Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/meKHpovGdB4bkHh1XXR1ExLPB-w.roa
File: meKHpovGdB4bkHh1XXR1ExLPB-w.roa (raw, json)
Hash identifier: fUS6khGidxNfptHJmzXmdTQGgfqFk4mALBHny815Klg=
Subject key identifier: 99:E2:87:A6:8B:C6:74:1E:1B:90:78:75:5D:74:75:13:12:CF:07:EC
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 01969141309BF899AEF2D41F0896F7057F7E
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/meKHpovGdB4bkHh1XXR1ExLPB-w.roa
Signing time: Fri 02 May 2025 13:48:10 +0000
ROA not before: Fri 02 May 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 185.113.8.0/24 maxlen: 24
213.111.160.0/22 maxlen: 22
213.111.164.0/22 maxlen: 22
213.111.168.0/22 maxlen: 22
213.111.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:41:30:9b:f8:99:ae:f2:d4:1f:08:96:f7:05:7f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: May 2 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99e287a68bc6741e1b9078755d74751312cf07ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e1:b2:17:43:e9:16:0f:c9:2d:1e:bc:0d:29:
d3:18:45:ae:bc:88:b7:7d:23:46:b0:cc:ec:8d:f8:
db:09:cb:5a:23:49:e4:cf:0b:99:a5:33:02:11:a9:
b4:0d:ce:c3:dd:27:e4:03:8e:b7:f1:e4:e8:e6:fb:
e2:0f:d8:e3:21:13:78:76:0a:66:2e:3c:23:8b:dd:
09:05:b3:50:43:4b:7e:81:af:9d:20:ba:6a:39:84:
00:79:52:fd:6e:db:16:2a:18:7f:93:23:59:12:f6:
83:43:5f:94:bf:34:5f:dd:eb:48:51:d9:4e:65:7d:
db:e0:b2:d8:73:30:94:13:8f:7e:d2:bc:25:b2:8e:
62:84:b2:cd:3f:74:6d:01:ca:75:f2:96:d2:46:58:
2d:12:3c:43:f3:99:55:c6:b8:79:03:4a:0f:86:e7:
00:50:79:59:e1:5a:5a:f5:1c:b9:fc:e6:25:89:79:
7c:72:2f:52:b5:30:ce:43:10:69:1b:0d:0a:12:de:
d3:52:04:b0:aa:b0:dc:28:4d:ff:6b:cc:89:19:9b:
c5:14:fe:ce:1e:90:60:21:69:ea:31:0d:33:96:69:
23:eb:15:23:0a:49:3a:70:87:e4:99:be:08:98:0d:
b7:fd:6e:de:a8:5a:de:5b:56:cb:cd:f4:d7:5d:fb:
72:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E2:87:A6:8B:C6:74:1E:1B:90:78:75:5D:74:75:13:12:CF:07:EC
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/meKHpovGdB4bkHh1XXR1ExLPB-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.8.0/24
213.111.160.0/20
Signature Algorithm: sha256WithRSAEncryption
40:28:d3:79:56:59:a1:60:53:5a:d8:03:60:7e:22:63:e7:e0:
3a:28:38:73:2a:9f:f2:e5:73:70:64:7e:72:96:05:2c:0c:2c:
d7:d1:e1:8a:58:9e:67:76:fa:48:86:9e:8b:54:65:dd:f5:d1:
63:c9:85:22:8e:b4:9e:1d:88:8f:ab:8b:e0:45:53:16:d1:dc:
14:2f:43:cd:eb:e7:83:4a:30:e2:08:07:e7:9f:9d:19:b4:aa:
13:b9:e6:8e:6f:f5:39:cc:99:95:ba:84:ef:e8:71:b1:71:bb:
3b:13:e9:cd:a9:b7:e2:59:62:ac:8c:52:98:a5:42:95:63:99:
e8:14:5b:81:bd:c0:c2:34:dc:f9:59:1f:49:53:bc:e4:a7:44:
65:26:51:79:c2:79:a7:40:3a:da:3c:a1:a6:dd:74:cd:1c:cd:
95:4a:49:09:c9:c7:3f:65:a0:cc:9a:c3:e8:89:1b:33:6e:6c:
c1:01:a9:69:0b:5e:f6:e5:fd:98:62:eb:91:81:3f:b3:07:45:
a2:f0:63:70:91:e9:86:9f:1f:d6:0e:09:62:ff:57:94:1a:38:
2d:5c:46:0c:61:ce:d2:6e:20:f2:1a:2b:2e:40:52:5a:8e:c3:
39:e6:6b:e0:e8:c2:53:21:67:50:2c:d8:c6:18:97:5e:cc:f3:
f1:e9:9a:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaRQTCb+Jmu8tQfCJb3BX9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjUwNTAyMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWUyODdhNjhiYzY3NDFlMWI5MDc4NzU1ZDc0NzUxMzEyY2YwN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOGyF0PpFg/JLR68DSnTGEWuvIi3
fSNGsMzsjfjbCctaI0nkzwuZpTMCEam0Dc7D3SfkA4638eTo5vviD9jjIRN4dgpm
Ljwji90JBbNQQ0t+ga+dILpqOYQAeVL9btsWKhh/kyNZEvaDQ1+UvzRf3etIUdlO
ZX3b4LLYczCUE49+0rwlso5ihLLNP3RtAcp18pbSRlgtEjxD85lVxrh5A0oPhucA
UHlZ4Vpa9Ry5/OYliXl8ci9StTDOQxBpGw0KEt7TUgSwqrDcKE3/a8yJGZvFFP7O
HpBgIWnqMQ0zlmkj6xUjCkk6cIfkmb4ImA23/W7eqFreW1bLzfTXXftyRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJnih6aLxnQeG5B4dV10dRMSzwfsMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvbWVLSHBvdkdkQjRia0hoMVhYUjFFeExQQi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXEIAwQE
1W+gMA0GCSqGSIb3DQEBCwUAA4IBAQBAKNN5VlmhYFNa2ANgfiJj5+A6KDhzKp/y
5XNwZH5ylgUsDCzX0eGKWJ5ndvpIhp6LVGXd9dFjyYUijrSeHYiPq4vgRVMW0dwU
L0PN6+eDSjDiCAfnn50ZtKoTueaOb/U5zJmVuoTv6HGxcbs7E+nNqbfiWWKsjFKY
pUKVY5noFFuBvcDCNNz5WR9JU7zkp0RlJlF5wnmnQDraPKGm3XTNHM2VSkkJycc/
ZaDMmsPoiRszbmzBAalpC1725f2YYuuRgT+zB0Wi8GNwkemGnx/WDgli/1eUGjgt
XEYMYc7SbiDyGisuQFJajsM55mvg6MJTIWdQLNjGGJdezPPx6Zpq
-----END CERTIFICATE-----
Generated at Thu May 8 04:16:58 2025 by rpki-client