Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/eI5OybFO6F3Cte5WRbis39BGYq0.roa
File: eI5OybFO6F3Cte5WRbis39BGYq0.roa (raw, json)
Hash identifier: VMECrPDlMwDvEnBV7WpuFgQn71bLIy+17ZYTsOibG74=
Subject key identifier: 78:8E:4E:C9:B1:4E:E8:5D:C2:B5:EE:56:45:B8:AC:DF:D0:46:62:AD
Certificate issuer: /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Certificate serial: 0196A2270D10509E6D4F06DC3D66BB3231A2
Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/eI5OybFO6F3Cte5WRbis39BGYq0.roa
Signing time: Mon 05 May 2025 20:33:10 +0000
ROA not before: Mon 05 May 2025 20:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52000
IP address blocks: 185.15.209.0/24 maxlen: 24
185.15.210.0/24 maxlen: 24
185.15.211.0/24 maxlen: 24
185.142.32.0/24 maxlen: 24
185.142.34.0/23 maxlen: 23
185.142.35.0/24 maxlen: 24
194.213.24.0/24 maxlen: 24
194.242.33.0/24 maxlen: 24
194.242.38.0/24 maxlen: 24
2a03:afc0:1::/48 maxlen: 48
2a03:afc0:2::/48 maxlen: 48
2a03:afc0:3::/48 maxlen: 48
2a03:afc0:5::/48 maxlen: 48
2a03:afc0:6::/48 maxlen: 48
2a03:afc0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.mft
rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a2:27:0d:10:50:9e:6d:4f:06:dc:3d:66:bb:32:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Validity
Not Before: May 5 20:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=788e4ec9b14ee85dc2b5ee5645b8acdfd04662ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8c:1d:76:24:92:69:69:5a:18:34:84:d7:43:
21:ef:0b:52:d6:67:33:dd:67:e4:59:d8:c7:ed:65:
4d:22:dc:80:60:4b:7a:3c:3a:b6:4a:19:08:1a:c5:
33:1a:72:19:28:3e:92:18:29:bd:b3:1f:cc:94:8a:
f7:e7:e5:ea:39:ae:3d:da:13:e2:d7:ab:77:63:10:
3c:57:ea:d6:aa:2c:af:76:6b:5a:dd:a2:01:d5:ef:
cf:d4:67:aa:b9:54:23:d5:3a:b1:4c:75:db:6e:ea:
df:0e:a8:ef:d3:14:89:5b:45:19:18:2e:31:1c:b3:
e8:c3:51:1b:2f:40:20:46:79:37:d4:b9:8e:5e:d1:
b3:ad:15:88:44:20:4a:27:3a:f1:b0:aa:16:95:88:
9d:57:46:26:b8:d8:12:8a:b1:5c:19:bd:ac:3e:cd:
36:19:75:d4:14:5b:f8:58:74:4f:d9:bf:5d:72:14:
8d:4b:49:6e:78:39:cd:b3:2b:6f:2a:4f:2a:bc:ff:
1c:a5:3b:fd:33:e8:15:e0:b3:d4:1d:8c:ab:57:35:
be:ec:9b:bb:2e:75:16:3e:ab:1f:2d:76:20:71:d8:
81:e7:50:a1:9a:2b:24:d6:c7:71:c4:86:5d:68:af:
11:20:e2:db:12:9b:87:04:e8:6f:05:fa:f0:d0:0e:
a3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8E:4E:C9:B1:4E:E8:5D:C2:B5:EE:56:45:B8:AC:DF:D0:46:62:AD
X509v3 Authority Key Identifier:
keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/eI5OybFO6F3Cte5WRbis39BGYq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.209.0-185.15.211.255
185.142.32.0/24
185.142.34.0/23
194.213.24.0/24
194.242.33.0/24
194.242.38.0/24
IPv6:
2a03:afc0:1::-2a03:afc0:3:ffff:ffff:ffff:ffff:ffff
2a03:afc0:5::-2a03:afc0:6:ffff:ffff:ffff:ffff:ffff
2a03:afc0:8::/48
Signature Algorithm: sha256WithRSAEncryption
71:72:3a:d8:d8:77:c6:85:da:18:43:53:73:04:56:8a:28:66:
1a:c5:59:e1:04:96:78:c5:90:38:38:8f:e8:e0:b8:1f:07:f0:
0e:57:b8:cc:cf:d5:1d:d7:e8:88:6d:60:96:9e:f4:e2:ab:a6:
38:f0:c6:d6:df:b3:3b:d6:29:cc:30:d6:fc:ac:f6:c4:a8:6c:
29:69:5e:89:64:bc:a9:ae:72:3d:2e:78:a2:22:78:cc:4f:07:
0e:c4:db:ae:bb:9c:95:e7:e9:ac:79:4f:90:37:16:5c:89:41:
91:01:06:1b:69:2e:a1:fa:1e:20:4f:80:71:fc:ec:28:43:6d:
8a:47:1f:c7:5b:16:ec:c5:a8:d2:c0:a2:48:b5:19:33:ed:5d:
e7:b0:91:7c:d6:32:93:e4:6c:cb:76:0f:99:ec:2a:f3:21:fa:
5f:c0:cd:48:f1:ec:f4:16:51:12:f5:f7:8c:9c:55:de:2a:ed:
b1:b4:78:5c:b1:e2:a7:c0:fa:50:4f:c4:d8:fd:45:c8:0a:9c:
1a:40:bc:a3:0b:79:9c:08:d0:0d:79:92:39:47:8f:2c:fe:32:
e2:a7:d5:1c:af:45:04:fd:b0:41:bc:45:ad:17:82:8c:0d:de:
3d:87:d7:35:82:c2:4c:c5:ce:87:0c:42:e5:cb:fd:9f:f9:34:
15:96:0c:ec
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZaiJw0QUJ5tTwbcPWa7MjGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk
MGVlNGEwHhcNMjUwNTA1MjAzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhlNGVjOWIxNGVlODVkYzJiNWVlNTY0NWI4YWNkZmQwNDY2MmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYwddiSSaWlaGDSE10Mh7wtS1mcz
3WfkWdjH7WVNItyAYEt6PDq2ShkIGsUzGnIZKD6SGCm9sx/MlIr35+XqOa492hPi
16t3YxA8V+rWqiyvdmta3aIB1e/P1GequVQj1TqxTHXbburfDqjv0xSJW0UZGC4x
HLPow1EbL0AgRnk31LmOXtGzrRWIRCBKJzrxsKoWlYidV0YmuNgSirFcGb2sPs02
GXXUFFv4WHRP2b9dchSNS0lueDnNsytvKk8qvP8cpTv9M+gV4LPUHYyrVzW+7Ju7
LnUWPqsfLXYgcdiB51Chmisk1sdxxIZdaK8RIOLbEpuHBOhvBfrw0A6jmwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHiOTsmxTuhdwrXuVkW4rN/QRmKtMB8GA1UdIwQY
MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt
Y2RjMzFkNWZiOGE0LzEvZUk1T3liRk82RjNDdGU1V1JiaXMzOUJHWXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0
LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTAyBAIAATAsMAwDBAC5D9ED
BAK5D9ADBAC5jiADBAG5jiIDBADC1RgDBADC8iEDBADC8iYwNwQCAAIwMTASAwcA
KgOvwAABAwcCKgOvwAAAMBIDBwAqA6/AAAUDBwAqA6/AAAYDBwAqA6/AAAgwDQYJ
KoZIhvcNAQELBQADggEBAHFyOtjYd8aF2hhDU3MEVoooZhrFWeEElnjFkDg4j+jg
uB8H8A5XuMzP1R3X6IhtYJae9OKrpjjwxtbfszvWKcww1vys9sSobClpXolkvKmu
cj0ueKIieMxPBw7E2667nJXn6ax5T5A3FlyJQZEBBhtpLqH6HiBPgHH87ChDbYpH
H8dbFuzFqNLAoki1GTPtXeewkXzWMpPkbMt2D5nsKvMh+l/AzUjx7PQWURL194yc
Vd4q7bG0eFyx4qfA+lBPxNj9RcgKnBpAvKMLeZwI0A15kjlHjyz+MuKn1RyvRQT9
sEG8Ra0XgowN3j2H1zWCwkzFzocMQuXL/Z/5NBWWDOw=
-----END CERTIFICATE-----
Generated at Thu May 8 06:37:55 2025 by rpki-client