Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/yVrQ3Ged2FsAZHuyhUIqmxL0_HE.roa
File: yVrQ3Ged2FsAZHuyhUIqmxL0_HE.roa (raw, json)
Hash identifier: heQJwpouLwsKxWKG0olSeDKYbngN2NrPz+JJTgLlRd0=
Subject key identifier: C9:5A:D0:DC:67:9D:D8:5B:00:64:7B:B2:85:42:2A:9B:12:F4:FC:71
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 0196805C3C139AF9F963348867E1CC6A67F3
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/yVrQ3Ged2FsAZHuyhUIqmxL0_HE.roa
Signing time: Tue 29 Apr 2025 07:04:10 +0000
ROA not before: Tue 29 Apr 2025 07:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 93.180.222.0/23 maxlen: 23
93.180.222.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:5c:3c:13:9a:f9:f9:63:34:88:67:e1:cc:6a:67:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Apr 29 07:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c95ad0dc679dd85b00647bb285422a9b12f4fc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:01:61:c5:2e:5f:c3:6d:11:df:86:8d:3e:
3f:a5:7a:4d:65:e5:14:84:da:b1:45:6e:a2:f3:3b:
24:19:45:58:d4:e7:a9:53:77:6b:47:61:a3:72:7f:
a6:1e:9c:bc:45:81:59:79:81:4e:07:d2:0a:9d:30:
82:cf:3e:3b:e7:c5:a7:80:62:b1:66:78:49:6b:d9:
cf:11:2f:04:27:a2:c9:c1:bb:61:f1:fb:82:a9:05:
1e:f5:dd:c2:99:fe:d3:c4:19:eb:3c:94:1d:8a:2c:
dd:cf:f3:68:ab:47:3f:5a:a1:61:9a:52:b1:77:2f:
62:c0:4d:fb:f3:a4:fc:bb:a0:5e:df:53:c7:1d:71:
ec:67:14:dd:22:4d:a4:a0:c6:8d:ea:02:65:6a:85:
83:89:b9:ac:e2:91:9c:2a:44:4e:11:d5:66:8c:4c:
57:54:f4:f7:d3:7b:86:dc:6c:03:ea:f1:01:b2:df:
27:81:f4:d8:a5:67:5c:a4:61:f4:d7:f9:bb:05:8f:
de:e4:0b:62:1d:6e:00:e6:fc:02:db:ab:e9:08:e4:
9a:ae:f1:14:a4:70:2b:fd:6f:56:28:dd:46:1a:c9:
91:62:ea:20:48:9e:98:cc:5e:f5:dc:17:38:a9:bc:
dc:17:a1:9e:6d:4c:55:c4:f2:e5:8f:fa:da:6d:c1:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5A:D0:DC:67:9D:D8:5B:00:64:7B:B2:85:42:2A:9B:12:F4:FC:71
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/yVrQ3Ged2FsAZHuyhUIqmxL0_HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.222.0/23
185.254.15.0/24
199.74.188.0/24
199.74.190.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:8d:17:d7:97:ee:82:8d:8b:8a:ff:2a:15:85:e0:ae:62:26:
92:89:35:d5:06:3c:a6:13:12:3b:ad:45:b9:48:75:3d:62:d1:
7e:2a:d4:3c:ae:51:d4:07:6a:aa:c5:fc:2a:29:17:4c:55:b4:
4f:cc:a1:08:a5:bd:61:94:6a:96:b9:2a:fa:a5:38:28:25:9e:
73:9b:02:3f:79:00:11:5b:00:f7:5b:3b:82:35:7d:e0:7d:1e:
15:4d:3d:dc:76:56:5c:6e:84:7e:fb:69:3e:82:da:0f:cd:be:
bc:e2:6d:6c:06:34:de:23:9a:8a:72:6d:59:14:f0:e6:b9:58:
95:4d:26:2a:f1:cc:01:2b:1b:7b:0f:ee:d6:36:f4:64:dd:cc:
b4:7e:f0:cb:68:25:4e:4e:01:d6:63:4d:a0:26:97:84:2f:c5:
1b:ce:3f:c0:cc:33:47:4e:5b:7e:56:52:c7:b8:6d:bb:b1:4b:
5b:d5:a6:78:50:d2:a8:8f:45:ba:34:f1:7f:e1:5a:3b:32:29:
3c:e1:bd:38:95:97:33:6f:fe:e9:25:91:9c:1e:ef:81:4b:29:
44:19:b3:eb:d5:27:5f:57:58:16:7d:59:b8:3a:b3:da:bb:b1:
48:41:28:40:f5:c5:3b:0e:3f:31:a6:53:1e:f0:30:df:6d:4a:
c7:be:26:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaAXDwTmvn5YzSIZ+HMamfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwNDI5MDcwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVhZDBkYzY3OWRkODViMDA2NDdiYjI4NTQyMmE5YjEyZjRmYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcEBYcUuX8NtEd+GjT4/pXpNZeUU
hNqxRW6i8zskGUVY1OepU3drR2Gjcn+mHpy8RYFZeYFOB9IKnTCCzz4758WngGKx
ZnhJa9nPES8EJ6LJwbth8fuCqQUe9d3Cmf7TxBnrPJQdiizdz/Noq0c/WqFhmlKx
dy9iwE3786T8u6Be31PHHXHsZxTdIk2koMaN6gJlaoWDibms4pGcKkROEdVmjExX
VPT303uG3GwD6vEBst8ngfTYpWdcpGH01/m7BY/e5AtiHW4A5vwC26vpCOSarvEU
pHAr/W9WKN1GGsmRYuogSJ6YzF713Bc4qbzcF6GebUxVxPLlj/rabcEZ0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMla0NxnndhbAGR7soVCKpsS9PxxMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEveVZyUTNHZWQyRnNBWkh1eWhVSXFteEwwX0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBXbTeAwQA
uf4PAwQAx0q8AwQAx0q+MA0GCSqGSIb3DQEBCwUAA4IBAQDHjRfXl+6CjYuK/yoV
heCuYiaSiTXVBjymExI7rUW5SHU9YtF+KtQ8rlHUB2qqxfwqKRdMVbRPzKEIpb1h
lGqWuSr6pTgoJZ5zmwI/eQARWwD3WzuCNX3gfR4VTT3cdlZcboR++2k+gtoPzb68
4m1sBjTeI5qKcm1ZFPDmuViVTSYq8cwBKxt7D+7WNvRk3cy0fvDLaCVOTgHWY02g
JpeEL8Ubzj/AzDNHTlt+VlLHuG27sUtb1aZ4UNKoj0W6NPF/4Vo7Mik84b04lZcz
b/7pJZGcHu+BSylEGbPr1SdfV1gWfVm4OrPau7FIQShA9cU7Dj8xplMe8DDfbUrH
viaA
-----END CERTIFICATE-----
Generated at Sat May 10 03:32:46 2025 by rpki-client