Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/tp2E5WChRbWLDaQeVxSsg5O3abg.roa
File: tp2E5WChRbWLDaQeVxSsg5O3abg.roa (raw, json)
Hash identifier: IJndAEau9okeEaFaIITFXTZaOD5OBeBTmwd5pMHOtQ8=
Subject key identifier: B6:9D:84:E5:60:A1:45:B5:8B:0D:A4:1E:57:14:AC:83:93:B7:69:B8
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01956CBE8438FCCC91C070E956911867927E
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/tp2E5WChRbWLDaQeVxSsg5O3abg.roa
Signing time: Thu 06 Mar 2025 18:36:19 +0000
ROA not before: Thu 06 Mar 2025 18:36:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44679
IP address blocks: 84.239.4.0/24 maxlen: 24
84.239.8.0/24 maxlen: 24
84.239.9.0/24 maxlen: 24
84.239.11.0/24 maxlen: 24
84.239.13.0/24 maxlen: 24
84.239.14.0/24 maxlen: 24
84.239.15.0/24 maxlen: 24
84.239.29.0/24 maxlen: 24
84.239.32.0/24 maxlen: 24
84.239.34.0/24 maxlen: 24
84.239.35.0/24 maxlen: 24
84.239.36.0/24 maxlen: 24
84.239.38.0/24 maxlen: 24
84.239.39.0/24 maxlen: 24
84.239.40.0/24 maxlen: 24
84.239.44.0/24 maxlen: 24
84.239.46.0/24 maxlen: 24
84.239.49.0/24 maxlen: 24
84.239.51.0/24 maxlen: 24
84.239.55.0/24 maxlen: 24
84.239.56.0/24 maxlen: 24
84.239.57.0/24 maxlen: 24
84.239.58.0/24 maxlen: 24
84.239.59.0/24 maxlen: 24
185.193.52.0/24 maxlen: 24
185.193.53.0/24 maxlen: 24
185.193.54.0/24 maxlen: 24
185.193.55.0/24 maxlen: 24
2a02:2160:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:be:84:38:fc:cc:91:c0:70:e9:56:91:18:67:92:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Mar 6 18:36:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b69d84e560a145b58b0da41e5714ac8393b769b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:60:ec:f3:83:63:ef:24:e1:a8:ec:cc:60:35:
20:c2:80:cd:08:f7:af:0f:44:c8:ec:60:63:59:73:
33:36:f6:b8:38:55:df:00:d1:f4:82:c9:66:e8:db:
b2:68:41:64:b7:31:4e:c7:cb:22:61:a2:49:b9:5d:
47:c9:03:a3:34:8c:00:8e:fc:cb:ad:3a:8a:cc:1e:
30:a8:b1:39:f3:1c:ae:4f:eb:90:4d:5c:4d:ed:6b:
1f:a7:10:63:6e:22:73:90:87:e5:a2:b7:03:00:a7:
c7:92:e4:bd:b4:28:05:cc:9b:97:0e:23:b4:7b:ae:
ac:6d:89:31:2c:df:71:c3:d0:58:0e:6a:cf:64:ef:
ca:d6:4e:bf:f7:6d:12:4e:92:1e:ef:93:c5:2b:89:
a8:a9:26:d4:9c:79:0c:b5:14:ed:84:04:4a:2f:cc:
80:e1:8f:e6:d2:8e:b4:b4:76:4f:a6:ee:c6:d8:70:
8f:fd:33:37:5a:f1:54:a1:43:40:5f:f7:b5:52:9a:
09:d3:66:55:7f:fe:9c:6e:3a:2f:36:99:70:31:3f:
e6:1f:28:b7:93:c2:b1:96:7d:5d:fb:33:d5:1a:89:
ce:c2:66:d9:86:8c:03:92:6a:0f:69:a0:fc:29:f8:
2b:53:c6:2b:a0:ec:46:1d:5a:5a:46:af:81:90:a6:
e1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9D:84:E5:60:A1:45:B5:8B:0D:A4:1E:57:14:AC:83:93:B7:69:B8
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/tp2E5WChRbWLDaQeVxSsg5O3abg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.4.0/24
84.239.8.0/23
84.239.11.0/24
84.239.13.0-84.239.15.255
84.239.29.0/24
84.239.32.0/24
84.239.34.0-84.239.36.255
84.239.38.0-84.239.40.255
84.239.44.0/24
84.239.46.0/24
84.239.49.0/24
84.239.51.0/24
84.239.55.0-84.239.59.255
185.193.52.0/22
IPv6:
2a02:2160:8000::/36
Signature Algorithm: sha256WithRSAEncryption
83:8c:b1:1f:cf:96:21:32:d9:11:3a:73:4c:28:3e:da:8a:58:
1e:90:a6:7a:b9:44:72:8b:3b:16:0a:d0:e2:44:96:aa:7e:6b:
d5:1b:f3:93:90:dc:e0:ed:1f:87:6a:bb:69:4e:7a:d8:a3:d5:
0d:14:49:5e:ac:1f:e1:d2:63:94:de:2e:a9:cf:04:5f:4c:2d:
66:3d:92:fe:49:83:88:49:cf:93:9a:f1:c9:9d:11:b3:c2:fb:
bd:3b:cd:a8:0f:69:a5:de:4f:26:46:75:41:1d:c6:0d:ed:16:
cd:8b:df:fa:2d:eb:94:e6:a9:0b:83:a7:5f:af:63:c7:f2:d8:
ed:63:aa:ea:31:5a:73:9d:fc:2d:7a:5a:2c:86:2a:7b:50:50:
6e:2c:9b:60:c3:45:55:64:d8:9b:6f:0b:65:ea:22:94:9a:e5:
42:a3:f6:44:a2:70:ad:e7:04:9e:43:fc:ad:c5:f6:66:c4:d7:
36:18:28:2a:2f:12:e9:6e:54:dd:a5:8a:03:85:3d:18:bb:39:
44:7c:72:73:57:b9:89:ef:0d:b1:c1:2e:90:52:73:c9:22:46:
b3:ae:03:ad:5e:e9:e0:5c:e2:a2:81:73:14:d8:d7:9c:93:01:
4d:21:10:98:bc:6b:4b:75:94:2f:34:b9:74:c4:85:20:63:3c:
ee:1f:23:9c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZVsvoQ4/MyRwHDpVpEYZ5J+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMzA2MTgzNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjlkODRlNTYwYTE0NWI1OGIwZGE0MWU1NzE0YWM4MzkzYjc2OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72Ds84Nj7yThqOzMYDUgwoDNCPev
D0TI7GBjWXMzNva4OFXfANH0gslm6NuyaEFktzFOx8siYaJJuV1HyQOjNIwAjvzL
rTqKzB4wqLE58xyuT+uQTVxN7WsfpxBjbiJzkIflorcDAKfHkuS9tCgFzJuXDiO0
e66sbYkxLN9xw9BYDmrPZO/K1k6/920STpIe75PFK4moqSbUnHkMtRTthARKL8yA
4Y/m0o60tHZPpu7G2HCP/TM3WvFUoUNAX/e1UpoJ02ZVf/6cbjovNplwMT/mHyi3
k8Kxln1d+zPVGonOwmbZhowDkmoPaaD8KfgrU8YroOxGHVpaRq+BkKbhSQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFLadhOVgoUW1iw2kHlcUrIOTt2m4MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvdHAyRTVXQ2hSYldMRGFRZVZ4U3NnNU8zYWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQAVO8E
AwQBVO8IAwQAVO8LMAwDBABU7w0DBARU7wADBABU7x0DBABU7yAwDAMEAVTvIgME
AFTvJDAMAwQBVO8mAwQAVO8oAwQAVO8sAwQAVO8uAwQAVO8xAwQAVO8zMAwDBABU
7zcDBAJU7zgDBAK5wTQwDgQCAAIwCAMGBCoCIWCAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDjLEfz5YhMtkROnNMKD7ailgekKZ6uURyizsWCtDiRJaqfmvVG/OTkNzg7R+H
artpTnrYo9UNFElerB/h0mOU3i6pzwRfTC1mPZL+SYOISc+TmvHJnRGzwvu9O82o
D2ml3k8mRnVBHcYN7RbNi9/6LeuU5qkLg6dfr2PH8tjtY6rqMVpznfwteloship7
UFBuLJtgw0VVZNibbwtl6iKUmuVCo/ZEonCt5wSeQ/ytxfZmxNc2GCgqLxLpblTd
pYoDhT0YuzlEfHJzV7mJ7w2xwS6QUnPJIkazrgOtXungXOKigXMU2NeckwFNIRCY
vGtLdZQvNLl0xIUgYzzuHyOc
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:39:38 2025 by rpki-client