Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/UvkgBounMtuI2EY4VakFPmSVVf8.roa
File: UvkgBounMtuI2EY4VakFPmSVVf8.roa (raw, json)
Hash identifier: B8b+cAv47Fq4zMohD+Ikbfg+w/maMgI605v1qgGvxbU=
Subject key identifier: 52:F9:20:06:8B:A7:32:DB:88:D8:46:38:55:A9:05:3E:64:95:55:FF
Certificate issuer: /CN=893afc6efe62990a26932f40e150b27eed539c4b
Certificate serial: 019424B393FAB6E07B786299B74937F876F6
Authority key identifier: 89:3A:FC:6E:FE:62:99:0A:26:93:2F:40:E1:50:B2:7E:ED:53:9C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTr8bv5imQomky9A4VCyfu1TnEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/UvkgBounMtuI2EY4VakFPmSVVf8.roa
Signing time: Thu 02 Jan 2025 01:48:56 +0000
ROA not before: Thu 02 Jan 2025 01:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34263
IP address blocks: 79.141.144.0/20 maxlen: 20
82.197.0.0/19 maxlen: 19
88.85.128.0/19 maxlen: 19
95.130.24.0/21 maxlen: 21
178.16.176.0/20 maxlen: 20
185.146.12.0/22 maxlen: 22
188.65.136.0/23 maxlen: 23
188.65.138.0/23 maxlen: 23
188.65.140.0/22 maxlen: 22
2a00:ae00::/29 maxlen: 29
2a00:ae00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/iTr8bv5imQomky9A4VCyfu1TnEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/iTr8bv5imQomky9A4VCyfu1TnEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/iTr8bv5imQomky9A4VCyfu1TnEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:93:fa:b6:e0:7b:78:62:99:b7:49:37:f8:76:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893afc6efe62990a26932f40e150b27eed539c4b
Validity
Not Before: Jan 2 01:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52f920068ba732db88d8463855a9053e649555ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a9:94:2a:67:2d:0c:9a:ae:fa:3b:c7:13:5a:
9f:b4:cf:4c:40:7a:5e:eb:14:51:81:05:93:36:31:
59:a2:ba:67:05:3a:06:fa:bd:06:6c:83:2d:46:d4:
b1:ec:05:95:37:62:1d:fc:a9:d6:cd:38:86:35:b5:
c4:d2:0e:ab:e4:88:ed:72:f3:92:b0:65:c7:91:2f:
38:8a:e2:46:0c:81:da:0b:40:de:e6:86:42:98:a4:
e0:66:f9:ea:95:99:cb:6a:be:c5:86:98:67:7e:0d:
9a:f2:4a:00:ac:e6:26:7c:50:53:62:f4:c2:e6:23:
53:c9:33:b0:c7:82:3a:59:bb:a9:f8:79:1f:f0:7e:
af:16:51:15:c0:bc:80:da:99:b1:f6:68:02:fa:21:
8b:de:43:50:21:5b:d3:3c:ea:11:2d:fa:d3:73:ca:
17:3a:af:1f:97:bb:c0:26:b0:da:27:c0:a0:39:a1:
3f:0e:0d:2e:1b:c7:91:58:37:33:15:43:32:5e:eb:
6f:e0:60:26:db:af:e5:a6:89:1a:72:41:9a:ca:0b:
80:e4:9b:51:83:fe:0b:4e:9e:e9:e9:aa:08:46:7b:
ca:70:66:2b:f4:41:55:bb:f3:eb:27:dc:a1:35:a9:
31:29:79:3c:a4:4d:e8:5b:3e:8d:22:a0:cd:96:38:
67:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F9:20:06:8B:A7:32:DB:88:D8:46:38:55:A9:05:3E:64:95:55:FF
X509v3 Authority Key Identifier:
keyid:89:3A:FC:6E:FE:62:99:0A:26:93:2F:40:E1:50:B2:7E:ED:53:9C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTr8bv5imQomky9A4VCyfu1TnEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/UvkgBounMtuI2EY4VakFPmSVVf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7e18f0-af1d-47c1-8db5-5a5233dc0ce0/1/iTr8bv5imQomky9A4VCyfu1TnEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.144.0/20
82.197.0.0/19
88.85.128.0/19
95.130.24.0/21
178.16.176.0/20
185.146.12.0/22
188.65.136.0/21
IPv6:
2a00:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
61:64:7d:0b:01:e7:cc:25:f6:14:45:b7:b5:57:8b:76:15:e2:
b7:29:96:20:56:68:e7:4a:31:00:2d:ad:1b:9e:b5:02:39:23:
ee:79:14:1a:f5:a8:f3:e0:9d:47:d4:69:d5:5e:3b:69:09:d3:
d7:0f:c1:25:2a:10:65:54:85:d2:ac:52:8a:77:34:e6:35:8f:
b8:c5:31:ed:ae:e2:22:15:43:44:56:e6:b1:7d:a6:75:13:55:
bd:f7:f4:02:4f:b7:29:ed:48:87:34:73:09:76:87:bb:5b:ca:
72:1a:4f:0a:82:31:aa:0a:99:c3:38:30:ec:bd:46:53:5e:aa:
ff:c8:4e:f3:ef:96:7d:8b:22:97:d8:d1:ae:3f:1c:35:5c:77:
22:14:b1:f2:ad:45:61:a4:c7:42:80:c7:c1:6f:aa:4a:d9:52:
22:db:ad:c6:57:00:08:5b:20:4e:eb:fa:7d:f8:33:5b:ef:4c:
bf:e3:6e:bf:d1:6f:11:30:2f:4e:1f:e4:41:ed:e2:36:0a:3c:
c9:5a:ca:c1:2b:b6:3b:97:04:b9:8d:23:3e:21:1b:1a:fa:ab:
9f:97:67:d5:0e:9f:c0:5b:22:8d:a0:89:be:f4:8e:03:f6:49:
9e:b2:4f:4b:76:2c:64:29:3b:23:38:1f:9d:b7:35:6c:89:76:
5e:d6:62:b1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQks5P6tuB7eGKZt0k3+Hb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5M2FmYzZlZmU2Mjk5MGEyNjkzMmY0MGUxNTBiMjdlZWQ1
MzljNGIwHhcNMjUwMTAyMDE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY5MjAwNjhiYTczMmRiODhkODQ2Mzg1NWE5MDUzZTY0OTU1NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqmUKmctDJqu+jvHE1qftM9MQHpe
6xRRgQWTNjFZorpnBToG+r0GbIMtRtSx7AWVN2Id/KnWzTiGNbXE0g6r5IjtcvOS
sGXHkS84iuJGDIHaC0De5oZCmKTgZvnqlZnLar7Fhphnfg2a8koArOYmfFBTYvTC
5iNTyTOwx4I6Wbup+Hkf8H6vFlEVwLyA2pmx9mgC+iGL3kNQIVvTPOoRLfrTc8oX
Oq8fl7vAJrDaJ8CgOaE/Dg0uG8eRWDczFUMyXutv4GAm26/lpokackGayguA5JtR
g/4LTp7p6aoIRnvKcGYr9EFVu/PrJ9yhNakxKXk8pE3oWz6NIqDNljhnUwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFL5IAaLpzLbiNhGOFWpBT5klVX/MB8GA1UdIwQY
MBaAFIk6/G7+YpkKJpMvQOFQsn7tU5xLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRyOGJ2NWltUW9ta3k5QTRWQ3lmdTFUbkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83ZTE4ZjAtYWYxZC00N2MxLThkYjUt
NWE1MjMzZGMwY2UwLzEvVXZrZ0JvdW5NdHVJMkVZNFZha0ZQbVNWVmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83ZTE4ZjAtYWYxZC00N2MxLThkYjUtNWE1MjMzZGMwY2Uw
LzEvaVRyOGJ2NWltUW9ta3k5QTRWQ3lmdTFUbkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQET42QAwQF
UsUAAwQFWFWAAwQDX4IYAwQEshCwAwQCuZIMAwQDvEGIMA0EAgACMAcDBQMqAK4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBhZH0LAefMJfYURbe1V4t2FeK3KZYgVmjnSjEA
La0bnrUCOSPueRQa9ajz4J1H1GnVXjtpCdPXD8ElKhBlVIXSrFKKdzTmNY+4xTHt
ruIiFUNEVuaxfaZ1E1W99/QCT7cp7UiHNHMJdoe7W8pyGk8KgjGqCpnDODDsvUZT
Xqr/yE7z75Z9iyKX2NGuPxw1XHciFLHyrUVhpMdCgMfBb6pK2VIi263GVwAIWyBO
6/p9+DNb70y/426/0W8RMC9OH+RB7eI2CjzJWsrBK7Y7lwS5jSM+IRsa+qufl2fV
Dp/AWyKNoIm+9I4D9kmesk9LdixkKTsjOB+dtzVsiXZe1mKx
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:49 2025 by rpki-client