Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UyrMzGs9rPlg2w22xhZaflhqCSI.roa
File: UyrMzGs9rPlg2w22xhZaflhqCSI.roa (raw, json)
Hash identifier: VVafToezEHmO/7jzPhoKttwPuHVR2eMhKCRXr0uAfdY=
Subject key identifier: 53:2A:CC:CC:6B:3D:AC:F9:60:DB:0D:B6:C6:16:5A:7E:58:6A:09:22
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019671F911AFD370FE87FE875972385AA542
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UyrMzGs9rPlg2w22xhZaflhqCSI.roa
Signing time: Sat 26 Apr 2025 12:01:10 +0000
ROA not before: Sat 26 Apr 2025 12:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.145.196.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2001:4ba6::/32 maxlen: 32
2a00:c320::/32 maxlen: 48
2a01:480::/32 maxlen: 32
2a0a:db80:1000::/36 maxlen: 36
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
2a0a:db80:4000::/36 maxlen: 36
2a0a:db80:5000::/36 maxlen: 36
2a0a:db80:8000::/36 maxlen: 36
2a0c:6b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:71:f9:11:af:d3:70:fe:87:fe:87:59:72:38:5a:a5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Apr 26 12:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=532acccc6b3dacf960db0db6c6165a7e586a0922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ff:46:63:64:9c:d9:e8:4d:f0:3b:95:ff:aa:
e3:2d:91:9e:f4:f3:fe:56:3a:09:93:af:a5:fe:88:
3f:55:6f:40:31:11:51:13:13:c4:49:10:ea:00:29:
69:c8:0d:fc:0c:c0:91:1b:56:05:ab:63:70:2a:b3:
97:b3:6d:0b:de:49:ca:9d:73:cf:d9:5b:66:d9:13:
75:fe:90:c6:a1:a0:fd:af:8d:c1:4d:a2:e8:42:0c:
72:1b:0c:87:b5:66:a1:24:8e:16:80:76:21:25:0c:
4f:a6:91:e9:21:eb:34:da:b5:8c:b3:21:6c:34:cb:
dc:87:15:82:60:f2:2b:fb:72:34:f5:eb:31:fa:b4:
ca:38:e9:48:03:ca:6d:3c:24:7c:80:99:89:39:44:
2f:cf:8b:6f:0f:f8:ce:33:a0:89:76:de:bb:11:6e:
13:73:60:bc:71:75:a5:76:91:c2:02:a6:ca:7b:0c:
22:e3:0d:1f:48:57:46:2e:17:9c:da:68:d8:70:93:
aa:d7:3e:f2:51:6a:38:08:53:c5:d9:a2:23:5c:e0:
34:ce:89:ee:cd:65:96:03:da:26:ec:06:a6:2d:fd:
19:8b:49:43:4f:b2:43:08:39:24:50:38:13:f8:9d:
19:0c:0b:f4:0e:b6:69:66:3b:7a:ff:0b:e1:2e:9d:
b5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2A:CC:CC:6B:3D:AC:F9:60:DB:0D:B6:C6:16:5A:7E:58:6A:09:22
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/UyrMzGs9rPlg2w22xhZaflhqCSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.145.196.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2001:4ba6::/32
2a00:c320::/32
2a01:480::/32
2a0a:db80:1000::-2a0a:db80:5fff:ffff:ffff:ffff:ffff:ffff
2a0a:db80:8000::/36
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
89:2b:62:5d:0f:be:49:bc:61:f5:20:64:5b:03:3d:23:42:89:
82:ea:29:ef:6e:fb:49:01:96:49:34:61:d1:6a:d5:63:a8:29:
b2:72:d1:f0:d1:21:a1:20:5c:13:45:03:cc:cb:b4:af:f1:cc:
2d:c3:ac:93:8b:c1:cc:84:6d:75:f8:9f:b6:06:89:04:0f:89:
fc:a3:19:20:34:53:65:25:ed:43:87:5c:84:05:b3:d5:4e:3e:
4a:36:1e:e6:f7:3c:2a:22:cd:a0:43:6e:5a:12:0a:e6:0f:62:
a0:ba:b5:47:94:ab:a1:6e:cb:45:c8:8c:cc:5c:d4:a4:45:b2:
5b:36:b6:6f:25:ca:31:dc:a0:af:75:08:de:c4:3a:fc:99:8e:
f2:89:cf:93:60:fd:81:f7:a0:5e:e5:4e:c3:30:39:fd:54:09:
49:40:38:8a:6d:09:40:2a:1c:a5:74:a9:7a:60:ea:9c:9c:89:
5e:75:20:05:99:d6:a3:d9:2d:52:f0:5f:65:5f:3c:a9:05:03:
f7:51:c9:e4:6f:f8:8f:46:f2:21:35:73:d2:f7:1c:4e:cd:b2:
97:98:54:17:6f:fd:ad:f7:4a:14:85:be:8a:b7:54:d9:61:d0:
32:37:32:4e:81:aa:65:05:a2:b4:47:3f:32:02:e1:c2:fc:e4:
6d:b3:2f:21
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAZZx+RGv03D+h/6HWXI4WqVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwNDI2MTIwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzJhY2NjYzZiM2RhY2Y5NjBkYjBkYjZjNjE2NWE3ZTU4NmEwOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf9GY2Sc2ehN8DuV/6rjLZGe9PP+
VjoJk6+l/og/VW9AMRFRExPESRDqAClpyA38DMCRG1YFq2NwKrOXs20L3knKnXPP
2Vtm2RN1/pDGoaD9r43BTaLoQgxyGwyHtWahJI4WgHYhJQxPppHpIes02rWMsyFs
NMvchxWCYPIr+3I09esx+rTKOOlIA8ptPCR8gJmJOUQvz4tvD/jOM6CJdt67EW4T
c2C8cXWldpHCAqbKewwi4w0fSFdGLhec2mjYcJOq1z7yUWo4CFPF2aIjXOA0zonu
zWWWA9om7AamLf0Zi0lDT7JDCDkkUDgT+J0ZDAv0DrZpZjt6/wvhLp21wwIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFFMqzMxrPaz5YNsNtsYWWn5YagkiMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvVXlyTXpHczlyUGxnMncyMnhoWmFmbGhxQ1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCBwQQCAAEwgboD
BAMFaGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtAD
BARRHpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8D
BABb1KMDBARdusADBASSACADBACSE6YDBAKYWVwDBAK5D/QDBAK5LfgDBAK5kcQD
BAK529ADBAHBb8YDBADCa4EDBADCfsYDBAHDXfIDBAbVysADBATZT7AwUwQCAAIw
TQMFASABS6AwDgMFACABS6MDBQAgAUukAwUAIAFLpgMFACoAwyADBQAqAQSAMBAD
BgQqCtuAEAMGBSoK24BAAwYEKgrbgIADBQAqDGsAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJK2JdD75JvGH1IGRbAz0jQomC6invbvtJAZZJNGHRatVjqCmyctHw0SGhIFwT
RQPMy7Sv8cwtw6yTi8HMhG11+J+2BokED4n8oxkgNFNlJe1Dh1yEBbPVTj5KNh7m
9zwqIs2gQ25aEgrmD2KgurVHlKuhbstFyIzMXNSkRbJbNrZvJcox3KCvdQjexDr8
mY7yic+TYP2B96Be5U7DMDn9VAlJQDiKbQlAKhyldKl6YOqcnIledSAFmdaj2S1S
8F9lXzypBQP3Ucnkb/iPRvIhNXPS9xxOzbKXmFQXb/2t90oUhb6Kt1TZYdAyNzJO
gaplBaK0Rz8yAuHC/ORtsy8h
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:46:28 2025 by rpki-client