Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6eoj3HW_5TpgQ42VV6W-eRXWJRY.roa
File: 6eoj3HW_5TpgQ42VV6W-eRXWJRY.roa (raw, json)
Hash identifier: Xh4eenBYRtemEIOmT0DFdL/CXzx7ji9eMIWiGg2yj/0=
Subject key identifier: E9:EA:23:DC:75:BF:E5:3A:60:43:8D:95:57:A5:BE:79:15:D6:25:16
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019614BEC9F164D9A86F63394A55396B2FA0
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6eoj3HW_5TpgQ42VV6W-eRXWJRY.roa
Signing time: Tue 08 Apr 2025 09:32:49 +0000
ROA not before: Tue 08 Apr 2025 09:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:be:c9:f1:64:d9:a8:6f:63:39:4a:55:39:6b:2f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Apr 8 09:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9ea23dc75bfe53a60438d9557a5be7915d62516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:65:cd:fc:7c:3a:94:75:85:5e:ed:3f:26:1b:
b6:79:e9:ec:9f:ed:06:b7:c7:01:bd:34:af:ac:79:
24:9a:2b:db:d9:86:d0:1a:de:91:c1:a7:cd:50:9e:
b4:ff:9e:49:70:dc:45:fb:10:76:56:1f:a3:6e:07:
f9:1e:c6:45:d0:60:93:e5:7d:3e:bd:d8:0b:35:ad:
9f:df:75:2e:bc:98:16:ed:9a:76:ee:3b:26:52:23:
13:95:a9:ec:df:fd:c9:f5:36:e1:29:72:91:15:72:
41:52:6f:a8:9b:4f:03:3d:b1:be:c9:04:d7:24:11:
12:84:3e:c8:c2:c8:21:3d:da:83:bd:da:02:08:4b:
0f:bf:78:88:54:a1:a2:30:67:ee:eb:fd:9c:64:72:
2e:b2:86:80:fa:54:35:fd:31:50:b8:68:60:d2:49:
5f:ef:88:8e:ce:2f:28:75:e9:ac:0d:99:8a:3b:11:
13:9d:d1:34:f0:2b:4d:81:c8:3e:e4:7b:75:6d:10:
7c:62:36:29:a2:a3:eb:2e:47:6e:21:37:dc:80:93:
00:4f:26:fa:d1:d9:60:d6:ea:7f:de:91:94:38:2d:
2c:e5:30:09:98:a3:3e:63:9b:59:cf:6a:af:0d:6c:
93:e6:5e:8a:d8:8c:e5:27:63:22:82:63:c5:fa:80:
5b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EA:23:DC:75:BF:E5:3A:60:43:8D:95:57:A5:BE:79:15:D6:25:16
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6eoj3HW_5TpgQ42VV6W-eRXWJRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:bf:ad:4d:64:29:aa:7f:f8:af:8b:04:7c:15:72:ae:c0:26:
b1:5b:6e:c4:8c:41:52:5d:db:ab:8a:44:fd:2b:38:6a:d5:fa:
35:d7:8d:cb:57:64:91:24:e4:7b:68:6f:dd:59:ac:d9:ed:c1:
64:62:51:75:5e:58:c5:6e:d1:2b:5b:2c:07:a5:d0:e3:9a:b2:
4e:d8:70:0d:0d:d3:1e:1d:08:0e:b5:51:f9:1a:1a:5a:7a:ef:
b5:3d:af:c3:0e:b0:3b:66:22:b6:86:14:3b:b0:53:47:69:97:
08:db:d5:f2:41:91:d5:ce:c3:ea:23:01:9f:78:f0:d8:d0:80:
15:06:85:a7:7e:7f:c5:d2:c2:d4:fe:e5:3d:96:c7:a3:10:4c:
cb:7c:02:4b:7d:42:3e:80:6f:79:5a:13:be:16:8b:b3:d2:13:
c2:80:8b:46:a3:62:ad:b9:cf:83:85:4a:23:86:0e:c2:62:b8:
31:b2:f2:7e:f1:86:e6:8f:a5:30:05:a1:6a:39:3e:df:5f:f6:
92:f7:f5:8d:d0:1b:a1:81:ef:9d:56:a0:df:3d:5a:f5:ab:c0:
b8:d5:da:60:e0:68:c6:2a:af:0a:9e:ef:2d:9d:0a:ed:b3:ce:
51:cf:d7:25:6a:f5:77:31:5c:d2:63:7b:eb:9b:11:ab:2c:34:
33:7a:f2:97
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZYUvsnxZNmob2M5SlU5ay+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNDA4MDkzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWVhMjNkYzc1YmZlNTNhNjA0MzhkOTU1N2E1YmU3OTE1ZDYyNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GXN/Hw6lHWFXu0/Jhu2eensn+0G
t8cBvTSvrHkkmivb2YbQGt6RwafNUJ60/55JcNxF+xB2Vh+jbgf5HsZF0GCT5X0+
vdgLNa2f33UuvJgW7Zp27jsmUiMTlans3/3J9TbhKXKRFXJBUm+om08DPbG+yQTX
JBEShD7IwsghPdqDvdoCCEsPv3iIVKGiMGfu6/2cZHIusoaA+lQ1/TFQuGhg0klf
74iOzi8odemsDZmKOxETndE08CtNgcg+5Ht1bRB8YjYpoqPrLkduITfcgJMATyb6
0dlg1up/3pGUOC0s5TAJmKM+Y5tZz2qvDWyT5l6K2IzlJ2MigmPF+oBb6wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOnqI9x1v+U6YEONlVelvnkV1iUWMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNmVvajNIV181VHBnUTQyVlY2Vy1lUlhXSlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAJC/rU1kKap/+K+LBHwVcq7AJrFbbsSMQVJd26uKRP0r
OGrV+jXXjctXZJEk5Htob91ZrNntwWRiUXVeWMVu0StbLAel0OOask7YcA0N0x4d
CA61UfkaGlp677U9r8MOsDtmIraGFDuwU0dplwjb1fJBkdXOw+ojAZ948NjQgBUG
had+f8XSwtT+5T2Wx6MQTMt8Akt9Qj6Ab3laE74Wi7PSE8KAi0ajYq25z4OFSiOG
DsJiuDGy8n7xhuaPpTAFoWo5Pt9f9pL39Y3QG6GB751WoN89WvWrwLjV2mDgaMYq
rwqe7y2dCu2zzlHP1yVq9XcxXNJje+ubEassNDN68pc=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:39:13 2025 by rpki-client