Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWSukhX6H9GRWSoIDRasyg5pF5E.roa
File: uWSukhX6H9GRWSoIDRasyg5pF5E.roa (raw, json)
Hash identifier: MVouNeCQZr7sHl09LGaYPTQ51H5t60nruE1FoT+38+c=
Subject key identifier: B9:64:AE:92:15:FA:1F:D1:91:59:2A:08:0D:16:AC:CA:0E:69:17:91
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01966682CE15701A29C15BAA09EBA5F9BC23
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWSukhX6H9GRWSoIDRasyg5pF5E.roa
Signing time: Thu 24 Apr 2025 06:36:10 +0000
ROA not before: Thu 24 Apr 2025 06:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.208.0/23 maxlen: 23
84.32.214.0/23 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.127.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:82:ce:15:70:1a:29:c1:5b:aa:09:eb:a5:f9:bc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 24 06:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b964ae9215fa1fd191592a080d16acca0e691791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:75:33:ee:2a:fc:44:e4:c1:e4:ea:b7:d4:
61:34:ac:10:ba:ec:c8:8a:a9:af:68:c8:0a:91:dc:
54:d5:c8:a3:26:99:16:0b:bc:e7:a3:f4:f7:c4:e2:
21:84:71:11:22:6d:81:d9:db:7a:e4:e1:10:b7:d5:
c1:b3:88:a4:6b:df:d0:d5:cf:af:a1:51:6f:3c:10:
2e:9d:08:98:6a:54:62:cd:b0:84:9d:6d:c2:23:bf:
d5:80:23:31:a1:9a:51:2a:3e:ed:0f:6c:19:db:f6:
af:8a:b9:37:10:b2:2d:0e:00:24:3f:a0:d5:75:5d:
e8:32:4d:b4:5f:a4:11:d3:57:67:7d:98:2a:0a:01:
57:ff:9a:6c:6d:89:ba:24:d2:b5:d8:53:18:7c:c4:
75:d0:1e:8f:9c:fc:d8:f1:21:77:99:c8:1b:68:40:
5e:f1:9c:76:3d:ec:b7:10:70:4e:19:3a:e7:bb:4e:
74:ca:b0:46:0e:e0:5e:93:d7:09:bc:cd:ba:03:7d:
7b:10:5e:29:cc:9f:14:24:ea:f3:ab:f8:f1:49:97:
c1:5c:45:02:4a:77:c6:d0:50:d8:21:a4:99:59:25:
50:0e:4e:95:50:fe:34:da:e4:d0:8f:b0:74:68:99:
24:13:b9:92:46:cc:bc:91:b8:25:12:1d:8a:76:2a:
7c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:64:AE:92:15:FA:1F:D1:91:59:2A:08:0D:16:AC:CA:0E:69:17:91
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWSukhX6H9GRWSoIDRasyg5pF5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.104.0/24
84.32.148.0/22
84.32.174.0/23
84.32.208.0/23
84.32.214.0/23
84.32.223.0/24
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.127.0/24
88.216.130.0/23
88.216.134.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
88:cd:24:04:ea:a3:76:2b:4f:4b:46:11:e6:28:f9:b7:0b:c1:
4a:48:d4:fa:02:65:fd:21:68:09:51:81:0c:a2:2d:ae:d9:cd:
0d:83:21:af:2f:4f:ae:a6:3f:7e:e1:e5:47:75:40:11:e2:93:
22:c1:05:41:12:56:a6:33:0c:98:b2:2f:f3:16:77:66:5e:5c:
73:5f:f2:0d:4c:5d:e3:46:b8:7a:d7:19:14:9b:57:1d:78:4f:
c4:aa:62:48:e7:63:3c:17:87:27:d2:c9:db:29:58:e5:52:9f:
1d:fa:47:60:3b:1d:0c:86:aa:14:d2:b5:09:20:ad:f9:66:38:
e3:f1:34:39:7d:00:99:42:03:10:5a:d9:45:21:0c:af:44:7a:
22:7a:a3:60:9c:f0:f0:64:20:65:b8:57:b0:7f:19:ba:9a:f5:
0d:77:03:3d:09:b8:7c:c2:89:3e:2e:13:cd:9f:7a:40:d5:04:
f1:53:ce:99:ce:23:5b:1f:2f:b0:f7:75:bc:0c:a3:6a:6f:ff:
a5:6d:23:76:7d:54:50:26:11:88:59:39:e5:c0:ce:e2:09:82:
a1:aa:45:b4:49:be:2c:d5:6a:ed:fe:d2:9a:67:01:c2:e3:73:
58:c5:5b:a5:76:c1:11:8a:0c:f7:95:6f:95:2f:32:8c:cf:78:
f6:1d:05:eb
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZZmgs4VcBopwVuqCeul+bwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNDI0MDYzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY0YWU5MjE1ZmExZmQxOTE1OTJhMDgwZDE2YWNjYTBlNjkxNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5d1M+4q/ETkweTqt9RhNKwQuuzI
iqmvaMgKkdxU1cijJpkWC7zno/T3xOIhhHERIm2B2dt65OEQt9XBs4ika9/Q1c+v
oVFvPBAunQiYalRizbCEnW3CI7/VgCMxoZpRKj7tD2wZ2/avirk3ELItDgAkP6DV
dV3oMk20X6QR01dnfZgqCgFX/5psbYm6JNK12FMYfMR10B6PnPzY8SF3mcgbaEBe
8Zx2Pey3EHBOGTrnu050yrBGDuBek9cJvM26A317EF4pzJ8UJOrzq/jxSZfBXEUC
SnfG0FDYIaSZWSVQDk6VUP402uTQj7B0aJkkE7mSRsy8kbglEh2Kdip8TwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLlkrpIV+h/RkVkqCA0WrMoOaReRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdVdTdWtoWDZIOUdSV1NvSURSYXN5ZzVwRjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
VCAHAwQAVCAIAwQCVCAUAwQBVCAuAwQAVCBAAwQAVCBoAwQCVCCUAwQBVCCuAwQB
VCDQAwQBVCDWAwQAVCDfAwQCVCD0AwQBWNgWAwQBWNgsAwQBWNhCAwQAWNhdAwQA
WNh/AwQBWNiCAwQBWNiGAwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQCIzSQE6qN2
K09LRhHmKPm3C8FKSNT6AmX9IWgJUYEMoi2u2c0NgyGvL0+upj9+4eVHdUAR4pMi
wQVBElamMwyYsi/zFndmXlxzX/INTF3jRrh61xkUm1cdeE/EqmJI52M8F4cn0snb
KVjlUp8d+kdgOx0MhqoU0rUJIK35Zjjj8TQ5fQCZQgMQWtlFIQyvRHoieqNgnPDw
ZCBluFewfxm6mvUNdwM9Cbh8wok+LhPNn3pA1QTxU86ZziNbHy+w93W8DKNqb/+l
bSN2fVRQJhGIWTnlwM7iCYKhqkW0Sb4s1Wrt/tKaZwHC43NYxVuldsERigz3lW+V
LzKMz3j2HQXr
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:17:58 2025 by rpki-client