Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/xoh9FTAHs_hmP4K1CkQuj-ry8Ko.roa
File: xoh9FTAHs_hmP4K1CkQuj-ry8Ko.roa (raw, json)
Hash identifier: VOMsRj+nLvAw+FZepArV/G+EZzcMGSLvjHlntZp93WA=
Subject key identifier: C6:88:7D:15:30:07:B3:F8:66:3F:82:B5:0A:44:2E:8F:EA:F2:F0:AA
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 01957F949B40A37E6420492F9DDD52BE7A85
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/xoh9FTAHs_hmP4K1CkQuj-ry8Ko.roa
Signing time: Mon 10 Mar 2025 10:23:20 +0000
ROA not before: Mon 10 Mar 2025 10:23:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8612
IP address blocks: 82.84.0.0/15 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
84.220.0.0/15 maxlen: 15
84.220.0.0/16 maxlen: 24
84.221.0.0/16 maxlen: 24
94.32.0.0/19 maxlen: 24
94.32.64.0/18 maxlen: 24
94.32.115.0/24 maxlen: 24
94.32.128.0/17 maxlen: 24
94.34.0.0/16 maxlen: 24
94.35.0.0/16 maxlen: 24
193.43.2.0/24 maxlen: 24
193.207.24.0/23 maxlen: 23
193.207.26.0/24 maxlen: 24
193.207.48.0/20 maxlen: 24
193.207.64.0/18 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.128.0/17 maxlen: 22
195.130.224.0/19 maxlen: 19
212.123.64.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
213.205.0.251/32 maxlen: 32
217.73.208.0/21 maxlen: 22
2a01:7d0::/32 maxlen: 32
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0:4811::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:94:9b:40:a3:7e:64:20:49:2f:9d:dd:52:be:7a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Mar 10 10:23:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6887d153007b3f8663f82b50a442e8feaf2f0aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:95:01:b5:79:7d:e2:ad:bd:cf:4d:2f:be:
cc:39:f0:33:38:80:61:ba:3e:7e:30:7b:d6:92:09:
0a:cb:88:4c:76:55:75:8c:64:c6:e5:df:a9:eb:4b:
23:69:25:a9:fe:14:05:a0:c6:91:c7:5b:73:61:78:
3a:a8:9f:72:e6:1c:21:52:23:50:28:08:bc:42:36:
9b:8a:2e:a4:d8:b3:93:f6:e0:59:12:05:5a:d7:52:
02:af:a0:53:3d:e5:95:d4:6f:95:a3:32:70:64:ef:
c0:07:59:06:e9:18:47:33:0f:72:12:2c:7d:36:5e:
8b:a5:ea:cb:e7:3b:a0:7c:7d:40:c2:39:37:05:24:
1d:83:cb:31:77:ab:d4:ee:43:d6:e2:0d:f5:72:11:
85:69:8e:27:10:dd:2f:b5:1b:93:a3:4c:0b:48:f0:
4e:0e:fc:81:73:66:1b:0c:9b:fb:92:85:9f:1c:cd:
cf:ac:75:4e:43:1e:54:86:f3:cc:fb:b4:57:38:7b:
0b:5c:df:78:a5:ca:c1:dc:fb:44:6e:c7:90:e9:a9:
0b:c7:20:87:dc:6b:a5:bc:89:07:18:3f:34:39:0e:
8c:cb:90:02:5b:ec:3e:ab:e1:39:c9:f5:a3:b9:7b:
c1:86:35:2f:af:72:72:89:8d:7e:00:63:18:94:6d:
5f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:88:7D:15:30:07:B3:F8:66:3F:82:B5:0A:44:2E:8F:EA:F2:F0:AA
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/xoh9FTAHs_hmP4K1CkQuj-ry8Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/19
94.32.64.0-94.32.255.255
94.34.0.0/15
193.43.2.0/24
193.207.24.0-193.207.26.255
193.207.48.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/21
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
37:3c:e5:7b:9d:f0:f5:b8:36:92:b4:a5:fe:21:a5:42:e3:e2:
89:96:d9:73:b6:c2:39:67:cc:78:a0:1f:27:e1:e4:0d:7b:dc:
36:d4:b6:18:b9:47:21:d5:9c:13:60:57:98:4e:a2:44:9f:7b:
b1:f2:15:01:46:0b:c8:66:8f:47:93:1a:78:f2:d3:af:23:72:
24:3b:6c:90:0a:c4:b0:a1:0f:9f:be:6a:76:04:53:69:cb:d7:
20:83:97:f2:fb:97:12:36:dd:46:cd:33:03:d6:8d:d9:84:ec:
ef:ed:2b:ea:d2:7a:4a:94:7f:f0:c0:db:23:57:dd:0b:fd:f7:
d1:bc:a3:95:87:78:aa:50:1a:26:36:fa:93:2d:14:eb:88:fd:
4b:8a:17:74:dc:e4:6f:2a:06:b3:6e:07:aa:fe:cd:45:5e:2b:
51:43:6c:8f:a0:47:fa:e4:86:85:6e:b5:d3:8a:68:1d:4c:50:
07:68:6c:40:ca:e8:8e:24:a6:f8:75:79:dc:07:a5:cc:1c:07:
ac:4b:22:55:43:36:f4:1b:a5:e5:8b:ea:31:d4:c8:fb:ec:c7:
83:d2:05:96:1b:9d:51:01:a4:c5:75:74:55:76:1b:7b:ac:df:
57:c8:c7:5c:29:f3:61:42:e0:97:09:d7:e6:6a:a2:39:ba:55:
ed:d8:f0:36
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZV/lJtAo35kIEkvnd1SvnqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwMzEwMTAyMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg4N2QxNTMwMDdiM2Y4NjYzZjgyYjUwYTQ0MmU4ZmVhZjJmMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybGVAbV5feKtvc9NL77MOfAzOIBh
uj5+MHvWkgkKy4hMdlV1jGTG5d+p60sjaSWp/hQFoMaRx1tzYXg6qJ9y5hwhUiNQ
KAi8Qjabii6k2LOT9uBZEgVa11ICr6BTPeWV1G+VozJwZO/AB1kG6RhHMw9yEix9
Nl6LperL5zugfH1Awjk3BSQdg8sxd6vU7kPW4g31chGFaY4nEN0vtRuTo0wLSPBO
DvyBc2YbDJv7koWfHM3PrHVOQx5UhvPM+7RXOHsLXN94pcrB3PtEbseQ6akLxyCH
3GulvIkHGD80OQ6My5ACW+w+q+E5yfWjuXvBhjUvr3JyiY1+AGMYlG1fhQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFMaIfRUwB7P4Zj+CtQpELo/q8vCqMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEveG9oOUZUQUhzX2htUDRLMUNrUXVqLXJ5OEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwYQQCAAEwWwMDAVJUAwMB
VNwDBAVeIAAwCwMEBl4gQAMDAF4gAwMBXiIDBADBKwIwDAMEA8HPGAMEAMHPGjAL
AwQEwc8wAwMEwcADBAXDguADBAXUe0ADBAbVzQADBAPZSdAwDQQCAAIwBwMFACoB
B9AwDQYJKoZIhvcNAQELBQADggEBADc85Xud8PW4NpK0pf4hpULj4omW2XO2wjln
zHigHyfh5A173DbUthi5RyHVnBNgV5hOokSfe7HyFQFGC8hmj0eTGnjy068jciQ7
bJAKxLChD5++anYEU2nL1yCDl/L7lxI23UbNMwPWjdmE7O/tK+rSekqUf/DA2yNX
3Qv999G8o5WHeKpQGiY2+pMtFOuI/UuKF3Tc5G8qBrNuB6r+zUVeK1FDbI+gR/rk
hoVutdOKaB1MUAdobEDK6I4kpvh1edwHpcwcB6xLIlVDNvQbpeWL6jHUyPvsx4PS
BZYbnVEBpMV1dFV2G3us31fIx1wp82FC4JcJ1+Zqojm6Ve3Y8DY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:44:10 2025 by rpki-client