Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/VevE1Qkku5OCuflEElcF548SkKs.roa
File: VevE1Qkku5OCuflEElcF548SkKs.roa (raw, json)
Hash identifier: OO4osqCuMqLt/NPspapEtGPa5x8FCuxawiZlsDGiwlo=
Subject key identifier: 55:EB:C4:D5:09:24:BB:93:82:B9:F9:44:12:57:05:E7:8F:12:90:AB
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 019421B1E41AB1D9ED772CA4551D5FB5B5E9
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/VevE1Qkku5OCuflEElcF548SkKs.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.232.87.0/24 maxlen: 32
193.232.135.0/24 maxlen: 32
193.232.136.0/24 maxlen: 32
193.232.140.0/24 maxlen: 32
193.232.244.0/24 maxlen: 32
194.85.107.0/24 maxlen: 32
194.85.177.0/24 maxlen: 32
194.190.119.0/24 maxlen: 32
194.190.120.0/24 maxlen: 32
194.226.100.0/22 maxlen: 32
195.208.208.0/21 maxlen: 32
2001:7f8:20:101::/64 maxlen: 128
2001:7f8:20:201::/64 maxlen: 128
2001:7f8:20:202::/64 maxlen: 128
2001:7f8:20:301::/64 maxlen: 128
2001:7f8:20:401::/64 maxlen: 128
2001:7f8:20:501::/64 maxlen: 128
2001:7f8:20:601::/64 maxlen: 128
2001:7f8:20:701::/64 maxlen: 128
2001:7f8:20:801::/64 maxlen: 128
2001:7f8:20:901::/64 maxlen: 128
2001:7f8:20:1101::/64 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:1a:b1:d9:ed:77:2c:a4:55:1d:5f:b5:b5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55ebc4d50924bb9382b9f944125705e78f1290ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:96:44:f9:d0:90:2e:d6:40:0d:0b:2d:a8:82:
8c:c5:54:27:54:99:6e:ac:ce:7b:ab:ee:bc:9e:3b:
51:7e:f8:7e:31:d6:40:0a:3e:75:63:e2:92:98:8f:
2d:de:5c:77:5d:eb:ac:a6:84:5c:0f:c7:ab:aa:1f:
0f:60:bb:7b:f1:03:ce:97:1b:cf:f3:d2:0c:41:e0:
9d:ed:a9:04:b4:ed:6b:e0:c8:f5:65:1c:e3:b9:8b:
bd:b2:14:29:50:da:1f:bb:a4:26:fa:30:76:02:d3:
c8:11:27:ed:98:f2:0f:6d:13:67:20:ca:d3:44:34:
ac:7c:82:e7:8d:52:27:62:ca:8a:75:49:12:70:54:
0c:f7:e9:98:37:6b:94:15:8f:30:e0:8d:6a:d1:5d:
3b:c1:01:94:fa:81:ad:5d:3e:46:60:23:5d:e0:62:
e8:96:71:d7:30:09:f1:76:47:44:ea:11:02:b9:60:
0b:25:79:91:03:7f:c0:fa:78:c9:f2:7b:3e:f0:ca:
41:ea:8d:94:93:28:bb:f4:d6:0a:68:3c:6e:9d:0a:
23:70:72:6e:54:1d:9e:7c:ff:2d:71:3a:9c:8a:e7:
fc:0d:5f:45:e4:7e:cc:60:6b:4e:8b:14:bb:f9:e6:
7b:08:47:5b:b9:d8:29:3a:41:b4:9b:ed:c0:d8:6c:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:EB:C4:D5:09:24:BB:93:82:B9:F9:44:12:57:05:E7:8F:12:90:AB
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/VevE1Qkku5OCuflEElcF548SkKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.87.0/24
193.232.135.0-193.232.136.255
193.232.140.0/24
193.232.244.0/24
194.85.107.0/24
194.85.177.0/24
194.190.119.0-194.190.120.255
194.226.100.0/22
195.208.208.0/21
IPv6:
2001:7f8:20:101::/64
2001:7f8:20:201::-2001:7f8:20:202:ffff:ffff:ffff:ffff
2001:7f8:20:301::/64
2001:7f8:20:401::/64
2001:7f8:20:501::/64
2001:7f8:20:601::/64
2001:7f8:20:701::/64
2001:7f8:20:801::/64
2001:7f8:20:901::/64
2001:7f8:20:1101::/64
Signature Algorithm: sha256WithRSAEncryption
b7:f7:0b:8a:73:41:65:41:14:78:98:12:24:1a:8e:5f:dc:91:
5c:d7:8e:49:65:17:29:bf:41:d6:d1:34:55:e6:f3:ba:af:06:
bc:ab:01:6e:11:4a:bb:ee:6c:6c:d5:7c:92:b2:77:5e:db:df:
31:a9:d4:18:0c:c2:fd:8a:9f:32:a0:4a:38:4c:45:3d:f3:91:
1f:72:15:01:b8:95:47:1c:f4:db:66:99:b1:76:b4:02:9a:ff:
d5:4b:40:36:40:5d:28:10:04:96:2e:c0:6f:ce:fb:2b:86:1b:
69:f9:03:ca:59:19:25:b4:e4:c7:3f:6c:3d:cc:f8:6f:f2:ef:
e4:f8:bf:4a:ac:65:9f:33:36:70:2e:79:dc:38:12:00:e5:05:
c8:e2:8f:8d:64:3a:82:a2:4d:a8:43:ad:e8:2e:a9:e6:96:77:
5d:a4:19:cf:ff:aa:ba:4b:36:c8:de:5d:98:4d:21:cc:f8:cd:
8f:58:40:29:f2:6d:1e:49:b4:7e:2d:10:33:15:86:bd:51:ce:
81:0d:97:1f:55:cb:c7:0b:8e:d1:c6:d2:98:4a:07:9d:ed:8a:
9f:ce:f7:25:a0:0f:21:8b:99:2f:4a:c9:b4:d5:53:e8:46:1d:
50:79:a7:4e:48:f8:76:74:20:af:6d:a8:be:40:39:54:a3:7b:
7c:70:4d:6e
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZQhseQasdntdyykVR1ftbXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWViYzRkNTA5MjRiYjkzODJiOWY5NDQxMjU3MDVlNzhmMTI5MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpZE+dCQLtZADQstqIKMxVQnVJlu
rM57q+68njtRfvh+MdZACj51Y+KSmI8t3lx3XeuspoRcD8erqh8PYLt78QPOlxvP
89IMQeCd7akEtO1r4Mj1ZRzjuYu9shQpUNofu6Qm+jB2AtPIESftmPIPbRNnIMrT
RDSsfILnjVInYsqKdUkScFQM9+mYN2uUFY8w4I1q0V07wQGU+oGtXT5GYCNd4GLo
lnHXMAnxdkdE6hECuWALJXmRA3/A+njJ8ns+8MpB6o2Ukyi79NYKaDxunQojcHJu
VB2efP8tcTqciuf8DV9F5H7MYGtOixS7+eZ7CEdbudgpOkG0m+3A2GxrxQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFFXrxNUJJLuTgrn5RBJXBeePEpCrMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvVmV2RTFRa2t1NU9DdWZsRUVsY0Y1NDhTa0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBMBAIAATBGAwQAwehX
MAwDBADB6IcDBADB6IgDBADB6IwDBADB6PQDBADCVWsDBADCVbEwDAMEAMK+dwME
AMK+eAMEAsLiZAMEA8PQ0DCBgQQCAAIwewMJACABB/gAIAEBMBYDCQAgAQf4ACAC
AQMJACABB/gAIAICAwkAIAEH+AAgAwEDCQAgAQf4ACAEAQMJACABB/gAIAUBAwkA
IAEH+AAgBgEDCQAgAQf4ACAHAQMJACABB/gAIAgBAwkAIAEH+AAgCQEDCQAgAQf4
ACARATANBgkqhkiG9w0BAQsFAAOCAQEAt/cLinNBZUEUeJgSJBqOX9yRXNeOSWUX
Kb9B1tE0Vebzuq8GvKsBbhFKu+5sbNV8krJ3XtvfManUGAzC/YqfMqBKOExFPfOR
H3IVAbiVRxz022aZsXa0Apr/1UtANkBdKBAEli7Ab877K4YbafkDylkZJbTkxz9s
Pcz4b/Lv5Pi/SqxlnzM2cC553DgSAOUFyOKPjWQ6gqJNqEOt6C6p5pZ3XaQZz/+q
uks2yN5dmE0hzPjNj1hAKfJtHkm0fi0QMxWGvVHOgQ2XH1XLxwuO0cbSmEoHne2K
n873JaAPIYuZL0rJtNVT6EYdUHmnTkj4dnQgr22ovkA5VKN7fHBNbg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:53 2025 by rpki-client