Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/EKLQu7iYylRaZbkh51ntRdvQ1sc.roa
File: EKLQu7iYylRaZbkh51ntRdvQ1sc.roa (raw, json)
Hash identifier: RK+Kru3PnFxl9Ll91ljugGNNYfjxqJD6II7naH011aw=
Subject key identifier: 10:A2:D0:BB:B8:98:CA:54:5A:65:B9:21:E7:59:ED:45:DB:D0:D6:C7
Certificate issuer: /CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Certificate serial: 0194228DF174752CB0D8A41C9FBF8C6F9D89
Authority key identifier: 86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/EKLQu7iYylRaZbkh51ntRdvQ1sc.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44832
IP address blocks: 185.148.92.0/22 maxlen: 22
199.255.112.0/22 maxlen: 22
206.225.20.0/22 maxlen: 22
212.24.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 18:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f1:74:75:2c:b0:d8:a4:1c:9f:bf:8c:6f:9d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10a2d0bbb898ca545a65b921e759ed45dbd0d6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:bd:90:e9:08:e4:c0:9b:e1:1a:42:9c:cd:
52:0c:03:61:86:f9:49:ea:45:e0:e5:25:9d:08:b9:
16:f6:40:6c:d1:58:63:12:2f:ce:ca:6f:1c:f9:33:
f3:a4:e5:ee:3e:35:bb:f4:c2:bd:4e:32:8a:08:ed:
cc:0f:7e:e6:82:75:92:1e:65:fe:d4:a7:6e:cf:de:
54:1b:4f:26:b1:e1:ec:50:5a:56:e4:28:e9:49:6f:
a9:6d:b4:63:14:8c:14:de:fd:fa:a2:c7:66:c2:0c:
15:c0:be:8f:2b:9e:5f:8a:ff:d8:c1:66:f8:9a:03:
f7:37:14:97:0c:14:27:5c:a6:73:eb:15:39:5a:58:
30:c9:b9:65:2f:08:8e:4f:59:bb:d0:f5:03:63:02:
f0:46:3b:7f:6f:cd:be:5a:c8:d2:77:57:70:16:7c:
22:96:04:cf:62:6b:43:5a:e7:2e:df:00:83:97:f4:
89:d9:9b:55:6a:cb:16:ed:e5:31:d3:53:b7:35:78:
33:80:de:b6:f5:5e:83:08:be:aa:7a:b0:76:e7:5d:
d8:76:7f:21:ac:b2:29:89:3f:45:7a:8d:1e:1d:ff:
2a:1b:8a:f5:99:a8:97:3b:62:47:48:7e:85:25:0d:
8d:b5:fa:69:86:a7:40:16:90:9e:ee:0a:f6:24:f9:
55:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A2:D0:BB:B8:98:CA:54:5A:65:B9:21:E7:59:ED:45:DB:D0:D6:C7
X509v3 Authority Key Identifier:
keyid:86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/EKLQu7iYylRaZbkh51ntRdvQ1sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.92.0/22
199.255.112.0/22
206.225.20.0/22
212.24.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:ec:ce:03:e7:c8:97:fd:f8:f0:95:54:31:e3:24:06:e6:97:
dc:ab:0f:0a:45:2a:f8:28:c3:fe:49:92:cb:28:d5:f2:b2:a1:
04:84:c3:fe:4f:1f:41:67:3b:68:6b:69:df:3d:c9:bc:40:db:
a4:08:8a:df:3e:f7:f2:da:d4:b1:51:f7:2e:23:6e:ce:0c:ca:
66:4b:1f:01:f2:1b:5e:c4:05:e4:41:98:92:b2:53:80:5f:0d:
a1:45:fe:3f:3e:46:f2:57:75:41:f4:e3:89:33:02:86:c9:b9:
b6:8e:8e:8b:02:01:77:4e:23:e7:df:cf:00:0e:98:34:25:73:
3e:6c:13:17:08:7a:c2:2f:ff:6e:ee:56:c4:12:4e:26:e6:63:
af:62:cf:12:20:b4:21:84:94:5a:ee:df:61:07:dd:92:81:b6:
8e:59:f4:99:ba:f0:4d:4b:f3:90:4d:a7:89:8a:f6:fe:35:6e:
16:b5:fa:df:7d:1b:02:83:56:82:ae:ed:e8:a6:d4:24:7c:25:
50:de:a0:52:7c:9a:87:72:e5:d0:66:09:19:a0:0c:00:bd:3b:
4c:8f:10:88:ee:1d:f0:1b:56:53:a1:2b:3f:1b:e7:af:07:33:
23:b9:55:15:60:7e:b4:a8:0c:fb:37:4f:fa:c2:9f:84:69:2f:
e5:c1:32:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijfF0dSyw2KQcn7+Mb52JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzZhNGUxNGE3MWRkZDUxMDE2NGI4NjMxYWQ5OWJiZmM3
NTk1M2EwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEyZDBiYmI4OThjYTU0NWE2NWI5MjFlNzU5ZWQ0NWRiZDBkNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEm9kOkI5MCb4RpCnM1SDANhhvlJ
6kXg5SWdCLkW9kBs0VhjEi/Oym8c+TPzpOXuPjW79MK9TjKKCO3MD37mgnWSHmX+
1Kduz95UG08mseHsUFpW5CjpSW+pbbRjFIwU3v36osdmwgwVwL6PK55fiv/YwWb4
mgP3NxSXDBQnXKZz6xU5WlgwybllLwiOT1m70PUDYwLwRjt/b82+WsjSd1dwFnwi
lgTPYmtDWucu3wCDl/SJ2ZtVassW7eUx01O3NXgzgN629V6DCL6qerB2513Ydn8h
rLIpiT9Feo0eHf8qG4r1maiXO2JHSH6FJQ2NtfpphqdAFpCe7gr2JPlV6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCi0Lu4mMpUWmW5IedZ7UXb0NbHMB8GA1UdIwQY
MBaAFIY2pOFKcd3VEBZLhjGtmbv8dZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjIt
MmY3Y2Y4NDQ2YTMxLzEvRUtMUXU3aVl5bFJhWmJraDUxbnRSZHZRMXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjItMmY3Y2Y4NDQ2YTMx
LzEvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuZRcAwQC
x/9wAwQCzuEUAwQC1Bh0MA0GCSqGSIb3DQEBCwUAA4IBAQBr7M4D58iX/fjwlVQx
4yQG5pfcqw8KRSr4KMP+SZLLKNXysqEEhMP+Tx9BZztoa2nfPcm8QNukCIrfPvfy
2tSxUfcuI27ODMpmSx8B8htexAXkQZiSslOAXw2hRf4/PkbyV3VB9OOJMwKGybm2
jo6LAgF3TiPn388ADpg0JXM+bBMXCHrCL/9u7lbEEk4m5mOvYs8SILQhhJRa7t9h
B92SgbaOWfSZuvBNS/OQTaeJivb+NW4WtfrffRsCg1aCru3optQkfCVQ3qBSfJqH
cuXQZgkZoAwAvTtMjxCI7h3wG1ZToSs/G+evBzMjuVUVYH60qAz7N0/6wp+EaS/l
wTJp
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:35:07 2025 by rpki-client