Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4ILvo6vCDj985eseCLehs-ym3Oc.roa
File: 4ILvo6vCDj985eseCLehs-ym3Oc.roa (raw, json)
Hash identifier: c0boeQmjbbcqipQjA8ZQV3SqlXHr319tM1iaSTDQg/Q=
Subject key identifier: E0:82:EF:A3:AB:C2:0E:3F:7C:E5:EB:1E:08:B7:A1:B3:EC:A6:DC:E7
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 019425FDB6FA7BE8FC7924CC39E52B237267
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4ILvo6vCDj985eseCLehs-ym3Oc.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56595
IP address blocks: 46.226.0.0/21 maxlen: 21
89.32.88.0/21 maxlen: 21
91.239.46.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
185.7.230.0/23 maxlen: 23
185.8.93.0/24 maxlen: 24
185.34.8.0/22 maxlen: 22
185.73.152.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
185.122.64.0/22 maxlen: 22
185.240.200.0/22 maxlen: 22
188.241.20.0/22 maxlen: 24
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
192.124.200.0/24 maxlen: 24
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
193.33.125.0/24 maxlen: 24
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b6:fa:7b:e8:fc:79:24:cc:39:e5:2b:23:72:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e082efa3abc20e3f7ce5eb1e08b7a1b3eca6dce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:90:86:ee:c0:eb:4e:28:8b:a4:c3:91:ee:
1c:98:82:b4:5f:8b:36:5f:19:99:58:94:61:dc:ac:
d4:76:76:af:eb:2d:fb:5f:ef:f9:49:64:52:60:b1:
36:6e:22:c4:83:d8:de:f1:fd:2b:c3:a2:e7:2b:d3:
22:be:e7:70:ab:8d:26:2a:43:2b:78:58:b8:37:c4:
2a:26:5f:4c:d3:18:17:7c:c6:d3:b8:b8:38:b3:0b:
d3:4f:fa:70:ec:f2:68:fb:aa:c2:45:72:03:e7:d5:
84:02:3e:5f:52:2e:94:08:f6:f4:68:11:c0:72:8d:
83:de:fc:e6:d8:3a:c0:f8:fd:f6:db:cb:f7:46:77:
8d:70:7d:88:a6:2c:17:e5:94:ea:f7:e4:96:92:63:
1f:98:d2:bb:a5:15:c2:de:c7:17:a7:f2:20:0a:e0:
12:6a:22:00:96:c2:b8:ff:cc:a2:20:5b:71:2f:10:
67:7e:a8:51:93:1b:04:8c:96:9f:3c:de:5e:65:26:
ba:bb:cb:bc:09:3a:4b:ec:f9:f4:c5:cb:76:75:6d:
d3:5c:fd:ed:55:5b:55:72:d7:5a:ab:bf:e3:dd:fb:
2f:12:a4:17:39:5f:95:0c:26:28:8d:45:2d:f5:c3:
d0:2b:a3:bd:6b:87:e0:92:6c:db:5a:26:d2:04:2f:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:82:EF:A3:AB:C2:0E:3F:7C:E5:EB:1E:08:B7:A1:B3:EC:A6:DC:E7
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4ILvo6vCDj985eseCLehs-ym3Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.8.93.0/24
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
98:1a:ed:a3:75:f7:c0:48:56:b5:de:01:51:b0:9b:8d:26:de:
ed:d4:0e:96:0e:b9:da:ce:6e:2d:f5:c0:a2:73:df:54:6c:9b:
84:04:b1:bf:30:71:9a:3d:82:7c:97:2c:f3:e6:cb:c9:d6:df:
bb:c2:db:9b:ec:46:f8:f8:90:c5:5c:96:4f:21:13:e1:93:f5:
49:ed:49:fa:f3:54:2c:79:1b:2d:f1:ea:31:09:03:06:5f:09:
8e:04:d3:b7:71:35:05:8c:fa:3f:9e:df:d0:b3:f5:6e:da:e4:
4d:12:e1:17:3c:53:98:23:d4:7b:b6:2d:2f:2f:fc:4b:36:7c:
5c:4b:4c:f8:93:77:1e:54:dd:3b:87:d5:90:f8:a3:73:5b:05:
e6:53:4d:73:83:85:51:92:20:af:d8:93:49:7d:cd:74:a9:a8:
d9:15:46:60:39:b6:de:4c:4b:43:be:55:d9:81:79:11:17:81:
cc:99:ac:a5:b1:21:bf:90:fb:eb:fa:0e:e4:df:7a:b7:c9:88:
4d:80:00:48:7b:d9:78:3f:0a:e9:79:f9:f5:6d:fd:79:6c:40:
c2:f5:50:0f:ba:fa:75:c2:ad:10:15:36:91:67:dc:e6:21:3b:
50:1b:6d:87:5c:92:29:9a:c5:b4:18:69:1a:33:93:08:a6:c0:
e9:96:be:ab
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQl/bb6e+j8eSTMOeUrI3JnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgyZWZhM2FiYzIwZTNmN2NlNWViMWUwOGI3YTFiM2VjYTZkY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLKQhu7A604oi6TDke4cmIK0X4s2
XxmZWJRh3KzUdnav6y37X+/5SWRSYLE2biLEg9je8f0rw6LnK9Mivudwq40mKkMr
eFi4N8QqJl9M0xgXfMbTuLg4swvTT/pw7PJo+6rCRXID59WEAj5fUi6UCPb0aBHA
co2D3vzm2DrA+P3228v3RneNcH2IpiwX5ZTq9+SWkmMfmNK7pRXC3scXp/IgCuAS
aiIAlsK4/8yiIFtxLxBnfqhRkxsEjJafPN5eZSa6u8u8CTpL7Pn0xct2dW3TXP3t
VVtVctdaq7/j3fsvEqQXOV+VDCYojUUt9cPQK6O9a4fgkmzbWibSBC8KUwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFOCC76Orwg4/fOXrHgi3obPsptznMB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvNElMdm82dkNEajk4NWVzZUNMZWhzLXltM09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgDBAMu
4gADBANZIFgDBABb7y4DBABb8K4DBABf1wkDBAK5B+QDBAC5CF0DBAK5IggDBAK5
SZgDBAK5ZEQDBAK5ekADBAK58MgDBAK88RQwDAMEAMB8wQMEAsB8wDAMAwQAwHzF
AwQAwHzGAwQAwHzIAwQAwHzLAwQBwHzOAwQAwSF9AwQAw+Z7MA0EAgACMAcDBQAq
AKYAMA0GCSqGSIb3DQEBCwUAA4IBAQCYGu2jdffASFa13gFRsJuNJt7t1A6WDrna
zm4t9cCic99UbJuEBLG/MHGaPYJ8lyzz5svJ1t+7wtub7Eb4+JDFXJZPIRPhk/VJ
7Un681QseRst8eoxCQMGXwmOBNO3cTUFjPo/nt/Qs/Vu2uRNEuEXPFOYI9R7ti0v
L/xLNnxcS0z4k3ceVN07h9WQ+KNzWwXmU01zg4VRkiCv2JNJfc10qajZFUZgObbe
TEtDvlXZgXkRF4HMmaylsSG/kPvr+g7k33q3yYhNgABIe9l4Pwrpefn1bf15bEDC
9VAPuvp1wq0QFTaRZ9zmITtQG22HXJIpmsW0GGkaM5MIpsDplr6r
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:27:57 2025 by rpki-client