Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/eDgDXUFrSK7xUZkPtBuSB2bzf-g.roa
File: eDgDXUFrSK7xUZkPtBuSB2bzf-g.roa (raw, json)
Hash identifier: EmMIdVFxxDw1T5QOtxoH7PieLIsGiM73XYNo7gIlAMg=
Subject key identifier: 78:38:03:5D:41:6B:48:AE:F1:51:99:0F:B4:1B:92:07:66:F3:7F:E8
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 01942067BA34CEE24B045BCBFA8ABD16E386
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/eDgDXUFrSK7xUZkPtBuSB2bzf-g.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210021
IP address blocks: 31.14.228.0/22 maxlen: 22
31.14.228.0/24 maxlen: 24
31.14.229.0/24 maxlen: 24
31.14.230.0/24 maxlen: 24
31.14.231.0/24 maxlen: 24
86.105.144.0/24 maxlen: 24
86.105.145.0/24 maxlen: 24
86.105.146.0/24 maxlen: 24
86.105.147.0/24 maxlen: 24
185.206.80.0/22 maxlen: 22
185.206.80.0/24 maxlen: 24
185.206.81.0/24 maxlen: 24
185.206.82.0/24 maxlen: 24
185.206.83.0/24 maxlen: 24
185.206.172.0/22 maxlen: 22
185.206.172.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
185.206.174.0/24 maxlen: 24
185.206.175.0/24 maxlen: 24
2a05:27c0::/48 maxlen: 48
2a05:27c0:1::/48 maxlen: 48
2a05:27c0:2::/48 maxlen: 64
2a05:27c0:3::/48 maxlen: 64
2a05:27c0:4::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ba:34:ce:e2:4b:04:5b:cb:fa:8a:bd:16:e3:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7838035d416b48aef151990fb41b920766f37fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:e5:6e:da:99:45:b2:2d:fc:72:5f:25:e3:
1b:ab:91:ca:2c:d8:51:33:fb:ca:56:a2:e7:66:48:
b7:36:10:9e:e2:c9:bd:5f:3a:43:0a:f8:b2:6e:30:
37:9d:18:3e:e0:1c:1c:d3:bd:04:aa:47:c5:de:d0:
9b:ba:6f:cf:fd:cf:c4:d0:1b:7a:6a:0e:ae:88:67:
3f:dd:b7:7d:9d:a0:7c:ab:94:82:0e:06:8d:29:9b:
7a:86:be:f7:3a:d4:d6:39:e7:43:0c:bb:66:30:2a:
59:95:7a:7c:28:e4:dc:fa:ee:40:f0:1b:7b:60:d6:
ce:bb:51:4f:e2:c0:0d:f1:7f:1c:b0:15:e7:78:47:
42:7e:45:d5:8a:70:c7:ad:45:00:a3:d7:9f:96:2b:
04:09:b0:28:39:bf:59:32:e4:99:b0:f5:90:ac:98:
7f:d5:d4:1f:a2:dd:3e:00:1a:ed:77:63:26:6b:f3:
f5:d8:d3:83:0b:8a:81:a0:e7:76:5e:b8:94:c3:86:
ff:6c:87:43:6b:f9:a6:c5:5e:5d:7e:ba:64:6e:a1:
9e:c7:33:15:70:dd:48:72:9f:56:3d:21:b8:19:0f:
a7:d4:55:79:b4:4f:3e:c5:9f:c8:11:fa:40:f0:92:
42:e0:16:f4:57:a4:69:56:15:a0:60:cf:a5:d6:43:
ec:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:38:03:5D:41:6B:48:AE:F1:51:99:0F:B4:1B:92:07:66:F3:7F:E8
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/eDgDXUFrSK7xUZkPtBuSB2bzf-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
185.206.80.0/22
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
24:1d:28:7a:c1:95:4d:59:61:fd:5c:66:15:58:69:2f:b7:32:
e5:a1:96:f8:04:96:9a:6d:04:da:95:91:fd:f7:e3:71:08:e9:
a1:7f:08:00:2b:cb:a8:2a:a3:a5:5b:61:aa:c4:c0:5d:3a:bd:
f2:ba:81:76:04:f7:c9:45:e7:df:ff:35:f1:20:6e:c2:39:c7:
17:b1:20:53:36:08:56:d0:f5:ca:34:a0:3e:4b:2e:cc:cb:74:
3a:0e:08:75:fd:b9:b6:85:a5:de:92:57:d6:67:66:4a:26:3b:
a0:6c:88:80:1c:d6:ee:42:cd:39:0e:ce:c0:fe:18:ff:b8:4c:
28:1c:50:dd:66:a2:8d:95:45:24:9c:5a:e6:8a:5a:e9:02:99:
9d:bd:7b:46:26:43:0d:44:34:e6:70:36:ce:60:af:a0:78:f7:
05:78:b3:f5:81:7b:c3:6d:e6:42:ea:1b:96:51:a1:dc:5f:0d:
b2:61:01:dd:7f:46:61:5a:da:14:ed:ec:44:5e:a2:fb:06:f7:
c6:09:43:79:c7:c6:65:0e:16:12:92:51:ae:3c:99:03:2d:6f:
e1:a0:ba:ed:29:2d:77:cc:db:38:e3:e5:fd:7f:1c:23:c9:dc:
f7:14:6f:80:62:52:7d:d4:d8:f0:a7:56:34:8c:a4:71:fe:31:
a4:af:b4:33
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQgZ7o0zuJLBFvL+oq9FuOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODM4MDM1ZDQxNmI0OGFlZjE1MTk5MGZiNDFiOTIwNzY2ZjM3ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0PlbtqZRbIt/HJfJeMbq5HKLNhR
M/vKVqLnZki3NhCe4sm9XzpDCviybjA3nRg+4Bwc070EqkfF3tCbum/P/c/E0Bt6
ag6uiGc/3bd9naB8q5SCDgaNKZt6hr73OtTWOedDDLtmMCpZlXp8KOTc+u5A8Bt7
YNbOu1FP4sAN8X8csBXneEdCfkXVinDHrUUAo9eflisECbAoOb9ZMuSZsPWQrJh/
1dQfot0+ABrtd2Mma/P12NODC4qBoOd2XriUw4b/bIdDa/mmxV5dfrpkbqGexzMV
cN1Icp9WPSG4GQ+n1FV5tE8+xZ/IEfpA8JJC4Bb0V6RpVhWgYM+l1kPsBwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHg4A11Ba0iu8VGZD7Qbkgdm83/oMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvZURnRFhVRnJTSzd4VVprUHRCdVNCMmJ6Zi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCHw7kAwQC
VmmQAwQCuc5QAwQCuc6sMBgEAgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZI
hvcNAQELBQADggEBACQdKHrBlU1ZYf1cZhVYaS+3MuWhlvgElpptBNqVkf3343EI
6aF/CAAry6gqo6VbYarEwF06vfK6gXYE98lF59//NfEgbsI5xxexIFM2CFbQ9co0
oD5LLszLdDoOCHX9ubaFpd6SV9ZnZkomO6BsiIAc1u5CzTkOzsD+GP+4TCgcUN1m
oo2VRSScWuaKWukCmZ29e0YmQw1ENOZwNs5gr6B49wV4s/WBe8Nt5kLqG5ZRodxf
DbJhAd1/RmFa2hTt7EReovsG98YJQ3nHxmUOFhKSUa48mQMtb+Gguu0pLXfM2zjj
5f1/HCPJ3PcUb4BiUn3U2PCnVjSMpHH+MaSvtDM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:45 2025 by rpki-client