Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/EQLAmwce-4qvK6GmwcFTOhIRkwQ.roa
File: EQLAmwce-4qvK6GmwcFTOhIRkwQ.roa (raw, json)
Hash identifier: JsjgQjAnTuCMbWUsyWPVoy0ThBVMbRkRSyV5BIOaYsk=
Subject key identifier: 11:02:C0:9B:07:1E:FB:8A:AF:2B:A1:A6:C1:C1:53:3A:12:11:93:04
Certificate issuer: /CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Certificate serial: 0194794C88C41B6DD75117A0674DE89B7C13
Authority key identifier: 65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/EQLAmwce-4qvK6GmwcFTOhIRkwQ.roa
Signing time: Sat 18 Jan 2025 12:04:06 +0000
ROA not before: Sat 18 Jan 2025 12:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1961
IP address blocks: 193.38.176.0/23 maxlen: 23
193.38.176.0/24 maxlen: 24
193.38.177.0/24 maxlen: 24
193.38.180.0/23 maxlen: 23
193.38.180.0/24 maxlen: 24
193.38.181.0/24 maxlen: 24
193.38.190.0/23 maxlen: 23
193.38.190.0/24 maxlen: 24
193.38.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:4c:88:c4:1b:6d:d7:51:17:a0:67:4d:e8:9b:7c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Validity
Not Before: Jan 18 12:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1102c09b071efb8aaf2ba1a6c1c1533a12119304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b0:65:98:d4:b5:6c:6a:f4:d6:db:6d:25:95:
bf:1a:b3:3e:ba:48:cf:4a:0e:68:56:e6:9b:55:55:
98:c0:ac:ee:f2:ec:c6:15:c9:a7:42:f5:c2:d6:91:
bd:2b:bb:1a:2c:fe:22:58:9e:57:69:d5:af:8e:2c:
6d:4d:22:bd:2d:27:f0:df:c3:62:4a:7c:fb:f6:0b:
87:9a:60:5a:85:e9:a3:77:d4:a4:ef:94:c1:13:3d:
dd:96:a6:f1:6c:7d:d9:c0:03:eb:43:30:b5:66:ea:
6d:cf:94:f0:d1:25:77:41:55:ce:20:d3:8c:16:17:
6a:e5:b4:6c:b1:65:66:64:0c:72:ea:eb:87:20:84:
f1:c4:31:a6:a2:8b:2d:66:06:9c:2a:48:2a:e0:ad:
d5:1c:5a:4d:9d:5d:59:42:a8:4f:fd:6c:4f:2a:77:
bc:c7:87:8b:62:aa:39:ef:2c:f0:32:fe:d4:c3:5a:
8a:43:8f:fa:80:6e:ad:8c:ef:b7:f9:0b:6c:92:05:
f6:88:6f:69:c1:f7:c3:0c:2c:fc:c7:90:24:53:f5:
08:3f:38:a1:d2:79:cc:16:84:68:44:1e:07:e4:7c:
98:0e:7b:e9:1b:11:3b:9f:03:f6:ff:f9:53:33:b2:
80:64:8c:27:85:c1:1a:ee:6b:56:6b:60:85:06:78:
37:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:02:C0:9B:07:1E:FB:8A:AF:2B:A1:A6:C1:C1:53:3A:12:11:93:04
X509v3 Authority Key Identifier:
keyid:65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/EQLAmwce-4qvK6GmwcFTOhIRkwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.176.0/23
193.38.180.0/23
193.38.190.0/23
Signature Algorithm: sha256WithRSAEncryption
05:79:05:8d:ca:db:12:25:7c:1a:70:67:32:7c:ca:2b:3b:7c:
a4:8d:e9:70:b0:1b:44:fc:4e:9b:33:d2:33:40:eb:6e:a9:52:
a6:62:e7:e8:45:90:7b:5e:c5:91:f2:5d:6e:5d:b0:23:20:de:
63:89:e8:a6:45:5d:3e:fc:b5:41:5d:fe:2f:8a:33:36:3c:04:
f5:cb:4b:ea:1b:94:24:27:d4:72:59:6b:98:70:a4:d6:47:dd:
41:99:85:65:69:18:00:8b:a8:16:4d:a7:64:0c:85:3a:ea:5c:
86:f4:9a:1e:36:de:a9:60:70:b0:fe:ef:ce:9a:03:4d:b4:2a:
6a:69:f0:1a:16:9e:bb:60:8c:ae:d1:25:4a:c8:5a:30:a4:8c:
af:be:10:d8:4b:7e:59:71:0c:0d:86:93:f6:07:c2:8f:5e:09:
a9:7f:d9:88:4e:50:3c:d6:a4:57:d5:1a:2f:27:e5:a6:10:16:
d9:9e:d6:76:1a:f4:84:75:68:3a:0b:4e:c6:77:d6:45:61:3c:
fc:2c:db:1c:05:cf:b9:b4:47:1f:50:9a:53:d6:bf:cf:55:37:
60:95:a0:e9:d8:c9:92:c0:d1:dd:fe:c0:04:b7:ff:56:c0:1d:
ff:75:c9:7e:71:b1:c0:f7:77:ba:5b:c1:f0:20:e4:e9:76:1a:
87:3e:df:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZR5TIjEG23XURegZ03om3wTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWMzNTY2MzMzODhlOWJkODk3ZDAwMGEzZjM4YmMxZTU0
NmVmNGEwHhcNMjUwMTE4MTIwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTAyYzA5YjA3MWVmYjhhYWYyYmExYTZjMWMxNTMzYTEyMTE5MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbBlmNS1bGr01tttJZW/GrM+ukjP
Sg5oVuabVVWYwKzu8uzGFcmnQvXC1pG9K7saLP4iWJ5XadWvjixtTSK9LSfw38Ni
Snz79guHmmBahemjd9Sk75TBEz3dlqbxbH3ZwAPrQzC1Zuptz5Tw0SV3QVXOINOM
Fhdq5bRssWVmZAxy6uuHIITxxDGmoostZgacKkgq4K3VHFpNnV1ZQqhP/WxPKne8
x4eLYqo57yzwMv7Uw1qKQ4/6gG6tjO+3+QtskgX2iG9pwffDDCz8x5AkU/UIPzih
0nnMFoRoRB4H5HyYDnvpGxE7nwP2//lTM7KAZIwnhcEa7mtWa2CFBng3zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBECwJsHHvuKryuhpsHBUzoSEZMEMB8GA1UdIwQY
MBaAFGWcNWYzOI6b2JfQAKPzi8HlRu9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTkt
M2M3ZTRmOTNlNDJiLzEvRVFMQW13Y2UtNHF2SzZHbXdjRlRPaElSa3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTktM2M3ZTRmOTNlNDJi
LzEvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwSawAwQB
wSa0AwQBwSa+MA0GCSqGSIb3DQEBCwUAA4IBAQAFeQWNytsSJXwacGcyfMorO3yk
jelwsBtE/E6bM9IzQOtuqVKmYufoRZB7XsWR8l1uXbAjIN5jieimRV0+/LVBXf4v
ijM2PAT1y0vqG5QkJ9RyWWuYcKTWR91BmYVlaRgAi6gWTadkDIU66lyG9JoeNt6p
YHCw/u/OmgNNtCpqafAaFp67YIyu0SVKyFowpIyvvhDYS35ZcQwNhpP2B8KPXgmp
f9mITlA81qRX1RovJ+WmEBbZntZ2GvSEdWg6C07Gd9ZFYTz8LNscBc+5tEcfUJpT
1r/PVTdglaDp2MmSwNHd/sAEt/9WwB3/dcl+cbHA93e6W8HwIOTpdhqHPt9K
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:04:59 2025 by rpki-client