Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/epUYONx2mMHAiQMdD14emQB7r-U.roa
File: epUYONx2mMHAiQMdD14emQB7r-U.roa (raw, json)
Hash identifier: SxHE/bA3BxkoeRagJK9EC66MO/tpuAW/+EUlbcMxgZM=
Subject key identifier: 7A:95:18:38:DC:76:98:C1:C0:89:03:1D:0F:5E:1E:99:00:7B:AF:E5
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 01942368D4CE660032EBE92174D966A6B9C6
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/epUYONx2mMHAiQMdD14emQB7r-U.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207728
IP address blocks: 31.10.5.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
31.210.172.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
46.28.234.0/24 maxlen: 24
62.204.42.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
93.88.75.0/24 maxlen: 24
104.192.42.0/24 maxlen: 24
185.162.8.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.204.52.0/24 maxlen: 24
194.146.127.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d4:ce:66:00:32:eb:e9:21:74:d9:66:a6:b9:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a951838dc7698c1c089031d0f5e1e99007bafe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dd:ef:28:c5:88:30:97:ca:8c:8a:47:4e:89:
10:09:95:03:9d:e6:9a:af:21:03:84:de:6d:b0:ff:
33:4c:a4:e9:aa:10:ce:8e:b2:90:19:e3:86:53:56:
7a:ff:2c:31:2b:a6:dd:74:9f:4a:42:a7:18:b7:34:
12:ec:a2:6f:6f:7d:61:0c:f8:3b:e7:03:48:f9:82:
1e:0e:76:6d:34:cd:13:e2:67:ff:e8:d0:11:4b:79:
d6:ad:ce:9e:5d:72:e0:d5:66:09:04:37:92:1a:04:
d7:14:44:3d:bd:98:fa:20:a0:6d:3f:31:e6:71:27:
ed:cf:d4:42:54:0d:e0:8a:67:49:00:81:b8:5d:1c:
99:1b:aa:10:94:29:d8:96:2d:b5:2c:84:43:86:77:
a0:59:70:7a:63:81:f3:64:e3:1a:4d:85:ab:f8:0e:
e5:8f:a9:de:20:3b:a9:f3:8e:8c:28:75:54:f3:a7:
55:5d:35:43:1b:91:ba:7e:ef:99:83:ff:c4:11:ef:
1e:0f:97:11:e2:dc:3e:de:52:ad:db:36:2c:b1:48:
ca:fd:c5:52:f8:57:fe:aa:7c:f4:f5:f3:27:9e:3a:
cc:8f:22:6a:ad:ba:26:f8:fc:58:46:80:10:94:86:
0a:a6:00:13:77:25:ff:bd:64:1d:aa:6e:bf:af:16:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:95:18:38:DC:76:98:C1:C0:89:03:1D:0F:5E:1E:99:00:7B:AF:E5
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/epUYONx2mMHAiQMdD14emQB7r-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0-31.210.173.255
46.28.234.0/24
62.204.42.0/24
87.236.177.0/24
93.88.74.0/23
104.192.42.0/24
185.162.8.0/23
185.162.11.0/24
185.204.52.0/24
194.146.127.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:a1:6b:57:38:c3:c5:61:92:cd:1d:ca:a7:13:7a:1b:af:ea:
07:42:dc:56:36:e5:85:b3:1e:e0:2f:d6:cf:14:26:a0:85:de:
15:03:94:04:58:bc:45:eb:51:2f:f8:fb:b0:37:f2:36:49:d3:
f9:38:e3:ea:2e:b2:02:5c:97:d6:e0:3b:9f:90:e6:9d:43:79:
93:fd:cc:9d:88:3d:55:62:85:9d:f5:5c:40:37:83:76:be:ab:
87:74:15:f8:2f:9b:95:23:70:f9:3e:80:e9:19:c5:29:33:cf:
7b:6c:8b:ef:b3:6b:64:15:bb:91:99:e1:d0:8b:c8:3d:2e:2c:
4e:ab:9f:2c:93:bd:3d:90:a9:87:f3:91:62:36:84:b4:fc:01:
53:ff:76:47:9d:69:1c:f0:ce:0f:0d:27:02:a9:73:05:77:36:
e6:01:85:51:52:af:8b:2b:0e:d7:94:b1:e2:af:88:b6:af:61:
1e:dc:61:d3:00:ca:2a:ce:af:63:ef:a9:f7:77:ab:35:f8:c2:
05:b7:29:ad:a2:54:1c:9a:f0:ff:ea:88:0e:18:bb:16:34:e4:
06:ac:97:c8:d1:6c:5d:aa:2f:47:e0:be:6c:36:95:cd:0c:7d:
2b:15:e5:89:8f:fc:e0:73:ba:d8:2c:a4:c8:19:93:2e:a3:f3:
01:17:a6:ae
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQjaNTOZgAy6+khdNlmprnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk1MTgzOGRjNzY5OGMxYzA4OTAzMWQwZjVlMWU5OTAwN2JhZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu93vKMWIMJfKjIpHTokQCZUDneaa
ryEDhN5tsP8zTKTpqhDOjrKQGeOGU1Z6/ywxK6bddJ9KQqcYtzQS7KJvb31hDPg7
5wNI+YIeDnZtNM0T4mf/6NARS3nWrc6eXXLg1WYJBDeSGgTXFEQ9vZj6IKBtPzHm
cSftz9RCVA3gimdJAIG4XRyZG6oQlCnYli21LIRDhnegWXB6Y4HzZOMaTYWr+A7l
j6neIDup846MKHVU86dVXTVDG5G6fu+Zg//EEe8eD5cR4tw+3lKt2zYssUjK/cVS
+Ff+qnz09fMnnjrMjyJqrbom+PxYRoAQlIYKpgATdyX/vWQdqm6/rxb+swIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFHqVGDjcdpjBwIkDHQ9eHpkAe6/lMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvZXBVWU9OeDJtTUhBaVFNZEQxNGVtUUI3ci1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQAHwoFMAwD
BAEf0qoDBAEf0qwDBAAuHOoDBAA+zCoDBABX7LEDBAFdWEoDBABowCoDBAG5oggD
BAC5ogsDBAC5zDQDBADCkn8wDQQCAAIwBwMFAyoSnMAwDQYJKoZIhvcNAQELBQAD
ggEBAI2ha1c4w8Vhks0dyqcTehuv6gdC3FY25YWzHuAv1s8UJqCF3hUDlARYvEXr
US/4+7A38jZJ0/k44+ousgJcl9bgO5+Q5p1DeZP9zJ2IPVVihZ31XEA3g3a+q4d0
Ffgvm5UjcPk+gOkZxSkzz3tsi++za2QVu5GZ4dCLyD0uLE6rnyyTvT2QqYfzkWI2
hLT8AVP/dkedaRzwzg8NJwKpcwV3NuYBhVFSr4srDteUseKviLavYR7cYdMAyirO
r2Pvqfd3qzX4wgW3Ka2iVBya8P/qiA4YuxY05Aasl8jRbF2qL0fgvmw2lc0MfSsV
5YmP/OBzutgspMgZky6j8wEXpq4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:35:38 2025 by rpki-client