Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/uLAHNi7rmoHRh_D54NFn7mSRJKY.roa
File: uLAHNi7rmoHRh_D54NFn7mSRJKY.roa (raw, json)
Hash identifier: v1waYeM99XoJRaEbp2nkSCeaz2Y1P/V5tFFutQv8UbE=
Subject key identifier: B8:B0:07:36:2E:EB:9A:81:D1:87:F0:F9:E0:D1:67:EE:64:91:24:A6
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 0196C8E7B4B3D21A6A498DF3AF1F5B971DA0
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/uLAHNi7rmoHRh_D54NFn7mSRJKY.roa
Signing time: Tue 13 May 2025 09:09:10 +0000
ROA not before: Tue 13 May 2025 09:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
151.216.16.0/20 maxlen: 20
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
194.104.149.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 09:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:e7:b4:b3:d2:1a:6a:49:8d:f3:af:1f:5b:97:1d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: May 13 09:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8b007362eeb9a81d187f0f9e0d167ee649124a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4d:45:f6:69:0c:16:c1:ae:78:e8:18:10:01:
e0:92:d3:55:3a:14:53:0d:eb:ae:fe:9c:af:93:8a:
8c:e3:c1:e6:f3:a4:ce:5f:c3:6b:c7:1a:35:5b:71:
ce:b6:8a:4d:f6:c4:8b:5f:01:d7:12:00:1e:dd:3a:
47:e0:54:b5:6c:7f:dd:9d:d0:b8:bc:fb:66:eb:72:
89:c3:9f:9a:23:ce:ab:01:f3:ea:31:ee:01:6a:e2:
5d:0d:7d:5f:d0:b0:b8:8d:54:b1:72:63:10:ff:fe:
61:b1:a3:6b:e6:d4:d2:4e:92:79:30:c5:b6:e1:11:
72:53:25:3e:4b:6e:70:46:62:1b:07:fc:8a:7e:98:
64:05:6b:82:4e:73:25:8e:6e:c7:c4:bb:eb:a5:93:
cf:81:05:41:17:51:75:6b:80:3c:d2:11:b1:29:a8:
f3:f3:5f:8b:d9:2d:93:6f:45:13:c9:85:84:25:87:
d8:03:f4:e4:2f:e5:dd:45:25:b2:af:61:62:e0:07:
7d:2d:17:cc:b6:ae:00:68:9b:01:25:65:73:8c:5f:
13:c7:20:6e:94:70:30:ab:45:95:b4:7b:91:18:60:
85:bd:6d:24:53:f3:8c:43:9f:ad:07:07:7b:37:61:
c6:ec:99:c3:07:e7:8a:3f:d2:48:c0:fb:af:b7:4d:
7a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B0:07:36:2E:EB:9A:81:D1:87:F0:F9:E0:D1:67:EE:64:91:24:A6
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/uLAHNi7rmoHRh_D54NFn7mSRJKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
151.216.16.0/20
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
4c:c3:5e:84:49:85:dd:18:3b:7b:aa:c8:18:8f:cd:fd:11:29:
21:c5:45:a5:53:92:53:26:3d:79:59:13:4e:85:45:96:90:a0:
eb:ac:8f:da:90:45:ba:8b:77:db:75:92:e1:3a:1d:30:b6:92:
22:10:d5:5d:37:29:27:67:0a:d1:fd:51:87:00:da:40:71:40:
0f:9a:f2:aa:d7:81:f3:0c:bc:03:bf:96:c3:e8:5a:c6:3c:ab:
04:e8:b8:39:44:01:94:cb:eb:ce:28:27:4e:7e:a8:61:01:f2:
65:d4:b4:64:29:5d:ec:60:37:93:ca:15:fa:b7:65:b3:31:10:
fb:f8:72:20:5b:bb:09:0a:12:ff:ae:b2:bb:47:78:74:f4:fd:
7c:0e:18:69:07:9e:aa:cb:70:c3:23:b4:27:2b:b6:21:d5:a6:
d2:ff:10:5f:a1:59:e1:f5:fe:88:c7:29:e4:af:20:2f:31:ea:
32:ba:b0:f4:76:0f:55:99:ec:75:fa:c9:6c:6c:19:7c:af:25:
fe:ae:dd:a8:81:eb:f4:10:66:98:35:b9:fe:3c:e3:d5:b3:ca:
36:77:b9:65:38:b3:51:41:62:f1:3e:2f:2b:4f:60:f6:41:93:
32:ef:16:c3:33:f5:38:38:c7:b6:29:84:ba:98:94:81:1b:82:
b7:2f:29:32
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZbI57Sz0hpqSY3zrx9blx2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjUwNTEzMDkwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIwMDczNjJlZWI5YTgxZDE4N2YwZjllMGQxNjdlZTY0OTEyNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk1F9mkMFsGueOgYEAHgktNVOhRT
Deuu/pyvk4qM48Hm86TOX8Nrxxo1W3HOtopN9sSLXwHXEgAe3TpH4FS1bH/dndC4
vPtm63KJw5+aI86rAfPqMe4BauJdDX1f0LC4jVSxcmMQ//5hsaNr5tTSTpJ5MMW2
4RFyUyU+S25wRmIbB/yKfphkBWuCTnMljm7HxLvrpZPPgQVBF1F1a4A80hGxKajz
81+L2S2Tb0UTyYWEJYfYA/TkL+XdRSWyr2Fi4Ad9LRfMtq4AaJsBJWVzjF8TxyBu
lHAwq0WVtHuRGGCFvW0kU/OMQ5+tBwd7N2HG7JnDB+eKP9JIwPuvt016PQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLiwBzYu65qB0Yfw+eDRZ+5kkSSmMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvdUxBSE5pN3Jtb0hSaF9ENTRORm43bVNSSktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAJeSCAwQA
XvePAwQEl9gQAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqG
SIb3DQEBCwUAA4IBAQBMw16ESYXdGDt7qsgYj839ESkhxUWlU5JTJj15WRNOhUWW
kKDrrI/akEW6i3fbdZLhOh0wtpIiENVdNyknZwrR/VGHANpAcUAPmvKq14HzDLwD
v5bD6FrGPKsE6Lg5RAGUy+vOKCdOfqhhAfJl1LRkKV3sYDeTyhX6t2WzMRD7+HIg
W7sJChL/rrK7R3h09P18DhhpB56qy3DDI7QnK7Yh1abS/xBfoVnh9f6IxynkryAv
MeoyurD0dg9Vmex1+slsbBl8ryX+rt2ogev0EGaYNbn+POPVs8o2d7llOLNRQWLx
Pi8rT2D2QZMy7xbDM/U4OMe2KYS6mJSBG4K3Lyky
-----END CERTIFICATE-----
Generated at Tue May 13 18:58:19 2025 by rpki-client