Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2EE5sI-lHxPW-m95GPnlbkqBGKw.roa
File: 2EE5sI-lHxPW-m95GPnlbkqBGKw.roa (raw, json)
Hash identifier: rZX0WbnFMbiHv4Iw7Uo3xd9gD2qfAlVmi5TezkAjKms=
Subject key identifier: D8:41:39:B0:8F:A5:1F:13:D6:FA:6F:79:18:F9:E5:6E:4A:81:18:AC
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 0195AE395DBF8D6199C339D50A375E0D76E2
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2EE5sI-lHxPW-m95GPnlbkqBGKw.roa
Signing time: Wed 19 Mar 2025 11:45:49 +0000
ROA not before: Wed 19 Mar 2025 11:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204866
IP address blocks: 95.142.104.0/24 maxlen: 24
193.202.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:39:5d:bf:8d:61:99:c3:39:d5:0a:37:5e:0d:76:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Mar 19 11:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d84139b08fa51f13d6fa6f7918f9e56e4a8118ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8a:f4:90:a5:12:4a:03:ac:9e:f1:e5:d2:2c:
3e:36:70:f1:54:b6:d1:d7:05:8d:47:ca:5b:32:3b:
83:89:92:0f:7e:84:00:8d:b6:97:1f:7a:22:13:ef:
2c:ee:a1:c2:25:0e:80:45:83:e1:58:1d:83:5b:7c:
fb:c8:0b:30:1d:e2:80:be:99:1c:c0:8f:18:4a:57:
51:1d:70:03:a6:86:f1:a9:84:a2:c6:a2:09:67:7b:
c0:90:80:ba:3a:a7:bb:10:6e:e7:09:65:bf:d4:20:
fe:59:2f:f1:d3:bf:7d:2b:9c:cc:30:3e:c2:d4:39:
95:b7:2c:46:1a:84:8a:81:ba:06:0e:2e:45:49:cd:
87:9b:d0:d0:ea:2a:00:90:af:e7:cf:e4:da:71:e9:
29:e7:de:bb:a2:6c:63:47:41:e1:1d:f9:8d:6d:28:
92:97:f6:6e:ff:9c:8b:62:3a:f7:45:e4:e1:b5:75:
2d:e6:10:b8:d6:3e:57:b2:d4:f0:09:9a:21:b0:a3:
6f:fe:c5:fe:d2:b3:90:b0:25:a0:1f:f4:a1:23:ee:
c5:29:e1:e4:9d:ea:ef:28:da:f4:3a:35:06:94:3b:
59:0c:e7:05:55:47:cc:18:ab:bd:fb:29:67:df:0c:
e9:6e:b6:ea:6c:59:ba:b8:87:44:1a:a8:a8:28:f8:
08:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:41:39:B0:8F:A5:1F:13:D6:FA:6F:79:18:F9:E5:6E:4A:81:18:AC
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2EE5sI-lHxPW-m95GPnlbkqBGKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.104.0/24
193.202.74.0/24
Signature Algorithm: sha256WithRSAEncryption
44:46:3d:86:e3:2b:53:0d:45:15:e3:b6:79:b2:a3:ec:1f:af:
7e:7e:12:6c:d5:39:4c:55:a2:6b:0f:5c:49:89:8e:1d:ad:a2:
bb:2d:2d:d3:83:10:18:e9:2c:b5:a8:4a:e8:a8:68:0c:b2:bb:
64:f8:40:3c:5e:ad:8c:51:cb:0d:15:c8:ff:60:be:d1:2e:54:
23:97:fd:cd:30:5f:ce:ec:cc:90:17:df:6f:62:d9:9b:a4:05:
80:32:b0:dc:d0:53:f0:70:02:81:af:60:0e:c4:e2:98:58:47:
95:50:dd:9a:28:99:2a:0c:5c:70:99:8c:d1:44:dd:ec:e0:2e:
37:85:01:46:b5:bb:28:ae:6b:a3:9a:9b:02:0c:91:e9:6b:78:
9f:1c:fb:99:aa:71:d7:af:14:5b:bb:b5:5b:a2:e5:a0:ca:71:
10:9a:9b:04:77:2b:c5:df:07:e7:ab:3f:40:d3:eb:a8:c8:23:
e1:05:15:6c:37:cb:65:b4:9a:e1:99:81:85:d2:fe:b8:27:30:
60:35:d2:5c:76:42:dd:3e:b9:d7:04:c1:ca:2b:f7:a5:b2:67:
a8:0e:6c:e4:88:f3:ba:39:4f:d9:67:fc:90:f6:f6:cf:67:7d:
04:00:d8:32:1b:15:31:29:fe:43:e3:15:5e:ea:91:77:14:12:
66:23:a3:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWuOV2/jWGZwznVCjdeDXbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjUwMzE5MTE0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQxMzliMDhmYTUxZjEzZDZmYTZmNzkxOGY5ZTU2ZTRhODExOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYr0kKUSSgOsnvHl0iw+NnDxVLbR
1wWNR8pbMjuDiZIPfoQAjbaXH3oiE+8s7qHCJQ6ARYPhWB2DW3z7yAswHeKAvpkc
wI8YSldRHXADpobxqYSixqIJZ3vAkIC6Oqe7EG7nCWW/1CD+WS/x0799K5zMMD7C
1DmVtyxGGoSKgboGDi5FSc2Hm9DQ6ioAkK/nz+Tacekp5967omxjR0HhHfmNbSiS
l/Zu/5yLYjr3ReThtXUt5hC41j5XstTwCZohsKNv/sX+0rOQsCWgH/ShI+7FKeHk
nervKNr0OjUGlDtZDOcFVUfMGKu9+yln3wzpbrbqbFm6uIdEGqioKPgIBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhBObCPpR8T1vpveRj55W5KgRisMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvMkVFNXNJLWxIeFBXLW05NUdQbmxia3FCR0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX45oAwQA
wcpKMA0GCSqGSIb3DQEBCwUAA4IBAQBERj2G4ytTDUUV47Z5sqPsH69+fhJs1TlM
VaJrD1xJiY4draK7LS3TgxAY6Sy1qEroqGgMsrtk+EA8Xq2MUcsNFcj/YL7RLlQj
l/3NMF/O7MyQF99vYtmbpAWAMrDc0FPwcAKBr2AOxOKYWEeVUN2aKJkqDFxwmYzR
RN3s4C43hQFGtbsormujmpsCDJHpa3ifHPuZqnHXrxRbu7VbouWgynEQmpsEdyvF
3wfnqz9A0+uoyCPhBRVsN8tltJrhmYGF0v64JzBgNdJcdkLdPrnXBMHKK/elsmeo
DmzkiPO6OU/ZZ/yQ9vbPZ30EANgyGxUxKf5D4xVe6pF3FBJmI6Pp
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:19:33 2025 by rpki-client