Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/uOMM6E0bjpo9Z4Gp-nfqUv0VaVQ.roa
File: uOMM6E0bjpo9Z4Gp-nfqUv0VaVQ.roa (raw, json)
Hash identifier: B3I+niBmd/S5k5XR2KwNvCK0s1V+GTyHX32C34m4UZc=
Subject key identifier: B8:E3:0C:E8:4D:1B:8E:9A:3D:67:81:A9:FA:77:EA:52:FD:15:69:54
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 01969F5DDBB1239799BCAE7BC9E6E24B6526
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/uOMM6E0bjpo9Z4Gp-nfqUv0VaVQ.roa
Signing time: Mon 05 May 2025 07:34:10 +0000
ROA not before: Mon 05 May 2025 07:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29535
IP address blocks: 79.191.255.0/24 maxlen: 24
80.54.110.0/23 maxlen: 24
83.2.0.0/20 maxlen: 20
83.2.8.0/22 maxlen: 22
83.2.56.0/22 maxlen: 22
178.42.9.0/24 maxlen: 24
178.42.22.0/24 maxlen: 24
193.110.120.0/22 maxlen: 22
195.149.235.0/24 maxlen: 24
195.149.236.0/22 maxlen: 22
2001:7f8:27::/48 maxlen: 48
2a01:1101:5::/48 maxlen: 48
2a01:11f0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:5d:db:b1:23:97:99:bc:ae:7b:c9:e6:e2:4b:65:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: May 5 07:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8e30ce84d1b8e9a3d6781a9fa77ea52fd156954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:ab:89:2d:9b:e5:3a:d3:5d:b4:97:3a:bb:
57:49:a4:8c:6d:95:e1:e9:8f:01:78:ce:e1:c6:9e:
00:bc:f3:94:4f:a3:49:f6:26:10:35:c0:9b:01:76:
07:4f:fa:91:97:58:af:b2:bf:77:ec:b4:05:05:dd:
7e:8b:23:b1:18:35:e5:6f:8f:fd:c5:a9:89:f3:db:
a7:cf:71:ee:70:c2:e1:a6:4c:83:8e:87:80:a6:35:
94:e1:1c:8f:50:6c:29:ce:12:90:f8:dd:b5:dd:88:
bc:ff:30:61:09:98:75:a5:dd:f7:05:02:5d:2e:84:
82:a5:4e:4e:dc:39:f7:72:c7:72:d4:16:71:31:88:
ec:19:e5:e5:7d:55:a3:0b:45:e6:b7:86:e2:9d:e4:
24:56:dd:ea:6d:bc:ac:3f:fd:2e:05:bc:d4:3c:3d:
4d:56:f0:b6:c6:4b:61:73:8d:23:1e:2b:37:fa:30:
bb:6a:9d:b5:2c:0a:e6:ce:86:54:f3:ba:d4:3b:ea:
ae:97:ad:a2:cd:c5:fa:b5:cc:1a:2b:bd:23:ef:4f:
79:43:06:c2:ec:59:50:fe:ae:01:68:49:6f:f3:f2:
dc:18:ca:4c:8e:ce:bc:ff:56:2c:f7:12:2d:44:e2:
62:52:c1:50:5c:d2:49:41:53:a3:42:54:ca:ec:78:
ce:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E3:0C:E8:4D:1B:8E:9A:3D:67:81:A9:FA:77:EA:52:FD:15:69:54
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/uOMM6E0bjpo9Z4Gp-nfqUv0VaVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.191.255.0/24
80.54.110.0/23
83.2.0.0/20
83.2.56.0/22
178.42.9.0/24
178.42.22.0/24
193.110.120.0/22
195.149.235.0-195.149.239.255
IPv6:
2001:7f8:27::/48
2a01:1101:5::/48
2a01:11f0::/28
Signature Algorithm: sha256WithRSAEncryption
5b:ca:2c:f9:21:57:94:08:e6:2c:71:2e:48:a4:68:04:bc:0e:
02:52:0a:d7:83:d1:85:4d:e4:e3:03:4d:ae:ab:8f:f2:8e:73:
a0:cb:3d:51:30:cf:2e:fa:c8:8e:4f:42:92:33:80:66:ca:35:
35:30:e1:59:46:35:bd:8a:65:6f:52:df:a2:67:b1:fa:06:36:
f9:4e:ef:18:44:11:02:25:1d:42:61:0c:b0:7e:62:35:9f:e9:
ea:f5:70:83:b2:b3:c6:d2:d1:6a:6b:13:2f:37:28:85:79:dd:
d4:a2:e7:67:b2:b7:d6:04:cd:87:f0:c9:ac:2f:2c:fa:60:0a:
59:f3:07:8f:74:f8:37:9b:d5:a2:05:30:34:ca:21:1f:fa:cc:
a2:85:b9:5c:90:1a:7a:41:b0:06:5c:4b:ff:3c:c4:a3:e7:35:
18:fc:8e:8b:eb:14:0c:32:0b:e4:87:b5:de:1f:97:95:6f:b8:
aa:73:fd:a5:b7:a4:1e:09:d3:39:ea:76:dd:34:3d:ae:a4:61:
77:84:78:35:69:18:be:a0:be:55:65:87:14:be:02:23:ae:52:
13:d7:cd:56:48:4c:24:af:8f:16:1d:28:37:54:0f:59:65:61:
99:bf:84:38:60:bf:87:30:ba:1d:3d:04:fe:4d:60:9e:47:09:
5a:cf:ec:ab
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZafXduxI5eZvK57yebiS2UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjUwNTA1MDczNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGUzMGNlODRkMWI4ZTlhM2Q2NzgxYTlmYTc3ZWE1MmZkMTU2OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6yriS2b5TrTXbSXOrtXSaSMbZXh
6Y8BeM7hxp4AvPOUT6NJ9iYQNcCbAXYHT/qRl1ivsr937LQFBd1+iyOxGDXlb4/9
xamJ89unz3HucMLhpkyDjoeApjWU4RyPUGwpzhKQ+N213Yi8/zBhCZh1pd33BQJd
LoSCpU5O3Dn3csdy1BZxMYjsGeXlfVWjC0Xmt4bineQkVt3qbbysP/0uBbzUPD1N
VvC2xkthc40jHis3+jC7ap21LArmzoZU87rUO+qul62izcX6tcwaK70j7095QwbC
7FlQ/q4BaElv8/LcGMpMjs68/1Ys9xItROJiUsFQXNJJQVOjQlTK7HjOnwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLjjDOhNG46aPWeBqfp36lL9FWlUMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvdU9NTTZFMGJqcG85WjRHcC1uZnFVdjBWYVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTA+BAIAATA4AwQAT7//AwQB
UDZuAwQEUwIAAwQCUwI4AwQAsioJAwQAsioWAwQCwW54MAwDBADDlesDBATDleAw
HwQCAAIwGQMHACABB/gAJwMHACoBEQEABQMFBCoBEfAwDQYJKoZIhvcNAQELBQAD
ggEBAFvKLPkhV5QI5ixxLkikaAS8DgJSCteD0YVN5OMDTa6rj/KOc6DLPVEwzy76
yI5PQpIzgGbKNTUw4VlGNb2KZW9S36JnsfoGNvlO7xhEEQIlHUJhDLB+YjWf6er1
cIOys8bS0WprEy83KIV53dSi52eyt9YEzYfwyawvLPpgClnzB490+Deb1aIFMDTK
IR/6zKKFuVyQGnpBsAZcS/88xKPnNRj8jovrFAwyC+SHtd4fl5VvuKpz/aW3pB4J
0znqdt00Pa6kYXeEeDVpGL6gvlVlhxS+AiOuUhPXzVZITCSvjxYdKDdUD1llYZm/
hDhgv4cwuh09BP5NYJ5HCVrP7Ks=
-----END CERTIFICATE-----
Generated at Wed May 14 09:04:24 2025 by rpki-client