Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/_ewDBSdN1XCtbzExnLg3wXMuFn0.roa
File: _ewDBSdN1XCtbzExnLg3wXMuFn0.roa (raw, json)
Hash identifier: eAudFCewC3qCBD0LS0w2IBjc3otzYC+rHKbE5CFKfDw=
Subject key identifier: FD:EC:03:05:27:4D:D5:70:AD:6F:31:31:9C:B8:37:C1:73:2E:16:7D
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D9804867211E4C6DFB2E58C6F982E1
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/_ewDBSdN1XCtbzExnLg3wXMuFn0.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35661
IP address blocks: 45.157.116.0/22 maxlen: 24
185.10.16.0/22 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
194.147.97.0/24 maxlen: 24
194.147.105.0/24 maxlen: 24
194.147.109.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
2a0d:e680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:80:48:67:21:1e:4c:6d:fb:2e:58:c6:f9:82:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdec0305274dd570ad6f31319cb837c1732e167d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1d:99:8f:df:da:ad:d3:15:71:b3:0b:6a:dc:
d2:12:c6:1f:34:b3:c7:40:e7:60:25:72:8b:6b:70:
63:56:c0:27:65:0b:ef:66:0d:1e:2f:1c:65:54:da:
ba:1e:91:1e:cb:82:22:db:57:77:78:7c:0c:14:8c:
06:4b:6b:17:c0:70:ac:d0:f8:45:38:ee:c7:7f:e1:
6a:12:18:54:f5:59:97:c0:4f:0e:6b:cc:da:48:ef:
52:90:9b:ee:92:6a:72:56:9f:fc:33:5d:c8:b5:21:
15:10:54:4e:52:89:62:33:75:30:6b:45:1f:82:52:
96:f4:0d:d6:34:7b:06:e6:45:45:af:5f:6d:b5:36:
ef:c1:ee:21:1a:fd:51:1d:3d:6e:f1:e1:72:2a:51:
8d:49:a0:26:e6:81:23:53:e6:25:4e:62:28:07:1d:
0d:61:32:2f:0e:b0:0e:f1:60:fc:77:44:0d:f4:49:
6c:1e:d1:44:20:2c:02:b7:13:63:6e:6e:fe:6d:62:
27:81:41:32:74:9a:b9:25:35:3c:a7:83:6b:e9:31:
29:6e:46:fb:ef:c8:25:a2:42:9a:fe:6f:d1:1c:6e:
de:83:12:ea:3e:b8:5b:8a:d2:4c:e7:38:db:46:33:
9a:71:6d:37:07:35:09:2d:19:3c:ad:b0:3b:90:34:
58:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:EC:03:05:27:4D:D5:70:AD:6F:31:31:9C:B8:37:C1:73:2E:16:7D
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/_ewDBSdN1XCtbzExnLg3wXMuFn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
194.147.105.0/24
194.147.109.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/29
Signature Algorithm: sha256WithRSAEncryption
03:cf:b1:6e:d5:53:6d:75:4c:90:3d:f1:5f:ce:e4:97:37:2c:
59:14:70:c3:96:c4:ab:de:1d:46:5c:0d:d9:4b:44:92:e6:25:
f8:5b:8e:a8:7d:46:58:8f:1c:33:5d:b2:e4:62:25:32:6a:de:
df:21:a3:e0:63:f8:ab:8d:4e:91:f8:e9:b0:97:18:4c:01:bd:
5b:8b:eb:45:89:2e:3f:d3:56:88:17:0a:45:6b:c6:65:75:f9:
b5:bb:c3:00:ac:0a:cd:aa:23:24:b5:5b:28:02:81:30:0b:cb:
7a:de:c1:91:c3:b1:34:c8:db:04:0d:26:97:a1:d4:97:0e:41:
63:d6:d8:a1:1f:b2:d3:50:de:2a:be:d4:df:7e:d3:47:b6:f4:
b9:c8:d5:9a:30:7d:2f:39:3a:b6:6d:0c:0f:46:34:79:b1:09:
bc:d8:18:ac:13:a1:a8:55:ec:d7:95:3a:8d:a0:b6:db:20:e7:
9a:c2:b1:8b:e9:a0:3e:d6:76:94:ef:4a:9b:f8:79:d3:5e:46:
5f:e8:8b:d8:83:16:29:5f:a4:8d:33:2e:a6:f9:53:6f:b9:8b:
0a:24:50:7a:82:49:7c:e2:37:9e:b4:02:e5:bc:40:28:3d:5b:
93:7c:84:9d:fb:49:67:51:8f:f2:e6:b1:5f:67:38:fc:e6:fd:
e5:6b:0d:bf
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQm2YBIZyEeTG37LljG+YLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGVjMDMwNTI3NGRkNTcwYWQ2ZjMxMzE5Y2I4MzdjMTczMmUxNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh2Zj9/ardMVcbMLatzSEsYfNLPH
QOdgJXKLa3BjVsAnZQvvZg0eLxxlVNq6HpEey4Ii21d3eHwMFIwGS2sXwHCs0PhF
OO7Hf+FqEhhU9VmXwE8Oa8zaSO9SkJvukmpyVp/8M13ItSEVEFROUoliM3Uwa0Uf
glKW9A3WNHsG5kVFr19ttTbvwe4hGv1RHT1u8eFyKlGNSaAm5oEjU+YlTmIoBx0N
YTIvDrAO8WD8d0QN9ElsHtFEICwCtxNjbm7+bWIngUEydJq5JTU8p4Nr6TEpbkb7
78glokKa/m/RHG7egxLqPrhbitJM5zjbRjOacW03BzUJLRk8rbA7kDRYxQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFP3sAwUnTdVwrW8xMZy4N8FzLhZ9MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvX2V3REJTZE4xWEN0YnpFeG5MZzN3WE11Rm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQCLZ10AwQC
uQoQAwQCuZqYAwQAvNYYAwQAwpNhAwQAwpNpAwQAwpNtMBsEAgACMBUDBQAqA1hA
AwUDKgeNwAMFAyoN5oAwDQYJKoZIhvcNAQELBQADggEBAAPPsW7VU211TJA98V/O
5Jc3LFkUcMOWxKveHUZcDdlLRJLmJfhbjqh9RliPHDNdsuRiJTJq3t8ho+Bj+KuN
TpH46bCXGEwBvVuL60WJLj/TVogXCkVrxmV1+bW7wwCsCs2qIyS1WygCgTALy3re
wZHDsTTI2wQNJpeh1JcOQWPW2KEfstNQ3iq+1N9+00e29LnI1ZowfS85OrZtDA9G
NHmxCbzYGKwToahV7NeVOo2gttsg55rCsYvpoD7WdpTvSpv4edNeRl/oi9iDFilf
pI0zLqb5U2+5iwokUHqCSXziN560AuW8QCg9W5N8hJ37SWdRj/LmsV9nOPzm/eVr
Db8=
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:04:20 2025 by rpki-client