Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/EVNYCEZdUMzdR7485Sxb1aaU4DE.roa
File: EVNYCEZdUMzdR7485Sxb1aaU4DE.roa (raw, json)
Hash identifier: J2TH0tVcNlED4eWHymgRzOY7kV7+JyPdA6oqZNJJZbw=
Subject key identifier: 11:53:58:08:46:5D:50:CC:DD:47:BE:3C:E5:2C:5B:D5:A6:94:E0:31
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0196ECD517F0316B90168A1E5BB698E54747
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/EVNYCEZdUMzdR7485Sxb1aaU4DE.roa
Signing time: Tue 20 May 2025 08:35:10 +0000
ROA not before: Tue 20 May 2025 08:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.26.0/24 maxlen: 24
152.53.27.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.41.0/24 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.58.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.74.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.164.0/22 maxlen: 22
152.53.168.0/22 maxlen: 22
152.53.176.0/22 maxlen: 22
152.53.180.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:d5:17:f0:31:6b:90:16:8a:1e:5b:b6:98:e5:47:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: May 20 08:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11535808465d50ccdd47be3ce52c5bd5a694e031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:da:0f:63:ba:9d:ef:35:b6:b3:d5:7f:4b:b5:
65:36:88:b0:59:ec:ac:7b:ec:99:22:7e:a0:f6:18:
1f:79:ac:1f:9e:49:6e:7a:24:10:6d:95:eb:fc:a1:
f3:f7:6b:97:a6:52:c9:84:bf:64:03:ff:e8:89:61:
60:89:e6:74:2c:56:8f:8e:c0:67:12:2b:0f:9f:2c:
52:e6:b0:c3:69:f6:4c:81:96:1c:37:ce:ca:5c:26:
4c:19:49:ef:2f:9c:c5:a0:a1:61:ca:f5:0b:50:9a:
21:d2:ad:8c:b2:04:32:18:97:4d:18:57:cc:ee:ac:
07:f0:00:93:a8:dc:3b:7a:85:c5:94:d8:21:ac:08:
20:58:22:76:4a:79:4a:a2:c7:66:ea:f1:5e:c1:c6:
4e:b0:53:41:59:8e:10:8a:89:69:22:ab:ce:5a:2b:
dd:7a:0c:8b:cc:95:77:58:fe:e9:9e:d9:8d:c7:f6:
d3:55:51:1f:49:87:5f:3c:4d:98:7a:d1:5e:b7:70:
63:8e:a9:e1:ee:76:e6:fc:b7:a5:bd:1d:b1:d8:dc:
82:aa:ba:1d:19:0f:4c:b9:dc:d9:7a:1a:c5:1f:59:
0d:d6:09:f6:47:55:5f:3a:26:37:f3:ca:dc:d1:cc:
dd:86:55:76:5e:93:a6:36:12:00:47:db:8e:98:94:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:53:58:08:46:5D:50:CC:DD:47:BE:3C:E5:2C:5B:D5:A6:94:E0:31
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/EVNYCEZdUMzdR7485Sxb1aaU4DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:d2:8b:bc:1e:9e:47:94:77:c2:ee:3c:e8:df:08:38:64:f0:
46:ad:ce:bf:2a:29:7e:39:a6:0c:13:92:8d:8f:31:90:3f:10:
33:3b:bc:fd:48:b6:70:6d:f6:e4:fd:ba:38:9f:df:44:2a:05:
e5:56:7d:b3:15:e0:94:d1:b5:76:96:f7:0a:f6:c5:60:a8:01:
35:e4:35:0f:a7:f2:38:f1:84:b3:b4:2a:01:73:d6:e4:73:d8:
b5:ed:36:19:05:ea:ed:82:ec:8c:57:62:46:a6:81:b7:39:6e:
83:df:78:62:dc:53:b3:22:01:d6:ca:b2:1f:5f:98:f3:7f:83:
b1:ba:37:2c:b5:44:c8:c1:2b:68:64:39:70:ad:97:9b:04:ab:
5b:19:28:9d:89:91:2c:41:5a:6c:9d:18:65:93:85:b7:0f:1b:
93:eb:f9:fa:0b:e1:49:a1:5b:9c:b1:ae:6b:43:78:0a:6b:09:
e2:65:70:bf:bc:3b:90:29:4c:43:8b:3f:76:1c:82:69:41:93:
66:06:42:ad:8e:c0:b7:ba:33:e1:69:4e:1e:61:b4:7c:54:d9:
7c:bf:2d:ec:06:2b:86:eb:3a:89:09:fb:20:52:d8:af:41:af:
3c:24:d4:f2:f2:4d:f0:b2:1d:b9:5f:c3:e9:77:cd:97:4c:2c:
80:00:36:79
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZbs1RfwMWuQFooeW7aY5UdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNTIwMDgzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTUzNTgwODQ2NWQ1MGNjZGQ0N2JlM2NlNTJjNWJkNWE2OTRlMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdoPY7qd7zW2s9V/S7VlNoiwWeys
e+yZIn6g9hgfeawfnklueiQQbZXr/KHz92uXplLJhL9kA//oiWFgieZ0LFaPjsBn
EisPnyxS5rDDafZMgZYcN87KXCZMGUnvL5zFoKFhyvULUJoh0q2MsgQyGJdNGFfM
7qwH8ACTqNw7eoXFlNghrAggWCJ2SnlKosdm6vFewcZOsFNBWY4QiolpIqvOWivd
egyLzJV3WP7pntmNx/bTVVEfSYdfPE2YetFet3Bjjqnh7nbm/LelvR2x2NyCqrod
GQ9MudzZehrFH1kN1gn2R1VfOiY388rc0czdhlV2XpOmNhIAR9uOmJQUJwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBFTWAhGXVDM3Ue+POUsW9WmlOAxMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvRVZOWUNFWmRVTXpkUjc0ODVTeGIxYWFVNERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAGHSi7wenkeUd8LuPOjfCDhk8Eatzr8qKX45pgwTko2P
MZA/EDM7vP1ItnBt9uT9ujif30QqBeVWfbMV4JTRtXaW9wr2xWCoATXkNQ+n8jjx
hLO0KgFz1uRz2LXtNhkF6u2C7IxXYkamgbc5boPfeGLcU7MiAdbKsh9fmPN/g7G6
Nyy1RMjBK2hkOXCtl5sEq1sZKJ2JkSxBWmydGGWThbcPG5Pr+foL4UmhW5yxrmtD
eAprCeJlcL+8O5ApTEOLP3YcgmlBk2YGQq2OwLe6M+FpTh5htHxU2Xy/LewGK4br
OokJ+yBS2K9Brzwk1PLyTfCyHblfw+l3zZdMLIAANnk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:46:40 2025 by rpki-client