Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/ENnWwF0vmdv43P7jgDpOBWdDipc.roa
File: ENnWwF0vmdv43P7jgDpOBWdDipc.roa (raw, json)
Hash identifier: 6ywQWq+YpeM+QYJxsua0ysg5X/K6fdwSexzVmdsk58s=
Subject key identifier: 10:D9:D6:C0:5D:2F:99:DB:F8:DC:FE:E3:80:3A:4E:05:67:43:8A:97
Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Certificate serial: 0196C93304657DC97654F46CE38CCCC4E9AF
Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/ENnWwF0vmdv43P7jgDpOBWdDipc.roa
Signing time: Tue 13 May 2025 10:31:25 +0000
ROA not before: Tue 13 May 2025 10:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44143
IP address blocks: 37.19.104.0/21 maxlen: 21
37.19.104.0/22 maxlen: 22
37.19.107.0/24 maxlen: 24
37.19.108.0/23 maxlen: 23
37.19.110.0/24 maxlen: 24
77.243.16.0/20 maxlen: 20
77.243.16.0/21 maxlen: 21
77.243.16.0/24 maxlen: 24
77.243.19.0/24 maxlen: 24
77.243.20.0/22 maxlen: 22
77.243.20.0/23 maxlen: 23
77.243.20.0/24 maxlen: 24
77.243.22.0/24 maxlen: 24
77.243.23.0/24 maxlen: 24
77.243.24.0/22 maxlen: 22
77.243.28.0/22 maxlen: 22
77.243.28.0/24 maxlen: 24
77.243.29.0/24 maxlen: 24
77.243.30.0/24 maxlen: 24
77.243.31.0/24 maxlen: 24
95.86.4.0/22 maxlen: 22
95.86.8.0/22 maxlen: 22
95.86.48.0/21 maxlen: 21
185.37.24.0/22 maxlen: 22
185.37.24.0/24 maxlen: 24
185.37.25.0/24 maxlen: 24
185.37.26.0/24 maxlen: 24
185.37.27.0/24 maxlen: 24
188.120.96.0/20 maxlen: 20
188.120.96.0/21 maxlen: 21
188.120.96.0/24 maxlen: 24
188.120.97.0/24 maxlen: 24
188.120.98.0/24 maxlen: 24
188.120.99.0/24 maxlen: 24
188.120.100.0/24 maxlen: 24
188.120.101.0/24 maxlen: 24
188.120.102.0/24 maxlen: 24
188.120.103.0/24 maxlen: 24
188.120.104.0/21 maxlen: 21
188.120.112.0/21 maxlen: 21
188.120.112.0/22 maxlen: 22
188.120.113.0/24 maxlen: 24
188.120.114.0/24 maxlen: 24
188.120.115.0/24 maxlen: 24
188.120.116.0/22 maxlen: 22
188.120.116.0/24 maxlen: 24
188.120.117.0/24 maxlen: 24
188.120.118.0/24 maxlen: 24
188.120.119.0/24 maxlen: 24
2a00:61c0::/29 maxlen: 29
2a00:61c0::/32 maxlen: 32
2a00:61c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:33:04:65:7d:c9:76:54:f4:6c:e3:8c:cc:c4:e9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Validity
Not Before: May 13 10:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10d9d6c05d2f99dbf8dcfee3803a4e0567438a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:55:4d:f9:ae:37:9e:0c:de:66:7a:0c:ea:
54:c4:ef:47:e3:04:1d:45:2e:25:80:2f:45:c1:ce:
d2:2e:4f:21:b6:31:f2:af:2c:52:09:0c:83:17:9f:
0a:e2:81:68:d0:0b:86:3a:43:77:b9:2a:6b:40:ce:
55:1e:d5:2c:95:e1:d4:93:34:18:b1:95:b8:f4:ab:
d6:b9:be:2b:21:ae:cf:27:74:c8:08:ba:07:22:4e:
ae:bc:d8:25:ed:81:da:97:60:a9:b2:99:eb:e9:94:
3c:72:16:4f:4e:f8:e7:b0:e4:61:30:86:89:41:f8:
ba:e9:89:02:c1:8b:18:ed:da:fc:8d:61:0e:da:20:
58:25:04:b5:e8:de:36:61:86:2a:b8:f6:78:1d:f5:
f0:ec:2e:ba:9f:3d:b7:06:ec:a7:96:3d:85:d3:0a:
0a:63:c1:50:0c:70:a3:68:99:db:b4:2f:6a:d3:cf:
65:c8:38:13:67:9a:86:c8:7f:52:7e:85:a4:c8:7c:
f2:39:27:cc:c4:67:42:1e:8a:56:44:f8:ad:ec:da:
09:23:71:8d:12:99:bb:88:4a:97:6c:98:98:e4:3c:
e0:99:26:99:42:37:19:38:32:6e:01:de:c0:2a:f9:
05:b8:ac:fc:4b:dc:97:41:ce:d3:10:67:86:a5:aa:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D9:D6:C0:5D:2F:99:DB:F8:DC:FE:E3:80:3A:4E:05:67:43:8A:97
X509v3 Authority Key Identifier:
keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/ENnWwF0vmdv43P7jgDpOBWdDipc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.104.0/21
77.243.16.0/20
95.86.4.0-95.86.11.255
95.86.48.0/21
185.37.24.0/22
188.120.96.0-188.120.119.255
IPv6:
2a00:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:9a:dd:3f:28:58:d8:f1:cc:99:e2:9c:da:34:0e:f2:29:66:
2e:ea:b9:89:7c:e0:a5:7a:da:6c:a0:12:9e:48:a8:20:7b:88:
c3:04:73:ba:f8:c9:a9:44:b2:37:2b:01:d3:42:9f:5a:a1:6a:
79:90:4e:88:d7:d5:4f:3e:d1:45:b3:d0:04:d4:b4:ad:d3:7a:
84:7b:10:ca:3d:c0:f8:d3:fc:47:23:9f:71:b8:d7:89:76:51:
1c:92:0d:d8:6f:b2:55:c2:45:3d:87:51:ea:6f:5e:2b:c2:a7:
73:a4:6c:71:63:af:2d:34:62:01:5a:67:9e:62:fe:0a:26:f4:
2e:2b:5f:25:07:ee:ac:c0:79:88:53:8d:9e:e2:8e:30:c2:aa:
14:f5:b3:6a:4a:46:08:8a:2e:3d:3c:f4:34:e2:ab:bf:48:1d:
28:c3:d9:f4:95:54:2e:67:d1:cf:49:f1:16:a5:de:bd:53:fe:
5b:87:b9:87:47:42:21:f8:0d:15:0f:61:11:c0:f7:25:66:79:
98:42:6d:32:9c:1c:c8:08:9c:84:73:8f:47:8b:a6:73:42:d5:
9d:96:de:47:8f:be:01:90:4c:07:59:6b:9f:57:d4:57:a9:69:
1f:0f:bf:f6:1d:c9:8e:fc:74:ad:b7:07:c4:82:bf:16:87:59:
c1:0c:ee:cd
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZbJMwRlfcl2VPRs44zMxOmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4
ZDVjYTUwHhcNMjUwNTEzMTAzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ5ZDZjMDVkMmY5OWRiZjhkY2ZlZTM4MDNhNGUwNTY3NDM4YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvepVTfmuN54M3mZ6DOpUxO9H4wQd
RS4lgC9Fwc7SLk8htjHyryxSCQyDF58K4oFo0AuGOkN3uSprQM5VHtUsleHUkzQY
sZW49KvWub4rIa7PJ3TICLoHIk6uvNgl7YHal2Cpspnr6ZQ8chZPTvjnsORhMIaJ
Qfi66YkCwYsY7dr8jWEO2iBYJQS16N42YYYquPZ4HfXw7C66nz23Buynlj2F0woK
Y8FQDHCjaJnbtC9q089lyDgTZ5qGyH9SfoWkyHzyOSfMxGdCHopWRPit7NoJI3GN
Epm7iEqXbJiY5DzgmSaZQjcZODJuAd7AKvkFuKz8S9yXQc7TEGeGpaoz3QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFBDZ1sBdL5nb+Nz+44A6TgVnQ4qXMB8GA1UdIwQY
MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt
YjU2MDJkM2RhOGE2LzEvRU5uV3dGMHZtZHY0M1A3amdEcE9CV2REaXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2
LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQDJRNoAwQE
TfMQMAwDBAJfVgQDBAJfVggDBANfVjADBAK5JRgwDAMEBbx4YAMEA7x4cDANBAIA
AjAHAwUDKgBhwDANBgkqhkiG9w0BAQsFAAOCAQEAVprdPyhY2PHMmeKc2jQO8ilm
Luq5iXzgpXrabKASnkioIHuIwwRzuvjJqUSyNysB00KfWqFqeZBOiNfVTz7RRbPQ
BNS0rdN6hHsQyj3A+NP8RyOfcbjXiXZRHJIN2G+yVcJFPYdR6m9eK8Knc6RscWOv
LTRiAVpnnmL+Cib0LitfJQfurMB5iFONnuKOMMKqFPWzakpGCIouPTz0NOKrv0gd
KMPZ9JVULmfRz0nxFqXevVP+W4e5h0dCIfgNFQ9hEcD3JWZ5mEJtMpwcyAichHOP
R4umc0LVnZbeR4++AZBMB1lrn1fUV6lpHw+/9h3Jjvx0rbcHxIK/FodZwQzuzQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:58:38 2025 by rpki-client