Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/EjNs4c7ExfB-Xn86trYUTIGxY9M.roa
File: EjNs4c7ExfB-Xn86trYUTIGxY9M.roa (raw, json)
Hash identifier: 5gdWhqxScCqY+ac2NlShb0emeLCeoscJIL/u5Z1pQss=
Subject key identifier: 12:33:6C:E1:CE:C4:C5:F0:7E:5E:7F:3A:B6:B6:14:4C:81:B1:63:D3
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 01953859C73AE7117E73389629613E5F3BBB
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/EjNs4c7ExfB-Xn86trYUTIGxY9M.roa
Signing time: Mon 24 Feb 2025 14:26:02 +0000
ROA not before: Mon 24 Feb 2025 14:26:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50812
IP address blocks: 91.193.106.0/24 maxlen: 24
91.193.107.0/24 maxlen: 24
91.224.6.0/24 maxlen: 24
91.224.7.0/24 maxlen: 24
185.30.48.0/24 maxlen: 24
185.145.32.0/22 maxlen: 22
193.105.252.0/24 maxlen: 24
194.110.164.0/22 maxlen: 22
194.116.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:59:c7:3a:e7:11:7e:73:38:96:29:61:3e:5f:3b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: Feb 24 14:26:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12336ce1cec4c5f07e5e7f3ab6b6144c81b163d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:1c:40:0c:57:27:d6:f3:56:be:f3:75:f2:
0b:e1:6b:57:20:07:93:1e:ac:52:5a:89:fa:70:8e:
87:29:69:ab:d7:de:8b:f1:b6:92:25:aa:15:7d:62:
c1:8a:01:0a:06:df:a6:1d:21:75:04:e2:5a:bf:6e:
e7:4a:89:82:3e:c0:fe:db:3c:ad:d1:6e:b3:66:41:
c9:f8:a3:9c:e2:ac:85:5c:ca:04:34:ad:af:76:ab:
3e:5d:3e:03:29:42:be:a5:b8:4c:ae:6d:a6:1e:a9:
14:10:15:26:3a:83:ca:ca:72:71:fa:92:04:a1:b1:
0f:af:e8:be:55:97:b6:d1:40:d8:36:fb:1c:5d:a0:
81:cc:88:f3:de:9e:57:a3:98:ef:21:31:9e:bc:63:
50:4d:eb:32:15:04:c6:ac:32:5d:b9:f8:a1:1d:ee:
fe:03:14:1e:70:16:97:1a:ca:48:dd:b6:f1:1c:fc:
91:f6:cb:db:73:29:fb:b8:e1:19:05:19:f9:4f:96:
07:27:74:85:02:da:c0:b9:e3:be:f2:7a:13:22:a9:
34:47:59:38:a7:96:ab:d6:63:33:40:91:49:6b:8e:
0e:fd:bd:12:74:f2:fa:3f:9d:57:54:38:e7:31:42:
08:eb:b9:8a:f2:e6:97:23:8d:65:96:c8:09:ac:28:
44:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:33:6C:E1:CE:C4:C5:F0:7E:5E:7F:3A:B6:B6:14:4C:81:B1:63:D3
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/EjNs4c7ExfB-Xn86trYUTIGxY9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.106.0/23
91.224.6.0/23
185.30.48.0/24
185.145.32.0/22
193.105.252.0/24
194.110.164.0/22
194.116.202.0/23
Signature Algorithm: sha256WithRSAEncryption
98:ca:d6:ab:32:4d:95:ba:31:ab:f6:b1:40:48:a5:a8:f4:53:
dc:d5:05:78:58:70:80:87:47:f2:9b:40:3d:ce:42:41:94:1f:
e8:6d:96:90:0a:47:ed:e6:01:95:75:a9:1b:59:cf:a0:05:10:
0c:e8:ae:a3:a1:b3:51:7f:ce:34:98:a7:e3:5f:e8:53:f7:81:
e8:5d:ca:4d:d7:32:8a:a6:00:61:73:a1:e3:83:fa:a4:79:f3:
36:ce:16:ce:57:5a:a5:9e:55:5b:33:db:b4:d0:4c:7e:ec:c3:
19:b2:47:cd:9c:db:1d:f7:08:64:29:d8:4d:18:86:39:6a:4c:
eb:22:28:2a:47:57:a6:29:3b:b2:2f:b2:f4:73:3e:d3:11:58:
07:8c:29:fb:42:a2:c1:22:b3:35:2c:cc:1b:4f:e2:90:42:89:
28:2d:b5:21:2a:20:7a:50:3f:5e:31:72:b4:16:85:2a:c8:64:
85:f1:f8:6f:11:6a:75:92:a6:ac:8c:e1:5c:43:9d:ac:42:b5:
03:fe:ca:b6:bb:da:0b:05:30:a7:d8:ff:48:be:5b:5e:c9:4e:
bf:82:e2:be:7e:1d:cd:b0:b5:4e:55:00:ad:3d:61:18:fc:f4:
23:b2:ee:9f:f2:b9:52:4f:0d:c0:f3:59:90:74:8e:93:b4:4c:
5f:86:c4:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZU4Wcc65xF+cziWKWE+Xzu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjUwMjI0MTQyNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjMzNmNlMWNlYzRjNWYwN2U1ZTdmM2FiNmI2MTQ0YzgxYjE2M2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwskcQAxXJ9bzVr7zdfIL4WtXIAeT
HqxSWon6cI6HKWmr196L8baSJaoVfWLBigEKBt+mHSF1BOJav27nSomCPsD+2zyt
0W6zZkHJ+KOc4qyFXMoENK2vdqs+XT4DKUK+pbhMrm2mHqkUEBUmOoPKynJx+pIE
obEPr+i+VZe20UDYNvscXaCBzIjz3p5Xo5jvITGevGNQTesyFQTGrDJdufihHe7+
AxQecBaXGspI3bbxHPyR9svbcyn7uOEZBRn5T5YHJ3SFAtrAueO+8noTIqk0R1k4
p5ar1mMzQJFJa44O/b0SdPL6P51XVDjnMUII67mK8uaXI41llsgJrChEzwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBIzbOHOxMXwfl5/Ora2FEyBsWPTMB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEvRWpOczRjN0V4ZkItWG44NnRyWVVUSUd4WTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBW8FqAwQB
W+AGAwQAuR4wAwQCuZEgAwQAwWn8AwQCwm6kAwQBwnTKMA0GCSqGSIb3DQEBCwUA
A4IBAQCYytarMk2VujGr9rFASKWo9FPc1QV4WHCAh0fym0A9zkJBlB/obZaQCkft
5gGVdakbWc+gBRAM6K6jobNRf840mKfjX+hT94HoXcpN1zKKpgBhc6Hjg/qkefM2
zhbOV1qlnlVbM9u00Ex+7MMZskfNnNsd9whkKdhNGIY5akzrIigqR1emKTuyL7L0
cz7TEVgHjCn7QqLBIrM1LMwbT+KQQokoLbUhKiB6UD9eMXK0FoUqyGSF8fhvEWp1
kqasjOFcQ52sQrUD/sq2u9oLBTCn2P9IvlteyU6/guK+fh3NsLVOVQCtPWEY/PQj
su6f8rlSTw3A81mQdI6TtExfhsRO
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:46 2025 by rpki-client