Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/elKWmf6BGTWMt5DvOkJSmfgI6Qc.roa
File: elKWmf6BGTWMt5DvOkJSmfgI6Qc.roa (raw, json)
Hash identifier: XewDawQR0+tbCE/3KxBoInLYooxTPbPPCM6MSvyHwQE=
Subject key identifier: 7A:52:96:99:FE:81:19:35:8C:B7:90:EF:3A:42:52:99:F8:08:E9:07
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 0195C78A62407A86C20F832B170FE8529A62
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/elKWmf6BGTWMt5DvOkJSmfgI6Qc.roa
Signing time: Mon 24 Mar 2025 09:44:49 +0000
ROA not before: Mon 24 Mar 2025 09:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15895
IP address blocks: 5.248.0.0/16 maxlen: 16
37.115.0.0/16 maxlen: 16
37.229.0.0/16 maxlen: 16
46.118.0.0/15 maxlen: 15
46.185.0.0/17 maxlen: 17
46.211.0.0/16 maxlen: 16
62.64.64.0/18 maxlen: 18
77.247.216.0/21 maxlen: 21
81.23.16.0/20 maxlen: 20
81.23.16.0/24 maxlen: 24
83.170.192.0/18 maxlen: 18
85.223.128.0/17 maxlen: 17
89.162.128.0/17 maxlen: 17
94.27.0.0/17 maxlen: 17
94.153.0.0/16 maxlen: 16
94.153.114.0/23 maxlen: 23
94.153.164.0/22 maxlen: 22
109.162.0.0/17 maxlen: 17
134.249.0.0/16 maxlen: 16
176.8.0.0/16 maxlen: 16
178.137.0.0/16 maxlen: 16
188.163.0.0/16 maxlen: 16
188.163.0.0/17 maxlen: 17
193.41.60.0/22 maxlen: 22
193.41.60.0/23 maxlen: 23
193.41.62.0/23 maxlen: 23
193.239.128.0/23 maxlen: 23
212.82.192.0/19 maxlen: 19
212.109.32.0/19 maxlen: 19
2a02:8a8::/32 maxlen: 32
2a02:2378::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:8a:62:40:7a:86:c2:0f:83:2b:17:0f:e8:52:9a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Mar 24 09:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a529699fe8119358cb790ef3a425299f808e907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6e:32:52:27:95:ee:3b:2f:a4:fa:1b:cc:a6:
66:ad:68:4d:bc:eb:ff:8b:ba:5d:5b:fc:a2:87:52:
0a:da:5c:74:aa:7a:5f:3b:a8:0b:e8:9c:ca:04:40:
d5:a6:9f:3e:26:b8:df:29:be:cf:42:7c:28:8a:18:
45:5d:f1:01:a3:6c:27:f1:63:a6:e7:1b:7f:cc:41:
20:fa:d6:f3:32:06:75:67:95:7e:9a:9b:e8:b2:8e:
b3:ee:e2:03:fc:6f:9f:38:73:ba:9b:52:91:03:1b:
21:47:a1:7f:24:3c:53:ae:70:a5:1b:4a:c2:21:5d:
64:cd:3b:fb:b8:6e:46:1a:c5:09:e7:a9:fc:4f:03:
82:5e:65:7d:a2:cd:7f:b1:87:be:6d:ce:99:a2:ee:
e5:ce:5d:15:f3:83:ae:72:39:e2:25:db:c1:36:15:
f2:34:e8:c4:e7:2c:c5:a0:1a:3d:90:99:9c:ba:d4:
92:70:81:ed:51:3c:f0:e0:77:30:70:5d:2e:bc:cb:
4e:28:28:bc:c3:54:b9:ec:eb:31:30:d7:93:e6:48:
5e:70:5d:5c:79:c6:df:48:f9:4b:ad:aa:34:5d:ee:
f1:1f:fb:74:bc:70:a6:7c:1d:af:18:4d:86:11:66:
e5:0f:13:0d:d7:9f:f4:6a:71:48:42:c0:e7:c0:74:
38:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:52:96:99:FE:81:19:35:8C:B7:90:EF:3A:42:52:99:F8:08:E9:07
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/elKWmf6BGTWMt5DvOkJSmfgI6Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.248.0.0/16
37.115.0.0/16
37.229.0.0/16
46.118.0.0/15
46.185.0.0/17
46.211.0.0/16
62.64.64.0/18
77.247.216.0/21
81.23.16.0/20
83.170.192.0/18
85.223.128.0/17
89.162.128.0/17
94.27.0.0/17
94.153.0.0/16
109.162.0.0/17
134.249.0.0/16
176.8.0.0/16
178.137.0.0/16
188.163.0.0/16
193.41.60.0/22
193.239.128.0/23
212.82.192.0/19
212.109.32.0/19
IPv6:
2a02:8a8::/32
2a02:2378::/32
Signature Algorithm: sha256WithRSAEncryption
3a:ee:c4:fd:c2:28:40:ec:37:39:2d:65:a3:f1:28:3f:83:00:
50:e2:8b:16:7b:d2:39:5c:4d:2d:0d:6d:7d:d2:ce:88:59:46:
43:95:fe:27:70:db:09:f0:ae:4e:59:df:c2:d4:bc:a0:98:6b:
4f:13:ab:92:08:60:6d:7c:38:57:f4:f3:7d:b6:aa:36:2c:ec:
d2:5c:b9:90:36:a7:da:83:d0:51:cf:6b:a6:fe:ef:f8:f8:3c:
22:9e:e4:2d:8f:10:c9:d5:29:4e:0f:ac:21:e5:5c:47:13:44:
93:ec:7f:42:b8:4d:11:a2:90:25:7a:1b:71:17:94:31:04:5a:
17:a4:b2:24:4d:d3:01:6e:92:6a:f6:9b:c8:cf:ee:68:11:9e:
27:59:99:85:6a:5c:fc:cb:dd:e0:c5:7f:21:9c:d0:e0:37:d6:
c3:88:aa:44:36:d4:3d:2d:ad:4d:62:79:d2:ce:cd:42:42:a2:
11:91:49:50:db:fd:59:2d:7a:3c:9a:f1:54:65:aa:c0:20:fc:
dd:75:a8:3e:df:12:3b:c2:55:a4:c0:7d:06:f7:1b:a7:54:e3:
d9:42:04:47:c6:d3:b3:df:25:b1:2e:5b:2e:b7:b1:ab:88:ea:
35:26:40:0c:5b:ab:83:60:f4:03:76:e5:2b:e9:ea:8e:af:8e:
bb:df:ef:eb
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZXHimJAeobCD4MrFw/oUppiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjUwMzI0MDk0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTUyOTY5OWZlODExOTM1OGNiNzkwZWYzYTQyNTI5OWY4MDhlOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W4yUieV7jsvpPobzKZmrWhNvOv/
i7pdW/yih1IK2lx0qnpfO6gL6JzKBEDVpp8+JrjfKb7PQnwoihhFXfEBo2wn8WOm
5xt/zEEg+tbzMgZ1Z5V+mpvoso6z7uID/G+fOHO6m1KRAxshR6F/JDxTrnClG0rC
IV1kzTv7uG5GGsUJ56n8TwOCXmV9os1/sYe+bc6Zou7lzl0V84OucjniJdvBNhXy
NOjE5yzFoBo9kJmcutSScIHtUTzw4HcwcF0uvMtOKCi8w1S57OsxMNeT5khecF1c
ecbfSPlLrao0Xe7xH/t0vHCmfB2vGE2GEWblDxMN15/0anFIQsDnwHQ4vQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFHpSlpn+gRk1jLeQ7zpCUpn4COkHMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvZWxLV21mNkJHVFdNdDVEdk9rSlNtZmdJNlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYADAwAF
+AMDACVzAwMAJeUDAwEudgMEBy65AAMDAC7TAwQGPkBAAwQDTffYAwQEURcQAwQG
U6rAAwQHVd+AAwQHWaKAAwQHXhsAAwMAXpkDBAdtogADAwCG+QMDALAIAwMAsokD
AwC8owMEAsEpPAMEAcHvgAMEBdRSwAMEBdRtIDAUBAIAAjAOAwUAKgIIqAMFACoC
I3gwDQYJKoZIhvcNAQELBQADggEBADruxP3CKEDsNzktZaPxKD+DAFDiixZ70jlc
TS0NbX3SzohZRkOV/idw2wnwrk5Z38LUvKCYa08Tq5IIYG18OFf08322qjYs7NJc
uZA2p9qD0FHPa6b+7/j4PCKe5C2PEMnVKU4PrCHlXEcTRJPsf0K4TRGikCV6G3EX
lDEEWheksiRN0wFukmr2m8jP7mgRnidZmYVqXPzL3eDFfyGc0OA31sOIqkQ21D0t
rU1iedLOzUJCohGRSVDb/Vktejya8VRlqsAg/N11qD7fEjvCVaTAfQb3G6dU49lC
BEfG07PfJbEuWy63sauI6jUmQAxbq4Ng9AN25Svp6o6vjrvf7+s=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:49 2025 by rpki-client