Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uzlc8Ko9JFqrikIWw65GgZU1fEQ.roa
File: uzlc8Ko9JFqrikIWw65GgZU1fEQ.roa (raw, json)
Hash identifier: e7FYzVxPvyFhndUtLqG1Vq+1vU776yvZGOSV0FFCEqw=
Subject key identifier: BB:39:5C:F0:AA:3D:24:5A:AB:8A:42:16:C3:AE:46:81:95:35:7C:44
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196BAE3C1EFA8931D5C8768D6AC26C9E27A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uzlc8Ko9JFqrikIWw65GgZU1fEQ.roa
Signing time: Sat 10 May 2025 15:50:10 +0000
ROA not before: Sat 10 May 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:e3:c1:ef:a8:93:1d:5c:87:68:d6:ac:26:c9:e2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 10 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb395cf0aa3d245aab8a4216c3ae468195357c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:c3:5d:47:e0:75:f5:c5:4d:97:22:fe:a4:
d0:cb:40:a9:a2:c0:1c:35:be:e1:f0:2b:7f:e8:e3:
24:74:53:b0:77:ca:14:e2:30:42:7b:1a:5a:59:fb:
cb:99:54:c9:a9:8b:1d:f3:b4:46:9f:33:a2:73:59:
b8:b3:e6:b1:3f:f7:7b:95:d6:e4:46:3a:39:46:58:
b3:11:51:c7:4c:64:ae:e1:7d:9f:01:7e:0b:f2:d0:
e1:a3:c9:74:40:06:50:f7:2d:76:db:a9:06:50:fc:
81:28:84:75:ce:be:42:0e:9c:d0:95:e7:e4:2f:01:
1c:82:d1:5c:0c:88:45:52:b0:3b:51:02:99:45:2b:
7a:90:eb:77:d1:00:20:f4:88:2f:07:4f:65:9d:af:
01:2e:0c:ec:c7:c5:f3:93:1f:88:f3:f0:b1:32:c5:
ec:4f:b9:3a:e2:a1:fc:b3:a0:ca:5f:c9:04:c0:95:
0c:b9:5e:98:0b:f7:8d:d4:15:47:5b:84:07:56:ae:
da:22:13:da:13:9d:e2:7f:88:67:3e:fb:38:8a:28:
82:37:f8:a8:21:34:27:fc:ad:71:e4:1a:b3:98:5a:
99:09:07:a1:c2:96:77:04:e0:38:b5:3a:8a:a2:cc:
15:e9:c9:cb:49:ed:a1:13:ef:c4:fa:53:e7:8c:fa:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:39:5C:F0:AA:3D:24:5A:AB:8A:42:16:C3:AE:46:81:95:35:7C:44
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uzlc8Ko9JFqrikIWw65GgZU1fEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
193.8.215.0/24
193.23.245.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
193.27.21.0/24
194.33.29.0/24
194.33.61.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
b6:24:30:bb:6f:75:2f:75:6b:25:f7:bd:1b:12:1b:f0:98:08:
4c:92:a9:5a:b9:ae:de:29:6f:03:39:f1:4a:15:fd:36:6f:ac:
e2:42:11:d9:91:00:05:98:67:35:a0:94:e4:f6:57:4d:8a:51:
6c:83:a3:00:47:db:df:88:c5:22:84:88:b4:7c:da:9e:53:6f:
b4:9d:2d:bb:df:5f:c9:57:52:ff:d2:53:e6:cc:00:50:78:8f:
56:e1:84:51:da:f6:57:6d:5a:ef:80:85:03:ad:ed:20:63:e8:
50:a4:06:02:66:33:b6:15:3a:d3:3e:60:25:ed:95:04:56:cc:
3b:e3:77:a4:1d:2c:b8:10:00:3b:62:44:5b:a7:97:63:3f:99:
1b:73:7c:ac:b3:7c:94:a4:c1:04:c6:37:58:e6:e3:e2:e5:47:
8e:99:47:eb:bf:ce:56:bb:56:c9:7f:10:85:0f:bd:53:af:ea:
03:4f:15:59:11:c3:86:b3:c6:94:6f:be:ce:a6:1e:ee:04:f7:
c6:7e:cc:6b:37:0a:cc:72:9f:26:90:a9:e9:4f:de:e6:97:2d:
16:8e:51:97:3d:06:44:6e:00:70:cb:df:aa:30:b5:8f:8e:00:
5f:6a:c1:20:41:91:30:d2:00:15:e2:a0:a8:90:12:54:c7:f2:
a7:3d:26:15
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZa648HvqJMdXIdo1qwmyeJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTEwMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM5NWNmMGFhM2QyNDVhYWI4YTQyMTZjM2FlNDY4MTk1MzU3YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPHDXUfgdfXFTZci/qTQy0CposAc
Nb7h8Ct/6OMkdFOwd8oU4jBCexpaWfvLmVTJqYsd87RGnzOic1m4s+axP/d7ldbk
Rjo5RlizEVHHTGSu4X2fAX4L8tDho8l0QAZQ9y1226kGUPyBKIR1zr5CDpzQlefk
LwEcgtFcDIhFUrA7UQKZRSt6kOt30QAg9IgvB09lna8BLgzsx8Xzkx+I8/CxMsXs
T7k64qH8s6DKX8kEwJUMuV6YC/eN1BVHW4QHVq7aIhPaE53if4hnPvs4iiiCN/io
ITQn/K1x5BqzmFqZCQehwpZ3BOA4tTqKoswV6cnLSe2hE+/E+lPnjPptnwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFLs5XPCqPSRaq4pCFsOuRoGVNXxEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdXpsYzhLbzlKRnFyaWtJV3c2NUdnWlUxZkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBxwQCAAEwgcADBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAEtg9QDBAAtg9cDBAAthycDBAAtiVEDBAAt
jA0DBAAtjbEDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAtnrkDBABV0YADBABn
cisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBAG58vQDBADBCNcDBADB
F/UDBADBF/0DBADBGwoDBADBGxMDBADBGxUDBADCIR0DBADCIT0DBADDnsAwGAQC
AAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEAtiQwu291
L3VrJfe9GxIb8JgITJKpWrmu3ilvAznxShX9Nm+s4kIR2ZEABZhnNaCU5PZXTYpR
bIOjAEfb34jFIoSItHzanlNvtJ0tu99fyVdS/9JT5swAUHiPVuGEUdr2V21a74CF
A63tIGPoUKQGAmYzthU60z5gJe2VBFbMO+N3pB0suBAAO2JEW6eXYz+ZG3N8rLN8
lKTBBMY3WObj4uVHjplH67/OVrtWyX8QhQ+9U6/qA08VWRHDhrPGlG++zqYe7gT3
xn7MazcKzHKfJpCp6U/e5pctFo5Rlz0GRG4AcMvfqjC1j44AX2rBIEGRMNIAFeKg
qJASVMfypz0mFQ==
-----END CERTIFICATE-----
Generated at Tue May 13 16:03:56 2025 by rpki-client