Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/eEg129AjahVFZwXWvrV2fJi_L-k.roa
File: eEg129AjahVFZwXWvrV2fJi_L-k.roa (raw, json)
Hash identifier: FNcsILhZfM7MXfMq8Z+RmOL7SETSv7P7KBCxxPHf6O4=
Subject key identifier: 78:48:35:DB:D0:23:6A:15:45:67:05:D6:BE:B5:76:7C:98:BF:2F:E9
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: 019421438440C2EE8577084DE99BBDEFA63A
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/eEg129AjahVFZwXWvrV2fJi_L-k.roa
Signing time: Wed 01 Jan 2025 09:47:40 +0000
ROA not before: Wed 01 Jan 2025 09:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34916
IP address blocks: 85.204.193.0/24 maxlen: 24
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
86.105.226.0/24 maxlen: 24
86.106.27.0/24 maxlen: 24
89.35.250.0/23 maxlen: 23
89.42.118.0/23 maxlen: 23
89.44.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 21:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:84:40:c2:ee:85:77:08:4d:e9:9b:bd:ef:a6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Jan 1 09:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=784835dbd0236a15456705d6beb5767c98bf2fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:64:f7:ed:41:a1:62:89:9f:25:3b:35:54:
81:00:2a:e5:03:f1:a9:0b:06:9b:e1:93:14:b9:6c:
77:0f:f9:25:73:ab:b3:a8:06:00:41:ab:8f:4e:47:
94:cf:e1:3c:ca:9d:49:5b:98:d3:59:a5:54:e4:3e:
eb:06:41:fb:5a:61:33:d7:d8:29:db:cc:5e:b4:e9:
fd:39:9a:a5:0b:11:e7:ac:d4:bb:72:56:54:03:df:
94:1c:f8:35:7e:36:fa:e8:2b:d3:8c:4f:92:e6:e2:
82:ae:54:a1:75:ee:02:60:5e:28:fa:15:14:c2:09:
e0:9b:b9:73:b0:2a:b8:16:fe:45:e6:19:d7:32:42:
9d:5b:d0:b8:11:cd:87:60:a3:8a:89:dc:6b:d2:99:
12:ce:04:35:c6:98:f5:9a:a1:37:1a:dc:31:4f:a5:
41:f7:b5:88:14:cb:42:80:03:ab:39:d3:40:9f:af:
d9:45:d3:94:46:9c:6d:27:3b:5b:7a:a6:fa:32:70:
75:fa:23:18:a6:3e:10:44:7a:ce:6e:71:6f:03:15:
d6:ea:f4:78:c9:b7:b8:eb:c1:f0:19:6c:1f:8e:66:
e9:17:8a:61:3f:dd:ab:5a:74:1c:c1:73:06:0e:0c:
13:3f:51:34:09:9b:3f:05:71:5a:2a:fd:4f:24:3a:
f2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:48:35:DB:D0:23:6A:15:45:67:05:D6:BE:B5:76:7C:98:BF:2F:E9
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/eEg129AjahVFZwXWvrV2fJi_L-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.35.250.0/23
89.42.118.0/23
89.44.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:7b:1b:65:f7:6a:d6:5c:3b:1e:05:d1:ea:8b:1b:5a:92:c3:
7f:88:f6:2c:94:62:3a:43:2b:19:62:a8:d5:3e:4c:f1:d3:0b:
07:c5:0b:92:01:53:44:d6:d5:21:ac:82:dc:ff:73:bc:7e:32:
07:e3:61:e4:ce:6b:a4:81:4f:15:ca:9a:1f:3e:74:51:7f:0f:
ec:2a:a2:37:6f:b3:b0:fe:c7:34:e6:3f:2b:8e:12:18:6d:c9:
e1:81:e5:9f:fa:a1:14:d9:a9:42:51:c5:ab:04:7d:d2:0e:cf:
53:96:60:61:0b:a8:46:e1:70:e8:ef:14:52:37:8f:15:e6:09:
58:a2:c6:cf:f9:88:b0:81:c3:d4:51:8a:9b:1d:5c:02:38:71:
de:d1:0a:71:66:15:d5:81:ac:21:95:dc:ee:23:c9:1b:b7:f8:
b9:2f:a5:3f:10:dd:37:d0:8b:58:f7:df:98:cc:db:64:a7:3f:
e6:2c:a2:23:98:82:14:ad:c0:54:59:df:43:2b:51:24:14:1d:
0f:29:5c:f5:3a:7f:d7:f1:16:f2:0c:70:99:ff:4c:2a:de:6b:
31:25:63:7d:0f:a3:27:15:23:2b:ec:12:16:fc:f5:27:cf:62:
6b:a2:d6:e2:db:60:94:ca:e9:a5:ed:92:76:48:07:e4:a0:db:
c4:e1:32:fc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQhQ4RAwu6FdwhN6Zu976Y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTcwY2I4NDllMzgzNzQ1MWJkNzlhZjdkYzdlMDM1OTYz
ZTYwNDMwHhcNMjUwMTAxMDk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQ4MzVkYmQwMjM2YTE1NDU2NzA1ZDZiZWI1NzY3Yzk4YmYyZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IFk9+1BoWKJnyU7NVSBACrlA/Gp
Cwab4ZMUuWx3D/klc6uzqAYAQauPTkeUz+E8yp1JW5jTWaVU5D7rBkH7WmEz19gp
28xetOn9OZqlCxHnrNS7clZUA9+UHPg1fjb66CvTjE+S5uKCrlShde4CYF4o+hUU
wgngm7lzsCq4Fv5F5hnXMkKdW9C4Ec2HYKOKidxr0pkSzgQ1xpj1mqE3GtwxT6VB
97WIFMtCgAOrOdNAn6/ZRdOURpxtJztbeqb6MnB1+iMYpj4QRHrObnFvAxXW6vR4
ybe468HwGWwfjmbpF4phP92rWnQcwXMGDgwTP1E0CZs/BXFaKv1PJDry7wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHhINdvQI2oVRWcF1r61dnyYvy/pMB8GA1UdIwQY
MBaAFO+nDLhJ44N0Ub15r33H4DWWPmBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjIt
NTNhNjA0ODA3NjFkLzEvZUVnMTI5QWphaFZGWndYV3ZyVjJmSmlfTC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjItNTNhNjA0ODA3NjFk
LzEvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVczBAwQA
VmjnAwQBVmnMAwQAVmniAwQAVmobAwQBWSP6AwQBWSp2AwQBWSzuMA0GCSqGSIb3
DQEBCwUAA4IBAQCnextl92rWXDseBdHqixtaksN/iPYslGI6QysZYqjVPkzx0wsH
xQuSAVNE1tUhrILc/3O8fjIH42HkzmukgU8VypofPnRRfw/sKqI3b7Ow/sc05j8r
jhIYbcnhgeWf+qEU2alCUcWrBH3SDs9TlmBhC6hG4XDo7xRSN48V5glYosbP+Yiw
gcPUUYqbHVwCOHHe0QpxZhXVgawhldzuI8kbt/i5L6U/EN030ItY99+YzNtkpz/m
LKIjmIIUrcBUWd9DK1EkFB0PKVz1On/X8RbyDHCZ/0wq3msxJWN9D6MnFSMr7BIW
/PUnz2Jrotbi22CUyuml7ZJ2SAfkoNvE4TL8
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:55:34 2025 by rpki-client