Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/umw1f8KATzlinkc94jrVNM7O5FM.roa
File: umw1f8KATzlinkc94jrVNM7O5FM.roa (raw, json)
Hash identifier: nSUZvuLB5WOlfTLV7B/9YHvz7jophepWeg4X/O79XDM=
Subject key identifier: BA:6C:35:7F:C2:80:4F:39:62:9E:47:3D:E2:3A:D5:34:CE:CE:E4:53
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B57D1D91A777CD75D19F1B379A411
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/umw1f8KATzlinkc94jrVNM7O5FM.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12615
IP address blocks: 78.108.252.0/24 maxlen: 24
87.246.4.0/24 maxlen: 24
109.160.44.0/24 maxlen: 24
109.160.45.0/24 maxlen: 24
109.160.118.0/24 maxlen: 24
109.160.119.0/24 maxlen: 24
185.43.59.0/24 maxlen: 24
212.70.130.0/23 maxlen: 23
212.70.132.0/24 maxlen: 24
212.70.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:57:d1:d9:1a:77:7c:d7:5d:19:f1:b3:79:a4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6c357fc2804f39629e473de23ad534cecee453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bd:68:8d:48:fe:bb:7a:2b:61:a0:2d:a1:dd:
c8:cf:0b:d1:09:c6:39:73:d8:e9:91:bf:20:7c:bb:
27:f5:49:3d:98:f1:c7:02:42:a4:68:a3:fd:3f:99:
24:3b:7e:4d:9c:7f:b1:ae:0b:bc:08:64:c1:aa:49:
10:e4:e7:bc:7b:68:03:6c:19:ca:87:62:0c:7f:e2:
5b:44:e7:a0:d9:1d:33:1a:00:2b:a6:b0:b0:aa:a4:
39:e6:d3:15:28:31:fe:39:ff:61:b9:b2:c0:13:c2:
67:2e:59:66:3a:13:90:8a:25:3f:ce:37:14:92:2b:
34:74:93:3f:b5:b2:21:ec:8b:44:97:78:1a:23:d3:
35:8f:95:fb:5c:2f:bc:93:a4:58:85:4c:3b:f7:db:
c9:08:c5:4f:a1:f0:79:d9:ce:55:43:0b:79:4e:4e:
50:31:cc:3b:f8:1f:94:4a:13:57:0e:95:68:bf:fd:
95:db:0d:5e:43:23:5e:95:18:b3:31:40:de:7d:27:
97:51:53:98:4e:8b:e6:8d:f2:ab:ac:da:88:3e:e3:
68:85:c4:bc:4c:1a:be:7e:a9:c2:d7:60:9a:6f:1f:
40:80:ca:78:03:95:88:c8:53:4e:95:55:a9:8f:80:
48:88:3d:e9:c0:fb:2e:c1:97:0b:90:43:ad:8a:93:
ec:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6C:35:7F:C2:80:4F:39:62:9E:47:3D:E2:3A:D5:34:CE:CE:E4:53
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/umw1f8KATzlinkc94jrVNM7O5FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.252.0/24
87.246.4.0/24
109.160.44.0/23
109.160.118.0/23
185.43.59.0/24
212.70.130.0-212.70.133.255
Signature Algorithm: sha256WithRSAEncryption
02:e2:40:c9:43:43:36:ba:92:75:55:35:13:2e:aa:aa:80:e5:
07:53:b1:9c:68:cf:87:86:cd:7b:6f:0f:a3:0f:76:d9:87:ea:
84:20:36:86:a8:89:ee:1c:0d:3f:09:03:79:38:9f:3f:18:00:
e7:c8:98:5f:58:4f:32:e7:c2:88:c1:72:3f:2b:c7:8c:16:ec:
b8:d0:cf:f6:aa:af:b9:e6:ee:da:9b:c8:c1:00:60:c5:e6:00:
64:aa:a9:76:52:43:1b:87:b0:55:39:6b:73:e1:8e:95:e3:31:
4d:ea:4e:9a:f8:c4:20:01:6d:6f:ae:ca:01:33:ad:1d:ff:fb:
d8:e9:db:3b:44:63:93:ec:c5:32:b3:0e:68:e8:e9:18:12:3b:
b5:97:c6:90:ae:e6:f1:56:5e:a2:08:a2:a0:7b:9e:28:62:3d:
3a:8e:b0:68:e8:27:8c:a7:26:f2:68:4a:8e:91:fb:fe:d4:80:
2e:74:9e:8b:6f:ba:91:4d:7d:57:3c:99:d9:64:4e:1c:b8:92:
29:c1:fd:42:50:22:c7:4b:63:c2:11:ca:6f:1d:f0:27:85:04:
5c:64:bc:bf:c8:de:d5:57:20:d4:90:7f:e0:cd:64:b7:90:31:
a5:b6:0f:47:d9:ee:3f:5f:c5:89:de:ed:8c:04:63:e5:54:c8:
2c:b3:b1:31
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQma1fR2Rp3fNddGfGzeaQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZjMzU3ZmMyODA0ZjM5NjI5ZTQ3M2RlMjNhZDUzNGNlY2VlNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r1ojUj+u3orYaAtod3IzwvRCcY5
c9jpkb8gfLsn9Uk9mPHHAkKkaKP9P5kkO35NnH+xrgu8CGTBqkkQ5Oe8e2gDbBnK
h2IMf+JbROeg2R0zGgArprCwqqQ55tMVKDH+Of9hubLAE8JnLllmOhOQiiU/zjcU
kis0dJM/tbIh7ItEl3gaI9M1j5X7XC+8k6RYhUw799vJCMVPofB52c5VQwt5Tk5Q
Mcw7+B+UShNXDpVov/2V2w1eQyNelRizMUDefSeXUVOYTovmjfKrrNqIPuNohcS8
TBq+fqnC12Cabx9AgMp4A5WIyFNOlVWpj4BIiD3pwPsuwZcLkEOtipPs/QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLpsNX/CgE85Yp5HPeI61TTOzuRTMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvdW13MWY4S0FUemxpbmtjOTRqclZOTTdPNUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATmz8AwQA
V/YEAwQBbaAsAwQBbaB2AwQAuSs7MAwDBAHURoIDBAHURoQwDQYJKoZIhvcNAQEL
BQADggEBAALiQMlDQza6knVVNRMuqqqA5QdTsZxoz4eGzXtvD6MPdtmH6oQgNoao
ie4cDT8JA3k4nz8YAOfImF9YTzLnwojBcj8rx4wW7LjQz/aqr7nm7tqbyMEAYMXm
AGSqqXZSQxuHsFU5a3PhjpXjMU3qTpr4xCABbW+uygEzrR3/+9jp2ztEY5PsxTKz
Dmjo6RgSO7WXxpCu5vFWXqIIoqB7nihiPTqOsGjoJ4ynJvJoSo6R+/7UgC50notv
upFNfVc8mdlkThy4kinB/UJQIsdLY8IRym8d8CeFBFxkvL/I3tVXINSQf+DNZLeQ
MaW2D0fZ7j9fxYne7YwEY+VUyCyzsTE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:14 2025 by rpki-client