Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa
File: UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa (raw, json)
Hash identifier: IC6xINcQpVjUgVum+7114aRM3S8XEivwvk3gYzMafvQ=
Subject key identifier: 51:76:B1:B7:E6:F7:F6:92:0D:7D:9D:58:D6:88:CB:7D:2E:D2:C0:CC
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 019420D5AF79E2F32EA2AD0A8FCC3233E554
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa
Signing time: Wed 01 Jan 2025 07:47:42 +0000
ROA not before: Wed 01 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198101
IP address blocks: 185.52.216.0/22 maxlen: 24
185.74.204.0/22 maxlen: 24
2a03:4760::/29 maxlen: 48
2a04:bf80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:af:79:e2:f3:2e:a2:ad:0a:8f:cc:32:33:e5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Jan 1 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5176b1b7e6f7f6920d7d9d58d688cb7d2ed2c0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:af:60:60:2c:03:43:95:28:41:c1:5a:be:
b3:a1:e8:93:96:29:b3:07:95:2a:60:ad:3e:65:72:
57:26:90:4a:09:bf:4e:a7:8f:bf:08:59:39:e7:36:
14:a6:3b:a2:ef:fe:a0:2b:aa:a0:da:59:f4:0c:20:
b4:47:ab:b0:11:9f:01:b8:50:9e:61:0d:b8:60:03:
7b:4d:85:24:5e:ba:2e:5b:d5:a5:0c:b4:b7:37:73:
67:fc:ef:46:fa:ff:3a:5a:79:a9:6a:23:5c:f7:8f:
ec:89:0d:38:23:73:f8:13:74:e0:09:25:d5:39:a5:
dc:26:b0:e9:f0:0b:89:e8:c3:06:f8:7d:f8:89:f1:
81:2a:61:71:d0:a0:e5:f9:e9:e3:af:d5:81:63:74:
26:32:fd:7d:a6:1f:e9:b6:95:d4:35:89:18:46:aa:
2e:7b:35:34:71:66:02:ec:b9:a9:1c:e6:90:fc:be:
02:0e:48:5a:1c:11:27:73:5e:1f:7f:b9:99:59:35:
ef:96:65:19:16:a9:65:59:ee:44:bf:17:49:3c:01:
97:7e:c7:38:85:53:35:76:0f:5d:a4:ac:83:a1:a1:
53:0f:f2:fb:4e:eb:62:36:1e:36:5f:dc:35:72:6f:
72:65:f4:c0:09:5d:26:dd:09:8e:53:df:53:77:e0:
a2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:76:B1:B7:E6:F7:F6:92:0D:7D:9D:58:D6:88:CB:7D:2E:D2:C0:CC
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.216.0/22
185.74.204.0/22
IPv6:
2a03:4760::/29
2a04:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:dd:2f:1e:4f:39:5e:79:27:d3:93:ae:ee:2f:1f:1a:3b:87:
53:c0:02:95:f4:8a:bc:7f:7a:8f:48:76:86:72:22:c1:99:73:
d9:60:5a:a6:c7:b9:3a:8c:31:95:30:a7:30:63:ca:50:3a:2b:
4b:77:03:ff:e1:2d:bb:88:92:d5:f4:a8:8d:52:d1:3b:8d:54:
fd:ca:ae:b0:0c:93:3d:1a:d5:5e:0c:93:37:1f:e3:93:05:94:
33:fd:79:0c:cc:bf:0b:1a:3a:1f:a4:d9:30:df:6a:e3:c9:16:
c7:d6:94:6d:cf:bd:c8:a6:3d:75:52:96:b7:d7:53:bf:7b:b9:
48:f6:47:80:a6:23:60:74:64:92:48:be:df:63:c6:db:2f:ea:
48:39:7f:0f:f7:c6:6d:c1:b6:ac:eb:7d:d7:6b:30:1c:00:10:
51:8d:71:2d:de:ed:e0:5d:60:47:f1:e5:81:45:3d:15:f6:c3:
5b:7f:d1:80:0b:bc:eb:2c:49:5f:5e:c1:5c:ff:b7:64:29:ab:
c9:b7:08:b8:4c:6b:c6:0a:e6:39:02:1d:3f:9f:d1:f8:86:82:
40:44:60:c2:b7:49:92:c3:af:41:82:1e:5f:32:ad:46:70:81:
ee:94:18:1a:49:5e:db:f2:1c:68:1f:40:55:4d:de:af:8c:37:
58:8a:ff:e5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQg1a954vMuoq0Kj8wyM+VUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx
ODQwNWEwHhcNMjUwMTAxMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc2YjFiN2U2ZjdmNjkyMGQ3ZDlkNThkNjg4Y2I3ZDJlZDJjMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg6vYGAsA0OVKEHBWr6zoeiTlimz
B5UqYK0+ZXJXJpBKCb9Op4+/CFk55zYUpjui7/6gK6qg2ln0DCC0R6uwEZ8BuFCe
YQ24YAN7TYUkXrouW9WlDLS3N3Nn/O9G+v86WnmpaiNc94/siQ04I3P4E3TgCSXV
OaXcJrDp8AuJ6MMG+H34ifGBKmFx0KDl+enjr9WBY3QmMv19ph/ptpXUNYkYRqou
ezU0cWYC7LmpHOaQ/L4CDkhaHBEnc14ff7mZWTXvlmUZFqllWe5EvxdJPAGXfsc4
hVM1dg9dpKyDoaFTD/L7TutiNh42X9w1cm9yZfTACV0m3QmOU99Td+CioQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFF2sbfm9/aSDX2dWNaIy30u0sDMMB8GA1UdIwQY
MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt
Yzc0MWMyN2I0ZTIyLzEvVVhheHQtYjM5cElOZloxWTFvakxmUzdTd013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy
LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTTYAwQC
uUrMMBQEAgACMA4DBQMqA0dgAwUDKgS/gDANBgkqhkiG9w0BAQsFAAOCAQEADd0v
Hk85Xnkn05Ou7i8fGjuHU8AClfSKvH96j0h2hnIiwZlz2WBapse5OowxlTCnMGPK
UDorS3cD/+Etu4iS1fSojVLRO41U/cqusAyTPRrVXgyTNx/jkwWUM/15DMy/Cxo6
H6TZMN9q48kWx9aUbc+9yKY9dVKWt9dTv3u5SPZHgKYjYHRkkki+32PG2y/qSDl/
D/fGbcG2rOt912swHAAQUY1xLd7t4F1gR/HlgUU9FfbDW3/RgAu86yxJX17BXP+3
ZCmrybcIuExrxgrmOQIdP5/R+IaCQERgwrdJksOvQYIeXzKtRnCB7pQYGkle2/Ic
aB9AVU3er4w3WIr/5Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:46 2025 by rpki-client