Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/eJbWnZkdtB1XQP-lTQYo9NYwC8s.roa
File: eJbWnZkdtB1XQP-lTQYo9NYwC8s.roa (raw, json)
Hash identifier: aCQl9JsB017Uw8/9Bsa0biyS5DV/TBIkVl+jSb6dD48=
Subject key identifier: 78:96:D6:9D:99:1D:B4:1D:57:40:FF:A5:4D:06:28:F4:D6:30:0B:CB
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 0196A48E4959B9D2B578789F1EA78ADAFA88
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/eJbWnZkdtB1XQP-lTQYo9NYwC8s.roa
Signing time: Tue 06 May 2025 07:45:10 +0000
ROA not before: Tue 06 May 2025 07:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51191
IP address blocks: 130.185.104.0/21 maxlen: 21
185.24.68.0/22 maxlen: 22
185.108.216.0/22 maxlen: 22
195.138.240.0/21 maxlen: 21
195.138.241.0/24 maxlen: 24
195.138.244.0/24 maxlen: 24
2a01:4a0:2000::/48 maxlen: 48
2a01:4a0:2001::/48 maxlen: 48
2a01:4a0:2002::/48 maxlen: 48
2a06:4b00::/29 maxlen: 29
2a06:4b01:3300::/48 maxlen: 48
2a06:4b01:3301::/48 maxlen: 48
2a06:4b01:3302::/48 maxlen: 48
2a06:4b01:3303::/48 maxlen: 48
2a06:4b01:3304::/48 maxlen: 48
2a06:4b01:3305::/48 maxlen: 48
2a06:4b01:3306::/48 maxlen: 48
2a06:4b01:3307::/48 maxlen: 48
2a06:4b01:3308::/48 maxlen: 48
2a06:4b01:3309::/48 maxlen: 48
2a06:4b01:330a::/48 maxlen: 48
2a06:4b01:330b::/48 maxlen: 48
2a06:4b01:330c::/48 maxlen: 48
2a06:4b01:330d::/48 maxlen: 48
2a06:4b01:330e::/48 maxlen: 48
2a06:4b01:330f::/48 maxlen: 48
2a06:4b01:3310::/48 maxlen: 48
2a06:4b01:3311::/48 maxlen: 48
2a06:4b01:3312::/48 maxlen: 48
2a06:4b01:3313::/48 maxlen: 48
2a06:4b01:3314::/48 maxlen: 48
2a06:4b01:3315::/48 maxlen: 48
2a06:4b01:3316::/48 maxlen: 48
2a06:4b01:3317::/48 maxlen: 48
2a06:4b01:3400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:8e:49:59:b9:d2:b5:78:78:9f:1e:a7:8a:da:fa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: May 6 07:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7896d69d991db41d5740ffa54d0628f4d6300bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:bc:6a:c3:a1:b2:fc:df:83:36:8b:e9:d9:
41:26:1b:c0:88:2c:57:eb:46:33:1e:4b:2c:5b:92:
8c:7e:65:e9:57:0a:1e:d1:74:b7:4d:33:9b:9c:28:
26:4e:59:21:c2:e3:06:8a:c4:39:d3:bc:a1:80:55:
b5:a5:b9:71:81:b4:d3:da:63:41:fe:a2:72:35:cd:
9b:15:08:08:00:a4:e2:30:2c:22:d5:30:23:55:5c:
0f:1c:29:a7:c6:17:db:19:4f:84:73:81:3f:79:09:
8f:df:a7:7d:cd:b7:e3:49:9b:0d:7d:d9:b0:3b:0f:
64:a8:cd:8d:3d:67:56:fe:62:79:4b:69:5d:88:6d:
b0:b8:9a:1f:21:31:a8:61:43:68:55:1d:ad:a3:f6:
b2:25:8a:30:85:7c:49:25:67:d1:e0:6a:8a:4a:95:
00:09:c3:88:8f:d0:f3:93:ae:31:dd:c5:36:1a:27:
eb:98:77:a4:99:4d:98:7b:11:e8:ee:c1:1a:9e:42:
0a:8f:b9:09:df:e3:d6:8b:2c:e0:7f:e6:9c:76:85:
82:94:3f:e1:2d:31:89:ed:d1:be:16:37:0b:ba:ff:
66:1c:9e:87:89:b1:b4:4f:1c:51:59:11:d9:af:35:
1d:e5:4e:97:83:22:f7:3b:51:ce:2d:26:79:e9:4f:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:96:D6:9D:99:1D:B4:1D:57:40:FF:A5:4D:06:28:F4:D6:30:0B:CB
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/eJbWnZkdtB1XQP-lTQYo9NYwC8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.104.0/21
185.24.68.0/22
185.108.216.0/22
195.138.240.0/21
IPv6:
2a01:4a0:2000::-2a01:4a0:2002:ffff:ffff:ffff:ffff:ffff
2a06:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
4b:47:a0:7e:bb:b7:13:4b:91:a3:68:15:cd:fb:47:d6:31:a0:
9c:28:70:5b:d0:c3:2f:0a:93:ce:98:c7:8a:1b:6b:87:90:1f:
59:51:13:d5:bb:28:68:8a:fc:d4:1a:4c:80:e3:0f:fc:2f:cc:
4b:52:2f:ce:8a:3c:40:c9:bd:79:74:e1:ea:59:d4:19:72:40:
c6:30:3d:1c:9e:b7:63:b6:63:94:6e:02:d7:b2:c5:cc:10:34:
5c:9c:4f:6f:3f:3d:1f:d0:38:49:29:34:92:49:f1:e5:4e:04:
6d:23:f1:01:09:4a:e3:0d:54:91:16:be:66:80:f8:dd:b0:dd:
6d:75:ef:89:c7:cc:27:17:b5:ae:39:01:2b:3e:de:9c:9d:79:
32:96:45:e2:10:34:d6:32:39:ad:86:ac:8e:be:87:06:a2:ec:
22:8d:ba:6b:13:14:9e:9d:dd:08:36:0c:89:32:bd:90:28:57:
b4:06:0a:a3:e0:0a:67:04:c2:76:6c:44:50:cf:d4:13:ac:be:
ec:c5:cf:41:74:b7:5b:62:3b:fe:51:78:f5:47:57:1c:e7:26:
28:61:2d:4b:be:30:76:b8:f0:1a:b7:b5:36:11:91:ab:8e:45:
a0:9c:3e:f8:ad:09:58:09:06:70:a8:58:3f:9b:3c:08:24:b5:
b7:35:e9:ad
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZakjklZudK1eHifHqeK2vqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwNTA2MDc0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk2ZDY5ZDk5MWRiNDFkNTc0MGZmYTU0ZDA2MjhmNGQ2MzAwYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu28asOhsvzfgzaL6dlBJhvAiCxX
60YzHkssW5KMfmXpVwoe0XS3TTObnCgmTlkhwuMGisQ507yhgFW1pblxgbTT2mNB
/qJyNc2bFQgIAKTiMCwi1TAjVVwPHCmnxhfbGU+Ec4E/eQmP36d9zbfjSZsNfdmw
Ow9kqM2NPWdW/mJ5S2ldiG2wuJofITGoYUNoVR2to/ayJYowhXxJJWfR4GqKSpUA
CcOIj9Dzk64x3cU2GifrmHekmU2YexHo7sEankIKj7kJ3+PWiyzgf+acdoWClD/h
LTGJ7dG+FjcLuv9mHJ6HibG0TxxRWRHZrzUd5U6XgyL3O1HOLSZ56U8dbQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHiW1p2ZHbQdV0D/pU0GKPTWMAvLMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvZUpiV25aa2R0QjFYUVAtbFRRWW85Tll3QzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAeBAIAATAYAwQDgrloAwQC
uRhEAwQCuWzYAwQDw4rwMCAEAgACMBowEQMGBSoBBKAgAwcAKgEEoCACAwUDKgZL
ADANBgkqhkiG9w0BAQsFAAOCAQEAS0egfru3E0uRo2gVzftH1jGgnChwW9DDLwqT
zpjHihtrh5AfWVET1bsoaIr81BpMgOMP/C/MS1Ivzoo8QMm9eXTh6lnUGXJAxjA9
HJ63Y7ZjlG4C17LFzBA0XJxPbz89H9A4SSk0kknx5U4EbSPxAQlK4w1UkRa+ZoD4
3bDdbXXvicfMJxe1rjkBKz7enJ15MpZF4hA01jI5rYasjr6HBqLsIo26axMUnp3d
CDYMiTK9kChXtAYKo+AKZwTCdmxEUM/UE6y+7MXPQXS3W2I7/lF49UdXHOcmKGEt
S74wdrjwGre1NhGRq45FoJw++K0JWAkGcKhYP5s8CCS1tzXprQ==
-----END CERTIFICATE-----
Generated at Sat May 10 20:49:46 2025 by rpki-client