Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/r35yid910YnMRVJ0dohWLbFg9fA.roa
File: r35yid910YnMRVJ0dohWLbFg9fA.roa (raw, json)
Hash identifier: R0fRzKPoSAK4VI2tCDaL9PTR+axXctfnY3qc7wzVVJQ=
Subject key identifier: AF:7E:72:89:DF:75:D1:89:CC:45:52:74:76:88:56:2D:B1:60:F5:F0
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01942444E1ECF5F26C2E554BD7E7A367EF66
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/r35yid910YnMRVJ0dohWLbFg9fA.roa
Signing time: Wed 01 Jan 2025 23:48:01 +0000
ROA not before: Wed 01 Jan 2025 23:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207333
IP address blocks: 31.14.27.0/24 maxlen: 24
86.107.44.0/24 maxlen: 24
86.107.45.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
89.33.41.0/24 maxlen: 24
89.35.124.0/24 maxlen: 24
89.35.125.0/24 maxlen: 24
89.46.33.0/24 maxlen: 24
89.46.34.0/24 maxlen: 24
92.114.7.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.113.132.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
2a06:940::/48 maxlen: 48
2a06:940:2::/48 maxlen: 48
2a06:942::/48 maxlen: 48
2a06:942:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e1:ec:f5:f2:6c:2e:55:4b:d7:e7:a3:67:ef:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 23:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af7e7289df75d189cc4552747688562db160f5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:7c:1b:ab:ff:2f:4e:44:c5:5e:fa:00:3b:
7c:c3:54:c5:1f:c8:a8:32:a2:35:c0:95:27:70:4c:
5c:a1:2d:d4:fa:0d:d3:17:47:07:66:08:04:76:8e:
67:de:1e:1b:a9:da:02:5a:68:58:fe:34:56:ce:27:
41:d3:e3:8b:d3:8c:fc:6e:be:37:74:47:02:35:b5:
84:48:16:61:a3:e0:13:eb:fa:e9:c7:a5:e4:97:10:
ef:34:0d:f1:f3:96:e6:48:e8:a4:4d:74:66:bb:6a:
c2:31:6a:d4:c9:db:b5:5f:28:06:12:32:b5:e6:18:
e4:62:b3:06:4a:db:49:13:28:28:f1:9d:ce:79:a8:
b8:61:84:4e:96:1a:54:cc:4d:74:8e:c9:8e:f3:a5:
be:ad:54:f1:a1:f1:a5:30:43:cc:e2:f0:f0:a6:14:
c8:99:99:fc:e0:52:71:11:b3:54:60:7f:a2:08:56:
a7:e2:51:cd:26:fb:b6:4f:20:e7:f3:29:2d:76:4b:
b5:e0:0b:10:23:cf:17:d5:a6:b2:16:22:b2:dd:4e:
85:98:eb:36:cb:60:4e:b0:d8:06:1f:b6:0a:5b:b1:
8b:11:ca:07:13:28:4a:06:f7:e9:a0:03:b6:63:cb:
eb:61:2c:d3:22:7a:1d:a5:7e:e9:86:89:6f:ff:d2:
93:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7E:72:89:DF:75:D1:89:CC:45:52:74:76:88:56:2D:B1:60:F5:F0
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/r35yid910YnMRVJ0dohWLbFg9fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.35.124.0/23
89.46.33.0-89.46.34.255
92.114.7.0/24
185.98.5.0-185.98.7.255
185.100.64.0/23
185.100.67.0/24
185.111.104.0/22
185.113.132.0/24
185.113.134.0/23
185.121.80.0/22
185.125.89.0/24
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/48
2a06:940:2::/48
2a06:942::/48
2a06:942:2::/48
Signature Algorithm: sha256WithRSAEncryption
71:2f:f4:1b:94:91:07:25:c9:c2:02:2c:2f:b3:6d:73:01:6e:
8e:0e:c5:59:c6:21:e7:26:8c:75:0a:5e:54:02:3d:53:8a:07:
3b:e0:30:1d:a2:9b:5f:29:e7:65:c7:97:95:a4:e4:90:04:fe:
c1:a6:30:5b:4d:5b:b5:ca:2b:5a:c4:0c:0f:c1:a2:d2:d2:97:
51:59:9d:80:6d:14:19:23:b1:85:75:0b:ad:d2:78:83:3b:d7:
0e:d6:af:39:89:9d:9c:c2:9a:5a:22:67:91:08:55:29:ff:77:
02:3d:0d:16:d9:e4:46:3f:e9:eb:d7:40:b8:63:99:f5:01:c1:
f5:c2:11:47:ca:21:30:b2:99:45:60:61:fa:1c:3d:a3:6a:51:
7e:63:6a:13:f0:1e:86:5f:1a:d0:aa:9c:4f:8b:38:63:8e:65:
52:78:db:48:94:f9:f3:de:a7:f7:c7:52:15:1a:1c:3c:5f:9c:
b3:35:18:f5:3a:55:64:22:a1:62:1a:d8:2b:4b:8d:f9:45:97:
c1:25:66:d7:a9:00:30:76:cb:4e:8f:23:f6:23:32:55:b5:aa:
32:3f:8a:19:85:c8:13:0a:7d:74:e4:8b:63:21:0f:e7:e5:ed:
15:f1:d5:45:47:4c:41:7d:f6:ea:d2:51:30:29:93:67:4c:76:
13:0d:4a:c8
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZQkROHs9fJsLlVL1+ejZ+9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwMTAxMjM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdlNzI4OWRmNzVkMTg5Y2M0NTUyNzQ3Njg4NTYyZGIxNjBmNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKV8G6v/L05ExV76ADt8w1TFH8io
MqI1wJUncExcoS3U+g3TF0cHZggEdo5n3h4bqdoCWmhY/jRWzidB0+OL04z8br43
dEcCNbWESBZho+AT6/rpx6XklxDvNA3x85bmSOikTXRmu2rCMWrUydu1XygGEjK1
5hjkYrMGSttJEygo8Z3Oeai4YYROlhpUzE10jsmO86W+rVTxofGlMEPM4vDwphTI
mZn84FJxEbNUYH+iCFan4lHNJvu2TyDn8yktdku14AsQI88X1aayFiKy3U6FmOs2
y2BOsNgGH7YKW7GLEcoHEyhKBvfpoAO2Y8vrYSzTInodpX7pholv/9KTVQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFK9+confddGJzEVSdHaIVi2xYPXwMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvcjM1eWlkOTEwWW5NUlZKMGRvaFdMYkZnOWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjB8BAIAATB2AwQAHw4b
AwQBVmssAwQBVmvGAwQAWSEpAwQBWSN8MAwDBABZLiEDBABZLiIDBABccgcwDAME
ALliBQMEA7liAAMEAblkQAMEALlkQwMEArlvaAMEALlxhAMEAblxhgMEArl5UAME
ALl9WQMEArmBMAMEAbzx2DAqBAIAAjAkAwcAKgYJQAAAAwcAKgYJQAACAwcAKgYJ
QgAAAwcAKgYJQgACMA0GCSqGSIb3DQEBCwUAA4IBAQBxL/QblJEHJcnCAiwvs21z
AW6ODsVZxiHnJox1Cl5UAj1Tigc74DAdoptfKedlx5eVpOSQBP7BpjBbTVu1yita
xAwPwaLS0pdRWZ2AbRQZI7GFdQut0niDO9cO1q85iZ2cwppaImeRCFUp/3cCPQ0W
2eRGP+nr10C4Y5n1AcH1whFHyiEwsplFYGH6HD2jalF+Y2oT8B6GXxrQqpxPizhj
jmVSeNtIlPnz3qf3x1IVGhw8X5yzNRj1OlVkIqFiGtgrS435RZfBJWbXqQAwdstO
jyP2IzJVtaoyP4oZhcgTCn105ItjIQ/n5e0V8dVFR0xBffbq0lEwKZNnTHYTDUrI
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:34:13 2025 by rpki-client