Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/xpbeDPeraC0lsT88_DSzZTcvzFU.roa
File: xpbeDPeraC0lsT88_DSzZTcvzFU.roa (raw, json)
Hash identifier: 7vANxALGvUHJgNJxUW1TqxLJ7J9U0tCgO5zgV2ERDWI=
Subject key identifier: C6:96:DE:0C:F7:AB:68:2D:25:B1:3F:3C:FC:34:B3:65:37:2F:CC:55
Certificate issuer: /CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
Certificate serial: 0194266C05EBBD69A5E63F97E21CD8BB5B4D
Authority key identifier: D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/xpbeDPeraC0lsT88_DSzZTcvzFU.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203053
IP address blocks: 31.14.56.0/24 maxlen: 24
37.156.4.0/24 maxlen: 24
37.156.180.0/24 maxlen: 24
37.156.181.0/24 maxlen: 24
85.204.69.0/24 maxlen: 24
86.105.228.0/24 maxlen: 24
86.107.43.0/24 maxlen: 24
86.107.78.0/24 maxlen: 24
86.107.79.0/24 maxlen: 24
89.36.154.0/24 maxlen: 24
89.37.29.0/24 maxlen: 24
89.39.209.0/24 maxlen: 24
89.40.32.0/24 maxlen: 24
89.40.33.0/24 maxlen: 24
89.42.13.0/24 maxlen: 24
89.44.105.0/24 maxlen: 24
93.113.54.0/24 maxlen: 24
93.113.55.0/24 maxlen: 24
93.114.248.0/24 maxlen: 24
93.119.122.0/24 maxlen: 24
94.176.213.0/24 maxlen: 24
176.126.172.0/24 maxlen: 24
176.223.167.0/24 maxlen: 24
185.146.84.0/22 maxlen: 22
185.146.85.0/24 maxlen: 24
185.146.86.0/24 maxlen: 24
185.146.87.0/24 maxlen: 24
188.212.127.0/24 maxlen: 24
188.212.252.0/24 maxlen: 24
188.212.255.0/24 maxlen: 24
188.214.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/0FXguG8_USUFSGPPkmTmNG4Ju7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/0FXguG8_USUFSGPPkmTmNG4Ju7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:05:eb:bd:69:a5:e6:3f:97:e2:1c:d8:bb:5b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c696de0cf7ab682d25b13f3cfc34b365372fcc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:d6:25:e3:c7:eb:17:a6:9f:b3:0d:47:f3:
db:8c:f6:aa:18:02:5d:44:61:c5:60:0a:df:56:4c:
9e:9f:a8:20:4b:e9:ee:79:88:d2:a9:af:1b:a2:94:
7b:60:0e:e7:1d:b5:dd:7a:c3:3e:62:42:1d:d3:6f:
5b:45:f2:24:0f:32:dd:94:4d:e3:89:c6:f7:b2:ab:
a7:f7:73:f1:28:44:07:f9:34:21:ff:da:9f:d2:30:
37:95:76:73:1e:89:8c:26:fc:c3:d9:65:a8:08:f9:
f5:15:5f:69:e3:84:2d:98:09:ce:00:d1:18:06:7f:
c5:0b:1a:db:39:3b:a2:f8:7a:c9:48:28:55:cf:fc:
c7:53:d3:0d:da:f4:3b:d5:28:b2:4c:97:f1:d3:1d:
62:68:6b:79:57:c8:c7:23:09:b4:2b:8b:80:d6:b1:
5f:32:09:40:d3:b2:e8:b7:c2:82:df:e3:dc:3c:47:
8e:bc:af:58:33:10:e9:60:3a:12:49:47:99:11:46:
9c:69:91:1d:72:bb:5c:68:a2:59:12:54:be:97:a3:
9a:82:51:db:cc:13:f9:e0:a5:3c:5f:6a:2e:91:a7:
de:ac:d8:40:5b:cc:3e:50:8a:9b:19:c3:c1:3a:7c:
8f:65:27:23:8a:75:28:d5:11:04:af:01:92:03:fd:
c1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:96:DE:0C:F7:AB:68:2D:25:B1:3F:3C:FC:34:B3:65:37:2F:CC:55
X509v3 Authority Key Identifier:
keyid:D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/xpbeDPeraC0lsT88_DSzZTcvzFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/0FXguG8_USUFSGPPkmTmNG4Ju7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.56.0/24
37.156.4.0/24
37.156.180.0/23
85.204.69.0/24
86.105.228.0/24
86.107.43.0/24
86.107.78.0/23
89.36.154.0/24
89.37.29.0/24
89.39.209.0/24
89.40.32.0/23
89.42.13.0/24
89.44.105.0/24
93.113.54.0/23
93.114.248.0/24
93.119.122.0/24
94.176.213.0/24
176.126.172.0/24
176.223.167.0/24
185.146.84.0/22
188.212.127.0/24
188.212.252.0/24
188.212.255.0/24
188.214.214.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:43:bc:08:b5:ee:ae:2b:cb:31:5c:46:f7:f1:d4:e9:fd:b7:
fd:4b:ec:6b:5f:c5:e4:57:5d:4f:f4:9e:3f:fa:da:91:6b:4b:
8a:ba:5d:7f:55:7e:87:77:b9:e8:14:11:fe:7e:4a:55:d0:f3:
1b:a2:d1:47:9c:3f:e2:9c:c3:f9:e7:4b:a1:52:9d:7d:ec:ca:
8d:83:e9:a9:cb:89:a8:92:0c:91:b0:77:08:61:3e:8c:34:85:
48:66:7b:1c:08:66:a1:88:ab:08:a7:c5:b1:a2:1f:c3:68:c9:
3d:0f:02:83:0a:34:a4:a8:c7:55:14:7e:ef:68:a8:f1:b1:25:
07:ef:25:8d:be:3d:4f:04:7b:6e:f6:07:8d:4b:06:94:30:f6:
98:bf:20:72:74:f5:57:87:c1:c9:7e:1b:2f:7c:be:ba:f5:1c:
8f:e8:c4:61:38:8a:c2:da:94:90:c0:14:e1:4e:ac:72:d2:b7:
75:db:bc:37:32:83:21:4f:23:a1:e2:dc:13:bc:11:cb:ac:db:
f9:27:c3:af:8d:48:d3:af:74:b8:75:f4:d0:66:dc:cd:b4:2e:
51:da:32:04:ca:87:38:bd:ff:5f:67:98:d1:34:1f:67:0e:74:
bf:15:65:a0:5b:0c:3f:c4:ca:cb:86:b7:93:24:92:3f:14:71:
4e:f6:17:68
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQmbAXrvWml5j+X4hzYu1tNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNTVlMGI4NmYzZjUxMjUwNTQ4NjNjZjkyNjRlNjM0NmUw
OWJiYjcwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk2ZGUwY2Y3YWI2ODJkMjViMTNmM2NmYzM0YjM2NTM3MmZjYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhvWJePH6xemn7MNR/PbjPaqGAJd
RGHFYArfVkyen6ggS+nueYjSqa8bopR7YA7nHbXdesM+YkId029bRfIkDzLdlE3j
icb3squn93PxKEQH+TQh/9qf0jA3lXZzHomMJvzD2WWoCPn1FV9p44QtmAnOANEY
Bn/FCxrbOTui+HrJSChVz/zHU9MN2vQ71SiyTJfx0x1iaGt5V8jHIwm0K4uA1rFf
MglA07Lot8KC3+PcPEeOvK9YMxDpYDoSSUeZEUacaZEdcrtcaKJZElS+l6OaglHb
zBP54KU8X2oukaferNhAW8w+UIqbGcPBOnyPZScjinUo1REErwGSA/3BgwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFMaW3gz3q2gtJbE/PPw0s2U3L8xVMB8GA1UdIwQY
MBaAFNBV4LhvP1ElBUhjz5Jk5jRuCbu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQt
Zjk4YzdmZWMxOTRlLzEveHBiZURQZXJhQzBsc1Q4OF9EU3paVGN2ekZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQtZjk4YzdmZWMxOTRl
LzEvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAf
DjgDBAAlnAQDBAElnLQDBABVzEUDBABWaeQDBABWaysDBAFWa04DBABZJJoDBABZ
JR0DBABZJ9EDBAFZKCADBABZKg0DBABZLGkDBAFdcTYDBABdcvgDBABdd3oDBABe
sNUDBACwfqwDBACw36cDBAK5klQDBAC81H8DBAC81PwDBAC81P8DBAC81tYwDQYJ
KoZIhvcNAQELBQADggEBAGpDvAi17q4ryzFcRvfx1On9t/1L7GtfxeRXXU/0nj/6
2pFrS4q6XX9Vfod3uegUEf5+SlXQ8xui0UecP+Kcw/nnS6FSnX3syo2D6anLiaiS
DJGwdwhhPow0hUhmexwIZqGIqwinxbGiH8NoyT0PAoMKNKSox1UUfu9oqPGxJQfv
JY2+PU8Ee272B41LBpQw9pi/IHJ09VeHwcl+Gy98vrr1HI/oxGE4isLalJDAFOFO
rHLSt3XbvDcygyFPI6Hi3BO8Ecus2/knw6+NSNOvdLh19NBm3M20LlHaMgTKhzi9
/19nmNE0H2cOdL8VZaBbDD/EysuGt5Mkkj8UcU72F2g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:42:17 2025 by rpki-client