:b8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Validity
Not Before: Jan 1 19:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b99e9cc52434db6e4f3e1a768fe9261075194754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:84:4d:1c:f7:17:30:26:cf:fc:9a:9d:20:e1:
d7:71:e9:bb:44:f7:75:4e:30:70:75:44:29:84:7b:
f5:16:78:b8:58:fc:99:fd:d9:f2:59:6c:ac:6e:6b:
1f:78:71:65:56:5b:38:ca:3d:04:f0:b6:22:a2:07:
c5:d7:07:b2:61:9e:1e:3f:b9:bf:7d:53:09:f5:8c:
d9:b6:f5:7c:61:c6:ec:01:a7:4f:77:07:fc:99:5c:
55:a8:58:b7:33:5e:3c:b9:91:0c:b3:98:45:b8:a5:
78:6f:d6:d9:cd:9d:f4:d7:1e:b3:d6:9e:36:62:4b:
68:c6:bd:de:fe:a1:cd:c7:5d:ee:ac:cc:36:a1:6a:
6e:f6:d9:d6:64:0e:89:e6:48:09:ab:b4:83:aa:25:
d9:a1:ee:e6:7a:9a:4a:d6:87:5d:62:da:16:35:2f:
33:e6:fd:d1:27:cd:d3:f7:af:e7:db:2d:b2:ac:3f:
26:35:a9:bf:96:89:35:0e:7c:5a:7d:18:e4:57:cb:
9f:3b:d2:ff:82:e1:5a:a2:34:1c:68:79:12:6f:d0:
cf:82:b1:d3:f3:09:58:b9:da:e7:07:51:17:f3:ba:
4e:87:27:4b:9b:a8:b0:3b:b1:c0:b3:a0:49:a6:c0:
1f:ef:07:64:35:bf:5c:bd:91:a1:26:c7:d3:85:2d:
fe:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9E:9C:C5:24:34:DB:6E:4F:3E:1A:76:8F:E9:26:10:75:19:47:54
X509v3 Authority Key Identifier:
keyid:0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/uZ6cxSQ0225PPhp2j-kmEHUZR1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.116.128.0/18
85.236.32.0/19
185.91.244.0/22
IPv6:
2001:4178::/29
Signature Algorithm: sha256WithRSAEncryption
49:97:6b:60:75:c9:f4:0e:c2:99:66:d7:ce:81:07:cc:ec:61:
45:cb:2d:7b:6c:4a:8c:7a:23:fd:78:52:1b:75:42:b2:90:31:
a9:4d:01:e4:d7:37:2a:79:53:a9:a8:c0:88:b6:d5:99:b5:08:
a7:fb:6a:fd:e4:9c:bc:fe:5e:ed:79:f8:d3:71:a3:27:30:9b:
e1:97:ec:77:76:53:77:c6:89:88:2f:96:e3:0e:94:6b:62:90:
ca:5e:63:2c:63:62:8a:4c:d9:e5:42:45:52:cb:6b:29:48:56:
9b:8b:99:c1:49:a9:52:c3:24:6a:11:e9:7f:29:49:b8:03:20:
10:3e:12:b2:c6:5e:70:fb:ee:bd:17:56:8b:5d:2d:7f:bb:23:
a5:6b:66:f4:eb:ce:b6:29:19:b0:84:6c:d1:7e:8a:df:11:db:
43:4c:65:7a:7d:db:a2:a6:04:6a:c4:dd:fc:a5:61:72:5c:03:
8c:ee:05:4d:cc:2f:e0:70:62:9d:ca:7c:c7:32:cf:a7:b3:43:
37:88:bc:e8:11:91:57:c4:0a:fe:90:ce:34:7e:e9:58:62:4d:
3a:37:c4:01:1e:53:95:58:aa:e5:32:69:93:6e:7c:88:6f:e0:
63:b8:d6:4c:c0:05:30:44:b0:c7:2f:65:26:53:5e:5f:9a:91:
8a:d2:3d:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQjafpfoRWVQ924OTHsHrjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWJlNjA1NmViMGMzNjUwYjhmZTIxZTJkNzI2YzFiODNl
YzgyYjMwHhcNMjUwMTAxMTk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTllOWNjNTI0MzRkYjZlNGYzZTFhNzY4ZmU5MjYxMDc1MTk0NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34RNHPcXMCbP/JqdIOHXcem7RPd1
TjBwdUQphHv1Fni4WPyZ/dnyWWysbmsfeHFlVls4yj0E8LYiogfF1weyYZ4eP7m/
fVMJ9YzZtvV8YcbsAadPdwf8mVxVqFi3M148uZEMs5hFuKV4b9bZzZ301x6z1p42
Yktoxr3e/qHNx13urMw2oWpu9tnWZA6J5kgJq7SDqiXZoe7meppK1oddYtoWNS8z
5v3RJ83T96/n2y2yrD8mNam/lok1DnxafRjkV8ufO9L/guFaojQcaHkSb9DPgrHT
8wlYudrnB1EX87pOhydLm6iwO7HAs6BJpsAf7wdkNb9cvZGhJsfThS3+wQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLmenMUkNNtuTz4ado/pJhB1GUdUMB8GA1UdIwQY
MBaAFAxb5gVusMNlC4/iHi1ybBuD7IKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQt
ZmZjN2YyYTMxOThjLzEvdVo2Y3hTUTAyMjVQUGhwMmota21FSFVaUjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQtZmZjN2YyYTMxOThj
LzEvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPnSAAwQF
VewgAwQCuVv0MA0EAgACMAcDBQMgAUF4MA0GCSqGSIb3DQEBCwUAA4IBAQBJl2tg
dcn0DsKZZtfOgQfM7GFFyy17bEqMeiP9eFIbdUKykDGpTQHk1zcqeVOpqMCIttWZ
tQin+2r95Jy8/l7tefjTcaMnMJvhl+x3dlN3xomIL5bjDpRrYpDKXmMsY2KKTNnl
QkVSy2spSFabi5nBSalSwyRqEel/KUm4AyAQPhKyxl5w++69F1aLXS1/uyOla2b0
6862KRmwhGzRforfEdtDTGV6fduipgRqxN38pWFyXAOM7gVNzC/gcGKdynzHMs+n
s0M3iLzoEZFXxAr+kM40fulYYk06N8QBHlOVWKrlMmmTbnyIb+BjuNZMwAUwRLDH
L2UmU15fmpGK0j0t
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:31:49 2025 by rpki-client