Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/67KS9uxohx5qywMfA7rxHH4YscU.roa
File: 67KS9uxohx5qywMfA7rxHH4YscU.roa (raw, json)
Hash identifier: lir9AF6THQKzGsNxxFLnf0F3SF63YVXFyWaZJXVDD+M=
Subject key identifier: EB:B2:92:F6:EC:68:87:1E:6A:CB:03:1F:03:BA:F1:1C:7E:18:B1:C5
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3B4EC7E1A39B7FFE40B0BAA8AB5F2
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/67KS9uxohx5qywMfA7rxHH4YscU.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200736
IP address blocks: 94.131.32.0/20 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.160.0/20 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.162.0/24 maxlen: 24
94.131.163.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.167.0/24 maxlen: 24
94.131.169.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
94.131.174.0/24 maxlen: 24
95.164.124.0/22 maxlen: 24
95.164.176.0/20 maxlen: 24
95.164.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b4:ec:7e:1a:39:b7:ff:e4:0b:0b:aa:8a:b5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebb292f6ec68871e6acb031f03baf11c7e18b1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:91:81:ad:c3:0b:e8:f4:e8:65:01:76:19:1b:
d1:31:8e:21:5c:37:2d:a2:a3:9f:c7:99:19:ab:0c:
f6:69:eb:44:41:79:ae:e6:7c:69:21:46:be:34:bb:
da:7f:e7:60:5f:d5:38:9f:00:b2:a4:6b:f3:11:bc:
99:e2:d9:0b:66:d9:e2:5d:15:d4:c5:48:11:59:95:
37:c9:1b:68:2c:3d:f1:8a:df:a3:4d:76:a8:42:f5:
cf:3c:9b:61:2c:57:1b:14:e3:91:ee:3b:28:6c:3d:
4c:ee:46:6d:de:e5:90:a3:f2:3d:ca:ff:1d:b5:b8:
06:73:70:09:d0:12:6f:e7:6d:50:bd:6a:6a:1b:a1:
86:4e:46:73:88:66:8c:59:c8:4f:1e:67:1f:55:ce:
08:24:17:3f:fd:5d:87:29:6a:06:be:52:12:eb:ad:
5d:a2:a9:f8:ed:b6:49:ce:5b:b1:c4:6c:23:06:a8:
c2:59:dd:ad:ac:eb:cc:a7:69:cf:be:a9:5c:f2:c6:
b6:8c:7a:1f:bc:49:2a:ed:aa:f3:2e:ff:ab:ef:6d:
a2:22:34:4c:f1:5c:31:56:f7:33:8d:c5:14:60:0c:
66:9c:b1:50:0b:44:64:16:70:43:bf:ff:5b:3c:31:
16:b2:16:7e:71:59:b9:93:48:11:d7:db:e5:d2:e5:
ed:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B2:92:F6:EC:68:87:1E:6A:CB:03:1F:03:BA:F1:1C:7E:18:B1:C5
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/67KS9uxohx5qywMfA7rxHH4YscU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.32.0/20
94.131.128.0-94.131.175.255
95.164.124.0/22
95.164.176.0/20
95.164.208.0/20
Signature Algorithm: sha256WithRSAEncryption
68:56:ce:1d:a6:7e:4d:dd:37:d1:23:0d:a7:80:87:de:45:2c:
37:90:d4:69:36:7c:30:ad:69:fe:6e:8e:9e:ae:95:49:dd:a0:
6d:13:bf:9a:84:2f:27:20:02:1a:71:14:31:19:e6:33:61:c1:
0f:17:24:9a:49:df:cc:e7:2d:c8:0a:1c:d4:82:a2:be:6b:89:
cc:19:ee:94:be:22:ad:98:d7:62:72:34:1d:c4:2d:51:f9:6e:
9a:52:af:ed:de:e2:db:36:37:68:89:0d:b2:07:f0:08:0e:91:
59:6d:06:e4:ad:69:b3:b7:01:34:6f:5a:1a:87:26:ef:79:cd:
b0:83:b3:c1:c3:4d:a5:1d:34:17:66:8e:e8:98:ce:31:b4:84:
23:13:24:20:4f:bd:1e:69:6c:88:2e:c5:4e:38:21:a9:0c:6a:
23:84:d3:f5:6a:37:39:ee:27:d6:91:71:ac:3c:dd:4b:14:90:
29:4d:be:44:43:0f:e0:e3:3d:eb:7e:73:7d:00:1e:28:c9:fe:
3e:bb:58:f0:35:04:41:e5:8c:a6:40:76:e7:ec:81:0c:ed:88:
43:16:86:13:d1:c8:e6:61:97:c0:be:e8:c0:f9:20:fa:2a:ce:
b3:2e:51:da:a3:21:18:1e:6f:85:c4:b7:67:e7:c2:70:a2:54:
7c:4b:9d:34
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQks7Tsfho5t//kCwuqirXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmIyOTJmNmVjNjg4NzFlNmFjYjAzMWYwM2JhZjExYzdlMThiMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5GBrcML6PToZQF2GRvRMY4hXDct
oqOfx5kZqwz2aetEQXmu5nxpIUa+NLvaf+dgX9U4nwCypGvzEbyZ4tkLZtniXRXU
xUgRWZU3yRtoLD3xit+jTXaoQvXPPJthLFcbFOOR7jsobD1M7kZt3uWQo/I9yv8d
tbgGc3AJ0BJv521QvWpqG6GGTkZziGaMWchPHmcfVc4IJBc//V2HKWoGvlIS661d
oqn47bZJzluxxGwjBqjCWd2trOvMp2nPvqlc8sa2jHofvEkq7arzLv+r722iIjRM
8VwxVvczjcUUYAxmnLFQC0RkFnBDv/9bPDEWshZ+cVm5k0gR19vl0uXt4wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOuykvbsaIceassDHwO68Rx+GLHFMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNjdLUzl1eG9oeDVxeXdNZkE3cnhISDRZc2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEXoMgMAwD
BAdeg4ADBAReg6ADBAJfpHwDBARfpLADBARfpNAwDQYJKoZIhvcNAQELBQADggEB
AGhWzh2mfk3dN9EjDaeAh95FLDeQ1Gk2fDCtaf5ujp6ulUndoG0Tv5qELycgAhpx
FDEZ5jNhwQ8XJJpJ38znLcgKHNSCor5ricwZ7pS+Iq2Y12JyNB3ELVH5bppSr+3e
4ts2N2iJDbIH8AgOkVltBuStabO3ATRvWhqHJu95zbCDs8HDTaUdNBdmjuiYzjG0
hCMTJCBPvR5pbIguxU44IakMaiOE0/VqNznuJ9aRcaw83UsUkClNvkRDD+DjPet+
c30AHijJ/j67WPA1BEHljKZAdufsgQztiEMWhhPRyOZhl8C+6MD5IPoqzrMuUdqj
IRgeb4XEt2fnwnCiVHxLnTQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:23:03 2025 by rpki-client