Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/EKnIHBjVrQVGKttI-rFo2gf2VFc.roa
File: EKnIHBjVrQVGKttI-rFo2gf2VFc.roa (raw, json)
Hash identifier: J3kh1NFjTixOap26aJDcz17JVV8gbZy6u7PZjGr/JnE=
Subject key identifier: 10:A9:C8:1C:18:D5:AD:05:46:2A:DB:48:FA:B1:68:DA:07:F6:54:57
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 0195CE3318D5069C0CDF8A0AF46ADC35A88D
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/EKnIHBjVrQVGKttI-rFo2gf2VFc.roa
Signing time: Tue 25 Mar 2025 16:46:49 +0000
ROA not before: Tue 25 Mar 2025 16:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.194.0/24 maxlen: 24
217.12.206.0/23 maxlen: 23
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:33:18:d5:06:9c:0c:df:8a:0a:f4:6a:dc:35:a8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Mar 25 16:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10a9c81c18d5ad05462adb48fab168da07f65457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:cd:de:ef:5a:c1:bc:ba:06:fa:fe:25:29:
6d:4c:b7:c5:c8:ff:75:57:34:4b:6c:0d:a9:3a:a6:
63:ca:a0:05:a7:f9:5f:ef:42:1b:0f:14:5f:76:ba:
cb:81:89:f7:cf:4d:ec:5f:5d:4b:d3:11:a2:1b:42:
e4:d7:14:ed:2a:79:6e:bd:d6:d6:7e:d7:5e:66:42:
c6:b3:8b:3d:01:fc:1b:71:bf:42:f1:76:10:48:f6:
7e:10:a1:03:a5:6b:a7:d6:2d:e6:24:63:1c:2a:76:
db:2b:c8:11:02:c5:cb:f2:1d:96:54:50:41:df:8c:
9b:12:20:00:fb:23:e2:64:1b:aa:d8:9e:1b:13:40:
76:c6:69:01:6e:2c:5a:f5:4c:9c:83:90:e4:ba:1c:
c5:90:9f:e6:61:3f:8f:6b:fe:61:9a:7e:7b:1f:3e:
61:69:63:71:22:d5:80:df:a9:7d:ca:0f:9f:7d:a0:
a9:0f:19:04:59:44:4a:87:6f:76:a9:4d:ea:d6:58:
ff:88:8f:5d:2f:41:64:06:03:80:02:5a:3c:ed:e0:
f7:80:d0:c5:73:7a:dd:ca:d4:e1:df:b4:ae:c5:cf:
59:cd:cd:5e:68:02:c0:a1:8d:d3:28:43:ba:88:a3:
7f:5e:3c:b7:28:77:93:50:56:a4:e7:2d:20:10:53:
d2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A9:C8:1C:18:D5:AD:05:46:2A:DB:48:FA:B1:68:DA:07:F6:54:57
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/EKnIHBjVrQVGKttI-rFo2gf2VFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
217.12.194.0/24
217.12.206.0/23
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:29:76:e1:12:6d:38:f1:fb:0e:84:73:c9:f8:ad:5d:0d:2a:
34:49:55:9f:9e:32:24:98:0c:26:83:8d:d4:6f:96:9f:06:a5:
a2:b1:9b:93:f9:46:b4:9e:18:e6:35:ad:43:4b:e4:63:66:32:
3a:0c:16:9b:6f:86:29:61:61:fb:76:de:10:13:27:31:7e:10:
67:3b:64:d7:c3:65:db:c7:4b:57:37:ff:d6:46:a3:99:76:58:
ab:92:ef:f7:3f:1e:7e:af:22:2f:ce:10:b2:d7:d4:6a:b8:9b:
64:51:77:7e:17:99:db:19:74:a4:5f:6d:68:6d:04:49:60:c4:
e1:27:26:d9:c1:81:46:1c:d7:82:50:4b:96:1b:26:1b:bc:9a:
cc:67:a3:dd:ff:91:5d:d8:e6:68:38:0b:89:69:77:1c:b2:5f:
30:37:86:53:6c:f8:96:31:81:e1:15:55:e0:05:9a:bd:42:23:
ad:78:55:a8:9b:ec:b3:d5:37:82:ff:1e:1b:48:a5:df:0d:92:
51:23:fd:36:5b:dd:2b:ad:1a:49:1a:d8:5d:33:d5:a6:08:20:
5e:90:32:f3:b0:f2:15:d3:9d:92:e0:5d:ba:a2:dc:10:4f:26:
92:01:51:11:45:97:1f:ca:f3:1a:11:8b:2e:d2:5e:78:ad:2a:
95:d8:42:f3
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZXOMxjVBpwM34oK9GrcNaiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMzI1MTY0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE5YzgxYzE4ZDVhZDA1NDYyYWRiNDhmYWIxNjhkYTA3ZjY1NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcPN3u9awby6Bvr+JSltTLfFyP91
VzRLbA2pOqZjyqAFp/lf70IbDxRfdrrLgYn3z03sX11L0xGiG0Lk1xTtKnluvdbW
ftdeZkLGs4s9Afwbcb9C8XYQSPZ+EKEDpWun1i3mJGMcKnbbK8gRAsXL8h2WVFBB
34ybEiAA+yPiZBuq2J4bE0B2xmkBbixa9Uycg5DkuhzFkJ/mYT+Pa/5hmn57Hz5h
aWNxItWA36l9yg+ffaCpDxkEWURKh292qU3q1lj/iI9dL0FkBgOAAlo87eD3gNDF
c3rdytTh37Suxc9Zzc1eaALAoY3TKEO6iKN/Xjy3KHeTUFak5y0gEFPSJQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFBCpyBwY1a0FRirbSPqxaNoH9lRXMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvRUtuSUhCalZyUVZHS3R0SS1yRm8yZ2YyVkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwSgQCAAEwRAMEAgUisAME
Ai1aOAMEAD7pOQMEAlJ1/AMEAlJ2FAMEAFVaxDAMAwQDw3voAwQDw3vwAwQCw9Ng
AwQA2QzCAwQB2QzOMCUEAgACMB8wDQMEAioFlAMFACoFlAYwDgMFBioSb8ADBQAq
Em/CMA0GCSqGSIb3DQEBCwUAA4IBAQB/KXbhEm048fsOhHPJ+K1dDSo0SVWfnjIk
mAwmg43Ub5afBqWisZuT+Ua0nhjmNa1DS+RjZjI6DBabb4YpYWH7dt4QEycxfhBn
O2TXw2Xbx0tXN//WRqOZdlirku/3Px5+ryIvzhCy19RquJtkUXd+F5nbGXSkX21o
bQRJYMThJybZwYFGHNeCUEuWGyYbvJrMZ6Pd/5Fd2OZoOAuJaXccsl8wN4ZTbPiW
MYHhFVXgBZq9QiOteFWom+yz1TeC/x4bSKXfDZJRI/02W90rrRpJGthdM9WmCCBe
kDLzsPIV052S4F26otwQTyaSAVERRZcfyvMaEYsu0l54rSqV2ELz
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:04:18 2025 by rpki-client