Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/epViL3MVi9bWXcuzA24cAMVu98I.roa
File: epViL3MVi9bWXcuzA24cAMVu98I.roa (raw, json)
Hash identifier: SrcEH3xgjkVSJRtnVeoxwKETukrMGUr8rXBzqe4u9C8=
Subject key identifier: 7A:95:62:2F:73:15:8B:D6:D6:5D:CB:B3:03:6E:1C:00:C5:6E:F7:C2
Certificate issuer: /CN=a14e499240cea588541a7dc74f321c9141744bb6
Certificate serial: 01967D1EC43B570D748F24C3ACC6697DF2E1
Authority key identifier: A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/epViL3MVi9bWXcuzA24cAMVu98I.roa
Signing time: Mon 28 Apr 2025 15:58:10 +0000
ROA not before: Mon 28 Apr 2025 15:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47447
IP address blocks: 46.19.152.0/21 maxlen: 24
185.88.60.0/22 maxlen: 24
185.92.152.0/22 maxlen: 24
2a02:2980::/32 maxlen: 32
2a05:ca80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:1e:c4:3b:57:0d:74:8f:24:c3:ac:c6:69:7d:f2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14e499240cea588541a7dc74f321c9141744bb6
Validity
Not Before: Apr 28 15:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a95622f73158bd6d65dcbb3036e1c00c56ef7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6e:b1:b6:79:1a:a4:81:be:52:49:f4:6d:20:
4b:07:96:1e:68:91:52:a6:98:66:0e:2f:1d:7a:ed:
27:4d:5e:6b:d0:fb:59:f1:32:aa:c5:36:1b:ad:93:
dc:54:ac:fd:75:f9:2c:b6:92:50:8c:0f:28:61:4b:
09:e2:c2:df:cd:c8:7a:8d:59:5b:8c:68:69:c5:96:
59:fb:72:92:95:e1:dc:ea:80:70:63:93:4d:8d:a8:
88:70:ff:5b:17:40:aa:a9:3c:3b:2f:2c:e6:aa:54:
7f:5d:ef:e2:f8:dd:24:da:6b:18:4d:e7:ce:da:8f:
c1:c8:6c:ca:06:36:37:01:5a:44:39:70:bd:69:6a:
ad:73:d2:2e:db:48:0e:65:c5:e6:36:b7:03:8f:02:
30:10:55:03:d5:07:48:cb:7d:61:c7:7c:39:f3:f4:
e2:4c:a4:1e:fb:4e:0c:29:c7:f9:0d:43:fe:fd:ea:
c1:27:79:0f:93:3e:25:05:d0:1e:49:99:c8:57:97:
a1:70:8c:ec:a8:72:9f:24:19:50:84:6d:1b:0b:16:
9e:a5:8c:37:ae:ae:b5:d7:63:bc:fa:ba:48:03:36:
e4:a8:62:a5:02:cd:ca:3f:af:e1:49:c5:42:fb:91:
a4:34:67:fc:a0:f7:9d:f7:32:be:e7:24:b4:56:02:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:95:62:2F:73:15:8B:D6:D6:5D:CB:B3:03:6E:1C:00:C5:6E:F7:C2
X509v3 Authority Key Identifier:
keyid:A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/epViL3MVi9bWXcuzA24cAMVu98I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.152.0/21
185.88.60.0/22
185.92.152.0/22
IPv6:
2a02:2980::/32
2a05:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
11:23:cf:0f:34:0f:71:64:05:43:1f:53:ce:4a:15:ee:e9:07:
4d:b3:ea:5b:28:df:4a:16:1f:1a:92:d4:ff:52:76:97:c9:49:
aa:5b:b8:cd:41:e7:50:a1:0d:9e:75:37:26:00:21:b1:b0:f3:
e3:ba:a9:09:d8:3f:5d:35:b3:a1:c9:0b:ab:26:e1:7e:41:6a:
e1:78:73:78:05:73:43:bb:8c:b5:47:0f:42:a7:6c:4d:6c:bc:
0b:36:90:bb:a7:e8:9e:b2:26:8a:95:72:41:54:99:29:0f:2a:
b0:7c:1d:54:67:dc:29:77:a4:e0:63:fc:1a:8b:13:d5:b4:9a:
75:5b:c7:be:10:1d:86:f4:b3:90:bf:65:33:7d:bc:16:03:0c:
ab:8c:70:0a:d1:9e:67:48:35:a1:7a:5f:8a:42:01:9f:1c:a7:
6c:bf:d0:a1:cd:ee:f1:c2:b2:21:04:32:ee:9b:1b:bb:3c:0c:
ff:d4:c4:5f:f6:ee:47:fb:5e:5d:fd:e2:db:9a:c2:d7:77:69:
80:c2:1f:ff:f2:80:d6:51:34:20:9d:8a:5b:d0:38:ef:32:94:
6e:65:15:70:02:da:c5:ce:8f:0c:4a:c5:13:c4:35:7d:98:af:
82:24:8a:5e:03:b8:65:a5:4b:c0:02:1e:17:38:84:dc:af:ba:
d8:40:4d:48
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZZ9HsQ7Vw10jyTDrMZpffLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGU0OTkyNDBjZWE1ODg1NDFhN2RjNzRmMzIxYzkxNDE3
NDRiYjYwHhcNMjUwNDI4MTU1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk1NjIyZjczMTU4YmQ2ZDY1ZGNiYjMwMzZlMWMwMGM1NmVmN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm6xtnkapIG+Ukn0bSBLB5YeaJFS
pphmDi8deu0nTV5r0PtZ8TKqxTYbrZPcVKz9dfkstpJQjA8oYUsJ4sLfzch6jVlb
jGhpxZZZ+3KSleHc6oBwY5NNjaiIcP9bF0CqqTw7LyzmqlR/Xe/i+N0k2msYTefO
2o/ByGzKBjY3AVpEOXC9aWqtc9Iu20gOZcXmNrcDjwIwEFUD1QdIy31hx3w58/Ti
TKQe+04MKcf5DUP+/erBJ3kPkz4lBdAeSZnIV5ehcIzsqHKfJBlQhG0bCxaepYw3
rq6112O8+rpIAzbkqGKlAs3KP6/hScVC+5GkNGf8oPed9zK+5yS0VgKA5wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHqVYi9zFYvW1l3LswNuHADFbvfCMB8GA1UdIwQY
MBaAFKFOSZJAzqWIVBp9x08yHJFBdEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEt
MzZhODA4ZjNkMTRkLzEvZXBWaUwzTVZpOWJXWGN1ekEyNGNBTVZ1OThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEtMzZhODA4ZjNkMTRk
LzEvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDLhOYAwQC
uVg8AwQCuVyYMBQEAgACMA4DBQAqAimAAwUDKgXKgDANBgkqhkiG9w0BAQsFAAOC
AQEAESPPDzQPcWQFQx9TzkoV7ukHTbPqWyjfShYfGpLU/1J2l8lJqlu4zUHnUKEN
nnU3JgAhsbDz47qpCdg/XTWzockLqybhfkFq4XhzeAVzQ7uMtUcPQqdsTWy8CzaQ
u6fonrImipVyQVSZKQ8qsHwdVGfcKXek4GP8GosT1bSadVvHvhAdhvSzkL9lM328
FgMMq4xwCtGeZ0g1oXpfikIBnxynbL/Qoc3u8cKyIQQy7psbuzwM/9TEX/buR/te
Xf3i25rC13dpgMIf//KA1lE0IJ2KW9A47zKUbmUVcALaxc6PDErFE8Q1fZivgiSK
XgO4ZaVLwAIeFziE3K+62EBNSA==
-----END CERTIFICATE-----
Generated at Wed May 14 11:57:33 2025 by rpki-client