Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/DhrEeypsTDYQFqtn5MxSVP9RNeU.roa
File: DhrEeypsTDYQFqtn5MxSVP9RNeU.roa (raw, json)
Hash identifier: YbsKC7hbnZNHtFxguJmaXdHmEbB7PGi2yECVIv3in+Y=
Subject key identifier: 0E:1A:C4:7B:2A:6C:4C:36:10:16:AB:67:E4:CC:52:54:FF:51:35:E5
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 019424B28A5F3A018C6CC1E2B6535D2BE387
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/DhrEeypsTDYQFqtn5MxSVP9RNeU.roa
Signing time: Thu 02 Jan 2025 01:47:48 +0000
ROA not before: Thu 02 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20743
IP address blocks: 146.109.145.0/24 maxlen: 24
146.109.153.0/24 maxlen: 24
146.109.160.0/19 maxlen: 19
146.109.161.0/24 maxlen: 24
2a01:4642:100::/40 maxlen: 40
2a01:4642:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:8a:5f:3a:01:8c:6c:c1:e2:b6:53:5d:2b:e3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 2 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e1ac47b2a6c4c361016ab67e4cc5254ff5135e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:85:fd:2a:96:a7:2b:90:f3:b7:3e:4e:6d:
d0:80:ef:cd:e8:cc:e0:d4:df:a0:87:25:48:f6:e7:
46:62:d1:10:40:53:7f:a9:5a:70:87:dd:28:34:1b:
10:6a:5a:a7:c4:7d:9a:7a:7c:f6:da:1f:51:78:29:
af:8c:50:82:17:e7:18:16:42:77:1b:20:cb:b9:9b:
b3:6a:44:3a:45:02:40:58:ab:a7:9b:4a:dc:80:30:
25:62:53:c4:91:97:52:9c:49:87:c8:50:9a:69:8f:
16:26:cd:d6:9c:9d:8a:a5:6d:2c:1b:d5:fc:30:3b:
6a:20:bc:e0:61:74:de:53:d9:6b:7c:2b:3d:34:93:
42:d6:94:72:c8:34:98:c5:ad:f1:11:7a:77:1b:ad:
18:64:3a:2b:4e:0f:6a:06:fe:79:c4:75:72:6e:0b:
85:5e:73:c6:6a:c1:0a:97:24:61:b4:0b:f8:e3:c3:
68:39:8f:20:3d:b5:70:70:5a:5c:1c:a5:56:58:90:
c3:37:14:37:e4:09:71:6d:6f:f2:00:cd:4d:f2:78:
f5:c0:a4:b7:8c:ee:79:82:0b:91:07:02:7e:7f:6c:
c6:8b:48:3b:c4:4d:55:1f:ac:2f:fb:da:60:58:53:
b2:4c:62:f4:4b:bb:46:c5:a5:c4:bf:8a:8d:a2:e1:
63:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1A:C4:7B:2A:6C:4C:36:10:16:AB:67:E4:CC:52:54:FF:51:35:E5
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/DhrEeypsTDYQFqtn5MxSVP9RNeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.145.0/24
146.109.153.0/24
146.109.160.0/19
IPv6:
2a01:4642:100::-2a01:4642:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:e8:18:d6:49:4f:cc:38:a8:fc:25:3e:50:7e:fa:91:61:4a:
8a:2d:11:57:ef:32:e8:28:44:1a:63:a0:12:3c:5a:60:06:bd:
32:5c:e9:2d:c8:d5:5c:f2:4b:35:2e:4e:95:b1:17:19:8e:b4:
d2:fb:08:8f:55:d8:02:01:f3:1e:9a:ae:b5:f5:a1:3c:54:9b:
3f:14:17:e3:f7:21:6c:e7:63:cd:04:70:ce:5e:15:d7:4c:5f:
37:df:c5:fb:bb:c3:bf:1d:38:9a:14:05:e5:2c:fb:82:0e:c5:
49:be:4c:94:07:f0:07:ae:f1:5d:09:4f:8f:04:eb:7b:1e:2e:
45:6f:db:c9:33:8a:e8:e2:df:c4:37:54:60:69:f9:46:32:9f:
8c:68:20:40:6f:4a:aa:c5:9b:85:4e:ba:9d:95:3c:80:5a:f6:
37:42:1f:f6:d9:55:1a:f6:91:c3:63:d0:28:91:71:9e:f9:d1:
5c:42:83:18:84:ba:00:29:3b:56:72:a6:bd:f7:8a:56:e4:27:
2b:5c:39:92:5b:e6:59:4d:a0:1f:59:37:ee:e8:f2:88:9d:61:
23:54:20:9b:19:d0:66:b7:a2:79:10:bb:45:7b:d1:3c:19:34:
10:c9:32:c8:aa:47:95:88:8f:72:fd:d5:e0:95:75:52:c5:50:
7b:1d:df:74
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQksopfOgGMbMHitlNdK+OHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjUwMTAyMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFhYzQ3YjJhNmM0YzM2MTAxNmFiNjdlNGNjNTI1NGZmNTEzNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgCF/SqWpyuQ87c+Tm3QgO/N6Mzg
1N+ghyVI9udGYtEQQFN/qVpwh90oNBsQalqnxH2aenz22h9ReCmvjFCCF+cYFkJ3
GyDLuZuzakQ6RQJAWKunm0rcgDAlYlPEkZdSnEmHyFCaaY8WJs3WnJ2KpW0sG9X8
MDtqILzgYXTeU9lrfCs9NJNC1pRyyDSYxa3xEXp3G60YZDorTg9qBv55xHVybguF
XnPGasEKlyRhtAv448NoOY8gPbVwcFpcHKVWWJDDNxQ35AlxbW/yAM1N8nj1wKS3
jO55gguRBwJ+f2zGi0g7xE1VH6wv+9pgWFOyTGL0S7tGxaXEv4qNouFj4QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFA4axHsqbEw2EBarZ+TMUlT/UTXlMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvRGhyRWV5cHNURFlRRnF0bjVNeFNWUDlSTmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAkm2RAwQA
km2ZAwQFkm2gMBgEAgACMBIwEAMGACoBRkIBAwYAKgFGQgIwDQYJKoZIhvcNAQEL
BQADggEBABboGNZJT8w4qPwlPlB++pFhSootEVfvMugoRBpjoBI8WmAGvTJc6S3I
1VzySzUuTpWxFxmOtNL7CI9V2AIB8x6arrX1oTxUmz8UF+P3IWznY80EcM5eFddM
Xzffxfu7w78dOJoUBeUs+4IOxUm+TJQH8Aeu8V0JT48E63seLkVv28kziuji38Q3
VGBp+UYyn4xoIEBvSqrFm4VOup2VPIBa9jdCH/bZVRr2kcNj0CiRcZ750VxCgxiE
ugApO1Zypr33ilbkJytcOZJb5llNoB9ZN+7o8oidYSNUIJsZ0Ga3onkQu0V70TwZ
NBDJMsiqR5WIj3L91eCVdVLFUHsd33Q=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:10:11 2025 by rpki-client