Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ugjs28F6JWJlvex5orcXl6m76Ig.roa
File: ugjs28F6JWJlvex5orcXl6m76Ig.roa (raw, json)
Hash identifier: LdO5fKcxHaysN4igJkvFVkIbt95bz0wj9ENsBBs5bek=
Subject key identifier: BA:08:EC:DB:C1:7A:25:62:65:BD:EC:79:A2:B7:17:97:A9:BB:E8:88
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01966CBDA6953BAF6EB21CA6EC5EF34DB92A
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ugjs28F6JWJlvex5orcXl6m76Ig.roa
Signing time: Fri 25 Apr 2025 11:38:10 +0000
ROA not before: Fri 25 Apr 2025 11:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 147.185.196.0/24 maxlen: 24
193.168.202.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.197.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:bd:a6:95:3b:af:6e:b2:1c:a6:ec:5e:f3:4d:b9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Apr 25 11:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba08ecdbc17a256265bdec79a2b71797a9bbe888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fb:23:20:05:4a:28:e7:d9:e2:0c:a1:fc:87:
02:74:0a:34:d5:52:9f:25:b0:08:02:02:50:db:86:
c5:2c:b4:38:4a:fc:fd:06:3b:02:4a:8f:bb:46:de:
2b:fe:90:5c:e4:5a:2c:89:af:ef:e8:8f:75:a6:1b:
88:34:ab:33:44:86:c8:32:cc:f5:9e:08:8f:fe:93:
e1:bc:b2:72:8c:2b:39:de:07:44:41:b9:c2:bb:6f:
29:4a:29:b8:23:4f:90:92:d2:04:9f:e0:9c:60:d6:
a7:23:4b:4b:57:a9:1f:32:5a:1e:04:46:e5:20:31:
8a:99:d4:f3:2b:db:3c:a4:2c:eb:73:0c:2b:ba:5b:
ff:b1:df:48:50:a8:d8:64:13:e9:64:c9:3f:a0:cc:
7c:e0:60:7e:80:16:93:eb:05:5f:3b:a7:09:c6:a1:
d8:a7:3b:7b:a1:56:2f:5b:c0:2a:d2:81:de:d9:f3:
97:fb:c6:1b:5e:86:c4:2e:ec:4e:83:66:ff:af:98:
02:a0:98:8e:3a:fc:cf:b2:c7:c6:ed:c1:33:c3:c5:
3f:ac:5e:93:26:67:c4:57:5b:b7:86:a1:d3:9d:ec:
f8:93:bb:9d:d9:10:6c:85:d7:a2:78:51:bc:71:5a:
ba:5f:67:50:c2:d1:87:5b:14:c9:46:09:8e:5f:4d:
67:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:08:EC:DB:C1:7A:25:62:65:BD:EC:79:A2:B7:17:97:A9:BB:E8:88
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/ugjs28F6JWJlvex5orcXl6m76Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.196.0/24
193.168.202.0/23
207.244.197.0-207.244.198.255
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
10:c4:30:b4:b6:28:23:68:a2:97:08:44:dd:83:5c:c2:22:08:
3b:3b:e9:f6:19:78:e5:c5:39:71:8d:62:b2:aa:4a:30:fe:78:
55:68:bf:ac:cf:50:c4:73:c6:b8:f9:cd:a8:f0:70:74:19:ba:
c1:52:74:c1:ea:76:4a:0e:19:3e:2e:47:39:1d:4e:de:72:05:
af:b9:70:94:ca:20:50:34:57:01:79:04:bc:e9:4e:53:63:91:
6f:22:b0:0e:91:89:f3:a3:2a:c0:cf:47:f6:f3:61:47:da:46:
70:1e:f2:d1:8f:38:ca:a1:1e:3b:c2:d4:99:f0:1f:40:66:13:
e3:fe:cf:ea:e9:9c:e0:3c:24:ed:52:02:8d:5f:e9:41:29:b3:
e2:6a:41:9d:ac:e0:02:ee:f0:c2:33:e2:7a:28:5a:cc:f3:77:
15:74:50:fb:3d:a1:57:c0:d1:7a:12:29:04:14:df:cb:23:c7:
12:06:a8:9b:38:5b:11:f7:f3:bc:16:8c:dc:58:4e:b6:3a:c3:
36:eb:8d:26:05:dd:db:a6:c1:45:2c:f7:14:fb:44:5c:ab:6a:
79:e8:e6:0c:92:17:55:ff:01:00:91:40:82:60:e0:c9:4a:e4:
12:a1:84:b2:80:1a:3f:5e:b8:5e:74:9f:c7:1b:5f:65:e1:14:
51:6f:11:be
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZsvaaVO69ushym7F7zTbkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNDI1MTEzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA4ZWNkYmMxN2EyNTYyNjViZGVjNzlhMmI3MTc5N2E5YmJlODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvsjIAVKKOfZ4gyh/IcCdAo01VKf
JbAIAgJQ24bFLLQ4Svz9BjsCSo+7Rt4r/pBc5Fosia/v6I91phuINKszRIbIMsz1
ngiP/pPhvLJyjCs53gdEQbnCu28pSim4I0+QktIEn+CcYNanI0tLV6kfMloeBEbl
IDGKmdTzK9s8pCzrcwwrulv/sd9IUKjYZBPpZMk/oMx84GB+gBaT6wVfO6cJxqHY
pzt7oVYvW8Aq0oHe2fOX+8YbXobELuxOg2b/r5gCoJiOOvzPssfG7cEzw8U/rF6T
JmfEV1u3hqHTnez4k7ud2RBshdeieFG8cVq6X2dQwtGHWxTJRgmOX01nEwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLoI7NvBeiViZb3seaK3F5epu+iIMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvdWdqczI4RjZKV0psdmV4NW9yY1hsNm03NklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAk7nEAwQB
wajKMAwDBADP9MUDBADP9MYDBAHP9NAwDQYJKoZIhvcNAQELBQADggEBABDEMLS2
KCNoopcIRN2DXMIiCDs76fYZeOXFOXGNYrKqSjD+eFVov6zPUMRzxrj5zajwcHQZ
usFSdMHqdkoOGT4uRzkdTt5yBa+5cJTKIFA0VwF5BLzpTlNjkW8isA6RifOjKsDP
R/bzYUfaRnAe8tGPOMqhHjvC1JnwH0BmE+P+z+rpnOA8JO1SAo1f6UEps+JqQZ2s
4ALu8MIz4nooWszzdxV0UPs9oVfA0XoSKQQU38sjxxIGqJs4WxH387wWjNxYTrY6
wzbrjSYF3dumwUUs9xT7RFyranno5gySF1X/AQCRQIJg4MlK5BKhhLKAGj9euF50
n8cbX2XhFFFvEb4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:46:57 2025 by rpki-client