Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/EGFdZlaTjbOVYClf_Y2avAhZpcQ.roa
File: EGFdZlaTjbOVYClf_Y2avAhZpcQ.roa (raw, json)
Hash identifier: x3O5tXnddOP1tRMR1naKV9GJx9HqGBOVan7EV3M3azI=
Subject key identifier: 10:61:5D:66:56:93:8D:B3:95:60:29:5F:FD:8D:9A:BC:08:59:A5:C4
Certificate issuer: /CN=6499f71e15c0f38ceba257d30304ed44bea87c50
Certificate serial: 019420D5EC30F3FC1B706E4049766CA3628F
Authority key identifier: 64:99:F7:1E:15:C0:F3:8C:EB:A2:57:D3:03:04:ED:44:BE:A8:7C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJn3HhXA84zrolfTAwTtRL6ofFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/EGFdZlaTjbOVYClf_Y2avAhZpcQ.roa
Signing time: Wed 01 Jan 2025 07:47:57 +0000
ROA not before: Wed 01 Jan 2025 07:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25374
IP address blocks: 93.183.128.0/18 maxlen: 18
93.183.128.0/24 maxlen: 24
93.183.129.0/24 maxlen: 24
93.183.130.0/24 maxlen: 24
93.183.131.0/24 maxlen: 32
93.183.132.0/24 maxlen: 24
93.183.133.0/24 maxlen: 24
93.183.134.0/24 maxlen: 24
93.183.135.0/24 maxlen: 24
93.183.136.0/24 maxlen: 24
93.183.137.0/24 maxlen: 24
93.183.138.0/24 maxlen: 24
93.183.139.0/24 maxlen: 24
93.183.140.0/24 maxlen: 24
93.183.141.0/24 maxlen: 32
93.183.142.0/24 maxlen: 32
93.183.143.0/24 maxlen: 24
93.183.144.0/24 maxlen: 24
93.183.145.0/24 maxlen: 24
93.183.146.0/24 maxlen: 24
93.183.147.0/24 maxlen: 24
93.183.148.0/24 maxlen: 32
93.183.149.0/24 maxlen: 24
93.183.150.0/24 maxlen: 24
93.183.151.0/24 maxlen: 24
93.183.152.0/24 maxlen: 24
93.183.153.0/24 maxlen: 24
93.183.154.0/24 maxlen: 24
93.183.155.0/24 maxlen: 24
93.183.156.0/24 maxlen: 24
93.183.157.0/24 maxlen: 24
93.183.158.0/24 maxlen: 24
93.183.159.0/24 maxlen: 24
93.183.160.0/24 maxlen: 24
93.183.161.0/24 maxlen: 24
93.183.162.0/24 maxlen: 24
93.183.163.0/24 maxlen: 24
93.183.164.0/24 maxlen: 24
93.183.165.0/24 maxlen: 24
93.183.166.0/24 maxlen: 24
93.183.167.0/24 maxlen: 24
93.183.168.0/24 maxlen: 24
93.183.169.0/24 maxlen: 24
93.183.170.0/24 maxlen: 24
93.183.171.0/24 maxlen: 24
93.183.172.0/24 maxlen: 24
93.183.173.0/24 maxlen: 24
93.183.174.0/24 maxlen: 24
93.183.175.0/24 maxlen: 24
93.183.176.0/24 maxlen: 24
93.183.177.0/24 maxlen: 24
93.183.178.0/24 maxlen: 32
93.183.179.0/24 maxlen: 24
93.183.180.0/24 maxlen: 32
93.183.181.0/24 maxlen: 24
93.183.182.0/24 maxlen: 24
93.183.183.0/24 maxlen: 24
93.183.184.0/24 maxlen: 24
93.183.185.0/24 maxlen: 24
93.183.186.0/24 maxlen: 24
93.183.187.0/24 maxlen: 24
93.183.188.0/24 maxlen: 24
93.183.189.0/24 maxlen: 24
93.183.190.0/24 maxlen: 24
93.183.191.0/24 maxlen: 24
109.199.224.0/19 maxlen: 19
109.199.224.0/24 maxlen: 24
109.199.225.0/24 maxlen: 24
109.199.226.0/24 maxlen: 24
109.199.227.0/24 maxlen: 24
109.199.228.0/24 maxlen: 24
109.199.229.0/24 maxlen: 24
109.199.230.0/24 maxlen: 24
109.199.231.0/24 maxlen: 24
109.199.232.0/24 maxlen: 24
109.199.233.0/24 maxlen: 24
109.199.234.0/24 maxlen: 24
109.199.235.0/24 maxlen: 24
109.199.236.0/24 maxlen: 24
109.199.237.0/24 maxlen: 24
109.199.238.0/24 maxlen: 32
109.199.239.0/24 maxlen: 24
109.199.240.0/24 maxlen: 24
109.199.241.0/24 maxlen: 24
109.199.242.0/24 maxlen: 24
109.199.243.0/24 maxlen: 24
109.199.244.0/24 maxlen: 24
109.199.245.0/24 maxlen: 24
109.199.246.0/24 maxlen: 24
109.199.247.0/24 maxlen: 24
109.199.248.0/24 maxlen: 24
109.199.249.0/24 maxlen: 24
109.199.250.0/24 maxlen: 24
109.199.251.0/24 maxlen: 32
109.199.252.0/24 maxlen: 24
109.199.253.0/24 maxlen: 24
109.199.254.0/24 maxlen: 24
109.199.255.0/24 maxlen: 24
185.2.208.0/22 maxlen: 22
185.2.208.0/24 maxlen: 24
185.2.209.0/24 maxlen: 24
185.2.210.0/24 maxlen: 24
185.2.211.0/24 maxlen: 24
195.24.88.0/21 maxlen: 21
195.24.88.0/24 maxlen: 24
195.24.89.0/24 maxlen: 24
195.24.90.0/24 maxlen: 24
195.24.91.0/24 maxlen: 24
195.24.92.0/24 maxlen: 24
195.24.93.0/24 maxlen: 24
195.24.94.0/24 maxlen: 24
195.24.95.0/24 maxlen: 24
195.39.212.0/23 maxlen: 23
195.39.212.0/24 maxlen: 24
195.39.213.0/24 maxlen: 24
2a02:4dc0::/32 maxlen: 32
2a02:4dc0::/36 maxlen: 36
2a02:4dc0::/48 maxlen: 48
2a02:4dc0:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/ZJn3HhXA84zrolfTAwTtRL6ofFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/ZJn3HhXA84zrolfTAwTtRL6ofFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZJn3HhXA84zrolfTAwTtRL6ofFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ec:30:f3:fc:1b:70:6e:40:49:76:6c:a3:62:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6499f71e15c0f38ceba257d30304ed44bea87c50
Validity
Not Before: Jan 1 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10615d6656938db39560295ffd8d9abc0859a5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8d:c1:6f:6a:13:8a:fb:f6:05:cd:03:dd:cd:
99:5d:1c:be:dc:c7:a8:2a:76:4b:8b:5b:aa:18:58:
b8:e1:16:e8:29:d7:b1:59:6d:a3:b4:50:4d:1d:91:
71:3c:ea:61:4b:c3:ba:c4:2a:39:f8:1a:8f:4b:5c:
6b:44:ed:e2:3a:f6:5c:de:da:03:b8:6d:08:5f:f6:
8e:52:e0:c0:fc:2e:0e:c5:a2:04:57:2b:f6:a1:2f:
59:69:45:52:f3:29:ab:33:a2:b6:f0:78:83:56:a8:
81:92:5b:05:87:ed:a2:aa:2d:40:5b:68:ca:d6:a3:
ae:75:8f:83:2c:ce:05:b5:92:a7:1a:82:8c:05:f8:
5d:72:d1:2c:a5:0d:2a:08:7e:1e:f7:6b:aa:b9:af:
dd:c1:18:52:5a:06:c8:e9:0a:f3:06:6d:04:94:82:
fa:7a:a7:71:6e:d4:83:06:29:e5:26:46:dd:e0:4e:
fa:54:40:bb:18:ee:a0:93:aa:b5:6d:a5:bb:5d:c3:
da:35:3c:7c:b7:a8:62:11:57:30:ff:53:60:fe:26:
7d:ab:90:9d:41:86:60:dd:e2:ca:66:cb:c5:db:aa:
a2:ce:03:1e:08:8b:27:5c:38:7a:e9:7f:3b:84:91:
c4:0f:78:32:39:77:08:f1:86:4d:52:0c:71:9a:f1:
5a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:61:5D:66:56:93:8D:B3:95:60:29:5F:FD:8D:9A:BC:08:59:A5:C4
X509v3 Authority Key Identifier:
keyid:64:99:F7:1E:15:C0:F3:8C:EB:A2:57:D3:03:04:ED:44:BE:A8:7C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJn3HhXA84zrolfTAwTtRL6ofFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/EGFdZlaTjbOVYClf_Y2avAhZpcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/4f51ef-adc6-4a1c-82d7-5785b1573a69/1/ZJn3HhXA84zrolfTAwTtRL6ofFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.183.128.0/18
109.199.224.0/19
185.2.208.0/22
195.24.88.0/21
195.39.212.0/23
IPv6:
2a02:4dc0::/32
Signature Algorithm: sha256WithRSAEncryption
80:b9:e4:26:b7:66:4d:03:c4:c0:22:4d:f1:ce:3f:bd:1e:a7:
22:44:47:d7:36:09:1f:2c:7d:17:92:ea:c8:d7:09:40:45:44:
ce:05:4a:46:67:f0:28:bc:5d:c9:86:21:9f:09:41:3d:3a:f6:
91:f5:32:55:b4:0a:86:ed:ef:7a:d4:3d:ce:c5:68:8a:96:77:
68:8a:5b:7f:99:0b:2c:63:06:fe:a9:44:1f:ac:01:33:cc:70:
c7:3b:07:d0:9b:49:77:03:05:3b:00:50:b9:58:00:3e:02:28:
2c:16:76:1a:6b:a1:cf:cb:16:bf:e4:91:61:a4:7b:14:dd:19:
3a:00:94:b6:70:3c:d3:fa:a1:ba:cd:33:c9:e5:7b:d5:3e:c8:
93:ed:32:02:0d:c3:75:87:74:81:6f:dc:a3:f6:dc:a5:e0:c9:
ff:96:75:1b:53:52:ab:c7:9d:35:bf:f5:96:0e:68:a4:e6:7e:
c8:ba:68:e2:0f:57:7f:b8:6f:48:fd:57:38:d4:fd:ff:fd:58:
b4:0a:6a:2c:25:70:bf:b8:e7:36:e7:70:29:6a:4a:90:64:af:
6c:5a:02:41:86:d7:9f:75:89:d3:c3:4f:d8:ab:56:6c:23:c1:
f0:b3:5a:59:d3:2a:39:42:01:79:b7:4e:af:ff:3b:5f:b9:8e:
b9:01:8f:b7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1eww8/wbcG5ASXZso2KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTlmNzFlMTVjMGYzOGNlYmEyNTdkMzAzMDRlZDQ0YmVh
ODdjNTAwHhcNMjUwMTAxMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDYxNWQ2NjU2OTM4ZGIzOTU2MDI5NWZmZDhkOWFiYzA4NTlhNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo3Bb2oTivv2Bc0D3c2ZXRy+3Meo
KnZLi1uqGFi44RboKdexWW2jtFBNHZFxPOphS8O6xCo5+BqPS1xrRO3iOvZc3toD
uG0IX/aOUuDA/C4OxaIEVyv2oS9ZaUVS8ymrM6K28HiDVqiBklsFh+2iqi1AW2jK
1qOudY+DLM4FtZKnGoKMBfhdctEspQ0qCH4e92uqua/dwRhSWgbI6QrzBm0ElIL6
eqdxbtSDBinlJkbd4E76VEC7GO6gk6q1baW7XcPaNTx8t6hiEVcw/1Ng/iZ9q5Cd
QYZg3eLKZsvF26qizgMeCIsnXDh66X87hJHED3gyOXcI8YZNUgxxmvFa1wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBBhXWZWk42zlWApX/2NmrwIWaXEMB8GA1UdIwQY
MBaAFGSZ9x4VwPOM66JX0wME7US+qHxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkpuM0hoWEE4NHpyb2xmVEF3VHRSTDZvZkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi80ZjUxZWYtYWRjNi00YTFjLTgyZDct
NTc4NWIxNTczYTY5LzEvRUdGZFpsYVRqYk9WWUNsZl9ZMmF2QWhacGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi80ZjUxZWYtYWRjNi00YTFjLTgyZDctNTc4NWIxNTczYTY5
LzEvWkpuM0hoWEE4NHpyb2xmVEF3VHRSTDZvZkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGXbeAAwQF
bcfgAwQCuQLQAwQDwxhYAwQBwyfUMA0EAgACMAcDBQAqAk3AMA0GCSqGSIb3DQEB
CwUAA4IBAQCAueQmt2ZNA8TAIk3xzj+9HqciREfXNgkfLH0XkurI1wlARUTOBUpG
Z/AovF3JhiGfCUE9OvaR9TJVtAqG7e961D3OxWiKlndoilt/mQssYwb+qUQfrAEz
zHDHOwfQm0l3AwU7AFC5WAA+AigsFnYaa6HPyxa/5JFhpHsU3Rk6AJS2cDzT+qG6
zTPJ5XvVPsiT7TICDcN1h3SBb9yj9tyl4Mn/lnUbU1Krx501v/WWDmik5n7Iumji
D1d/uG9I/Vc41P3//Vi0CmosJXC/uOc253ApakqQZK9sWgJBhtefdYnTw0/Yq1Zs
I8Hws1pZ0yo5QgF5t06v/ztfuY65AY+3
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:10:07 2025 by rpki-client