Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/uC4_l-E2xjwrvlqz30Q-HpJhGxI.roa
File: uC4_l-E2xjwrvlqz30Q-HpJhGxI.roa (raw, json)
Hash identifier: eCi9fijMSbE+YJ8x/iuJrnNqx//o/hxhFT+nJZyvJ+A=
Subject key identifier: B8:2E:3F:97:E1:36:C6:3C:2B:BE:5A:B3:DF:44:3E:1E:92:61:1B:12
Certificate issuer: /CN=440e88c3137f8a915f7da1b5c0341ca18c2c234c
Certificate serial: 01962214838B507ACEB5331EE9EE900EC59F
Authority key identifier: 44:0E:88:C3:13:7F:8A:91:5F:7D:A1:B5:C0:34:1C:A1:8C:2C:23:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RA6IwxN_ipFffaG1wDQcoYwsI0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/uC4_l-E2xjwrvlqz30Q-HpJhGxI.roa
Signing time: Thu 10 Apr 2025 23:41:31 +0000
ROA not before: Thu 10 Apr 2025 23:41:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48937
IP address blocks: 213.5.170.0/23 maxlen: 23
213.5.170.0/24 maxlen: 24
213.5.171.0/24 maxlen: 24
213.5.172.0/22 maxlen: 22
213.5.172.0/23 maxlen: 23
213.5.172.0/24 maxlen: 24
213.5.173.0/24 maxlen: 24
213.5.174.0/23 maxlen: 23
213.5.174.0/24 maxlen: 24
213.5.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/RA6IwxN_ipFffaG1wDQcoYwsI0w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/RA6IwxN_ipFffaG1wDQcoYwsI0w.mft
rsync://rpki.ripe.net/repository/DEFAULT/RA6IwxN_ipFffaG1wDQcoYwsI0w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:22:14:83:8b:50:7a:ce:b5:33:1e:e9:ee:90:0e:c5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=440e88c3137f8a915f7da1b5c0341ca18c2c234c
Validity
Not Before: Apr 10 23:41:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b82e3f97e136c63c2bbe5ab3df443e1e92611b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:47:94:55:ca:a6:4a:31:a7:db:5e:61:70:1d:
fc:98:bd:44:57:0c:d8:58:f4:28:31:08:5c:ee:7f:
5f:6b:4c:35:dc:0e:b8:12:0a:87:a5:fe:ac:57:c3:
f8:43:15:71:1a:e2:2b:27:87:a3:be:93:7a:c9:d8:
0b:05:e5:a5:70:d6:08:28:c7:8c:22:7b:e8:67:76:
a3:93:4c:5a:83:98:fb:7e:00:69:04:03:5c:20:5b:
d0:75:eb:d5:45:64:87:96:0f:b4:7a:6e:73:d6:fd:
ed:6a:77:9e:d7:15:16:12:79:64:1d:d3:2e:24:9e:
6b:6f:c1:2e:f0:c6:2b:85:07:53:b7:eb:51:b6:a4:
62:12:86:0d:04:51:8d:61:81:c6:84:9a:50:9e:38:
8a:e9:53:99:01:08:79:41:a5:bd:a5:0d:78:1e:57:
0e:a2:c0:7e:13:4a:6c:80:e6:09:1b:cc:fb:75:e0:
6f:cb:5f:3c:7d:5a:81:47:c8:f2:14:33:14:a1:70:
f4:cf:31:2b:58:65:58:bc:e8:5b:79:c4:63:b6:c5:
df:a8:55:07:e4:02:d5:bb:57:6c:18:e3:c8:22:ca:
84:d0:86:6d:0b:87:0f:1c:91:65:34:fd:47:0b:56:
bf:2a:6d:a8:28:af:a6:47:d2:e8:fb:b0:3a:83:c9:
68:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2E:3F:97:E1:36:C6:3C:2B:BE:5A:B3:DF:44:3E:1E:92:61:1B:12
X509v3 Authority Key Identifier:
keyid:44:0E:88:C3:13:7F:8A:91:5F:7D:A1:B5:C0:34:1C:A1:8C:2C:23:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RA6IwxN_ipFffaG1wDQcoYwsI0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/uC4_l-E2xjwrvlqz30Q-HpJhGxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/RA6IwxN_ipFffaG1wDQcoYwsI0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.170.0-213.5.175.255
Signature Algorithm: sha256WithRSAEncryption
75:d7:3a:ed:b6:8a:7d:f6:37:e6:c2:47:b4:09:c7:9f:cd:90:
01:60:88:b0:ec:9a:b3:a8:e2:c2:e0:b3:49:de:5b:9f:90:cd:
20:bc:6b:d8:fa:47:64:b9:58:89:c0:69:84:71:5d:f1:e2:35:
12:0d:b7:41:12:92:15:22:33:f5:4f:e9:10:86:ff:07:02:e2:
0c:59:99:da:20:8b:1b:26:88:f2:e9:e9:3d:cd:73:42:67:11:
63:b6:9e:0e:28:cb:e6:3d:87:cc:05:57:28:01:05:e6:40:e1:
a2:0b:0a:ff:af:21:79:43:0f:cb:e1:8d:79:24:d5:17:94:5b:
3c:9c:d8:54:5f:70:d4:52:0d:ba:a9:b6:f2:e5:c4:41:88:86:
20:45:7d:d6:27:58:58:8a:dd:de:1d:98:dc:26:ce:03:fc:5b:
a0:47:1e:a2:48:a0:a5:c4:61:c4:7f:6c:22:dd:8c:f2:e8:95:
28:7a:61:f2:05:d5:a5:6c:6a:ef:92:b4:43:f2:ea:1f:b0:ad:
f6:bc:a2:f5:d7:f7:f3:cd:34:f0:b0:92:cd:70:15:31:3e:f4:
e1:8d:ca:d0:e7:cf:7d:30:e2:54:be:e5:37:45:f7:ac:69:73:
34:3b:14:6c:f6:43:8a:e7:33:5a:40:b5:a5:5d:ad:9a:e6:0a:
07:72:9b:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYiFIOLUHrOtTMe6e6QDsWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MGU4OGMzMTM3ZjhhOTE1ZjdkYTFiNWMwMzQxY2ExOGMy
YzIzNGMwHhcNMjUwNDEwMjM0MTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJlM2Y5N2UxMzZjNjNjMmJiZTVhYjNkZjQ0M2UxZTkyNjExYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkeUVcqmSjGn215hcB38mL1EVwzY
WPQoMQhc7n9fa0w13A64EgqHpf6sV8P4QxVxGuIrJ4ejvpN6ydgLBeWlcNYIKMeM
InvoZ3ajk0xag5j7fgBpBANcIFvQdevVRWSHlg+0em5z1v3tanee1xUWEnlkHdMu
JJ5rb8Eu8MYrhQdTt+tRtqRiEoYNBFGNYYHGhJpQnjiK6VOZAQh5QaW9pQ14HlcO
osB+E0psgOYJG8z7deBvy188fVqBR8jyFDMUoXD0zzErWGVYvOhbecRjtsXfqFUH
5ALVu1dsGOPIIsqE0IZtC4cPHJFlNP1HC1a/Km2oKK+mR9Lo+7A6g8lo9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLguP5fhNsY8K75as99EPh6SYRsSMB8GA1UdIwQY
MBaAFEQOiMMTf4qRX32htcA0HKGMLCNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkE2SXd4Tl9pcEZmZmFHMXdEUWNvWXdzSTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wNzg5YWEtOWU3My00NWVlLTkxYjYt
MTQzZmY2MGQ5OTkxLzEvdUM0X2wtRTJ4andydmxxejMwUS1IcEpoR3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wNzg5YWEtOWU3My00NWVlLTkxYjYtMTQzZmY2MGQ5OTkx
LzEvUkE2SXd4Tl9pcEZmZmFHMXdEUWNvWXdzSTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHVBaoD
BATVBaAwDQYJKoZIhvcNAQELBQADggEBAHXXOu22in32N+bCR7QJx5/NkAFgiLDs
mrOo4sLgs0neW5+QzSC8a9j6R2S5WInAaYRxXfHiNRINt0ESkhUiM/VP6RCG/wcC
4gxZmdogixsmiPLp6T3Nc0JnEWO2ng4oy+Y9h8wFVygBBeZA4aILCv+vIXlDD8vh
jXkk1ReUWzyc2FRfcNRSDbqptvLlxEGIhiBFfdYnWFiK3d4dmNwmzgP8W6BHHqJI
oKXEYcR/bCLdjPLolSh6YfIF1aVsau+StEPy6h+wrfa8ovXX9/PNNPCwks1wFTE+
9OGNytDnz30w4lS+5TdF96xpczQ7FGz2Q4rnM1pAtaVdrZrmCgdym9I=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:22:31 2025 by rpki-client