Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/u7siAwXzbgFTEGp6PKjrdqf7Z4A.roa
File: u7siAwXzbgFTEGp6PKjrdqf7Z4A.roa (raw, json)
Hash identifier: vJGRmjZ9RvsYFu3lwU4eezlqzVwLgmj9/3K2yZjY284=
Subject key identifier: BB:BB:22:03:05:F3:6E:01:53:10:6A:7A:3C:A8:EB:76:A7:FB:67:80
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0194B6D086B18BC5CB8CEA1BE4157621C100
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/u7siAwXzbgFTEGp6PKjrdqf7Z4A.roa
Signing time: Thu 30 Jan 2025 10:45:06 +0000
ROA not before: Thu 30 Jan 2025 10:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50266
IP address blocks: 31.20.0.0/16 maxlen: 24
31.21.0.0/16 maxlen: 24
31.184.64.0/18 maxlen: 24
31.187.128.0/17 maxlen: 24
62.166.128.0/17 maxlen: 24
62.250.0.0/17 maxlen: 24
62.250.128.0/17 maxlen: 24
81.59.0.0/17 maxlen: 17
82.172.0.0/17 maxlen: 17
82.174.0.0/16 maxlen: 24
85.223.0.0/17 maxlen: 24
87.208.0.0/16 maxlen: 24
87.209.0.0/16 maxlen: 24
87.210.0.0/16 maxlen: 24
87.212.0.0/16 maxlen: 24
92.254.0.0/17 maxlen: 24
94.157.0.0/16 maxlen: 24
95.98.0.0/15 maxlen: 24
95.99.0.0/16 maxlen: 16
143.177.0.0/16 maxlen: 24
143.178.0.0/17 maxlen: 24
143.178.128.0/17 maxlen: 24
143.179.0.0/16 maxlen: 24
178.224.0.0/16 maxlen: 24
178.226.0.0/16 maxlen: 24
188.88.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:d0:86:b1:8b:c5:cb:8c:ea:1b:e4:15:76:21:c1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 30 10:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbbb220305f36e0153106a7a3ca8eb76a7fb6780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bf:e1:99:cb:cd:09:cd:41:e7:cd:a3:93:53:
1e:99:de:55:ec:24:d0:5c:28:e9:f5:39:26:72:16:
f0:0c:13:02:06:ac:0e:21:52:ff:03:d8:4a:b2:26:
59:28:03:df:3c:f0:5c:01:5e:88:14:f1:30:dd:68:
88:85:ca:c2:87:86:75:bd:71:40:21:03:6f:ab:4d:
c1:b6:ce:e8:d6:3e:d7:28:ee:74:ca:b8:80:6d:8c:
7a:45:4e:db:14:22:71:61:75:80:b5:c4:59:52:9f:
bf:97:ae:3c:65:fd:4e:dd:7f:b5:fd:1f:8c:a0:5a:
7b:ca:0d:15:75:d3:44:1f:6a:3b:2e:7b:06:94:e0:
ed:2e:3b:84:20:de:6f:4d:91:cd:7e:43:a3:e8:72:
3d:22:eb:e9:13:89:d4:dc:24:d7:d7:38:6b:dc:6c:
84:18:97:a6:f8:9c:22:41:3e:29:60:eb:03:c8:82:
2f:16:1a:cf:e4:21:92:b7:15:b4:e7:10:88:9c:8a:
37:ec:d4:40:ad:78:2e:6a:5d:aa:2a:82:45:57:e3:
48:c0:24:d3:dc:cb:e5:c1:c0:51:21:d9:02:f1:34:
68:0f:3c:ad:f6:32:b3:4a:c1:23:68:12:95:df:89:
66:c7:a4:e6:dc:ef:8c:d1:17:6a:84:57:8f:80:39:
cc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BB:22:03:05:F3:6E:01:53:10:6A:7A:3C:A8:EB:76:A7:FB:67:80
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/u7siAwXzbgFTEGp6PKjrdqf7Z4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.184.64.0/18
31.187.128.0/17
62.166.128.0/17
62.250.0.0/16
81.59.0.0/17
82.172.0.0/17
82.174.0.0/16
85.223.0.0/17
87.208.0.0-87.210.255.255
87.212.0.0/16
92.254.0.0/17
94.157.0.0/16
95.98.0.0/15
143.177.0.0-143.179.255.255
178.224.0.0/16
178.226.0.0/16
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
49:a1:53:bd:26:e3:5d:29:c2:7a:98:a5:03:44:90:69:4d:6d:
a2:4d:47:d0:3e:f6:30:81:b4:9a:e6:b3:93:9c:a4:97:26:d6:
e6:5e:0a:88:c4:c8:98:ca:ba:25:d7:dc:5d:04:56:0c:b3:9c:
b3:54:98:bc:a3:d7:2a:93:f3:ba:28:86:a4:8a:13:62:ef:08:
a5:71:2e:23:87:8a:3d:be:03:c0:f5:f5:53:c9:bd:9e:ae:2f:
6b:0c:e1:47:64:37:ea:2a:b7:82:4d:57:63:ad:67:37:81:9e:
b2:29:57:84:62:11:c5:a6:be:4b:26:78:07:b9:95:51:81:a2:
ae:3a:8a:f6:40:05:a5:68:c3:af:54:fe:d4:c8:7e:c1:be:7f:
90:1c:9c:1a:e0:0a:42:45:e5:99:22:4a:0a:35:cb:1c:b4:8d:
dd:88:18:7e:a4:b9:2b:cb:b8:8a:c7:01:c6:94:4d:fe:83:88:
79:98:91:e8:ad:cb:3d:b8:9e:3d:3b:40:9a:4d:df:21:39:0d:
38:ba:5c:c3:c5:20:ae:04:be:75:d6:b2:ac:c9:55:12:64:73:
e9:34:99:4c:1e:77:55:05:8c:72:d6:ec:2f:c3:b3:ef:e0:83:
f8:5d:43:bb:73:97:0f:e8:c2:e3:57:2c:da:bc:11:13:c9:07:
7d:e9:46:d4
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZS20Iaxi8XLjOob5BV2IcEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjUwMTMwMTA0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJiMjIwMzA1ZjM2ZTAxNTMxMDZhN2EzY2E4ZWI3NmE3ZmI2NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb/hmcvNCc1B582jk1Memd5V7CTQ
XCjp9TkmchbwDBMCBqwOIVL/A9hKsiZZKAPfPPBcAV6IFPEw3WiIhcrCh4Z1vXFA
IQNvq03Bts7o1j7XKO50yriAbYx6RU7bFCJxYXWAtcRZUp+/l648Zf1O3X+1/R+M
oFp7yg0VddNEH2o7LnsGlODtLjuEIN5vTZHNfkOj6HI9IuvpE4nU3CTX1zhr3GyE
GJem+JwiQT4pYOsDyIIvFhrP5CGStxW05xCInIo37NRArXgual2qKoJFV+NIwCTT
3MvlwcBRIdkC8TRoDzyt9jKzSsEjaBKV34lmx6Tm3O+M0RdqhFePgDnMNQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFLu7IgMF824BUxBqejyo63an+2eAMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvdTdzaUF3WHpiZ0ZURUdwNlBLanJkcWY3WjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwdQQCAAEwbwMDAR8UAwQG
H7hAAwQHH7uAAwQHPqaAAwMAPvoDBAdROwADBAdSrAADAwBSrgMEB1XfADAKAwME
V9ADAwBX0gMDAFfUAwQHXP4AAwMAXp0DAwFfYjAKAwMAj7EDAwKPsAMDALLgAwMA
suIDAwK8WDANBgkqhkiG9w0BAQsFAAOCAQEASaFTvSbjXSnCepilA0SQaU1tok1H
0D72MIG0muazk5yklybW5l4KiMTImMq6JdfcXQRWDLOcs1SYvKPXKpPzuiiGpIoT
Yu8IpXEuI4eKPb4DwPX1U8m9nq4vawzhR2Q36iq3gk1XY61nN4GesilXhGIRxaa+
SyZ4B7mVUYGirjqK9kAFpWjDr1T+1Mh+wb5/kBycGuAKQkXlmSJKCjXLHLSN3YgY
fqS5K8u4iscBxpRN/oOIeZiR6K3LPbiePTtAmk3fITkNOLpcw8UgrgS+ddayrMlV
EmRz6TSZTB53VQWMctbsL8Oz7+CD+F1Du3OXD+jC41cs2rwRE8kHfelG1A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:27 2025 by rpki-client