Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-CioEHvXDliQ-ysCZU16itgdyA.roa
File: E-CioEHvXDliQ-ysCZU16itgdyA.roa (raw, json)
Hash identifier: Bj/LXYlPsspa7pYnWlCG/tze9S8bUpZehllbq5j3EBU=
Subject key identifier: 13:E0:A2:A0:41:EF:5C:39:62:43:EC:AC:09:95:35:EA:2B:60:77:20
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01956D46EFF30F7DEA8CF7D8B3EA21CD9499
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-CioEHvXDliQ-ysCZU16itgdyA.roa
Signing time: Thu 06 Mar 2025 21:05:20 +0000
ROA not before: Thu 06 Mar 2025 21:05:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211415
IP address blocks: 89.213.221.0/24 maxlen: 24
109.176.29.0/24 maxlen: 24
109.176.31.0/24 maxlen: 24
213.218.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:46:ef:f3:0f:7d:ea:8c:f7:d8:b3:ea:21:cd:94:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 6 21:05:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13e0a2a041ef5c396243ecac099535ea2b607720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:d5:18:3c:6b:97:71:a5:85:c6:9f:e7:46:
24:15:99:5d:39:f7:83:05:20:8b:a1:d9:b5:a4:3a:
28:db:da:c6:38:62:69:c7:11:ba:24:bd:4a:dc:6b:
37:04:1c:c0:d7:85:9c:e1:4d:e3:52:49:45:84:6e:
df:ae:de:d2:a4:4b:d5:e7:48:5a:92:f0:e9:a5:c8:
e5:53:b4:b9:46:f4:48:49:00:db:3f:d5:5c:e8:cd:
59:86:94:cd:92:d1:35:68:11:3c:c5:07:d4:28:5a:
22:d6:96:04:b7:6a:f5:5d:a6:65:e1:05:df:23:20:
12:9a:7e:c5:5e:82:02:46:56:83:21:c9:40:36:d2:
37:df:1f:78:ef:db:ec:ce:bd:40:80:74:dd:df:ab:
b6:a9:a3:2d:f8:8b:3b:1e:86:80:4d:1d:5b:bf:fc:
1b:d0:37:1d:69:ca:9d:be:b6:ed:31:8a:cc:86:5e:
ac:96:54:96:c3:66:4a:cb:29:18:1e:b9:2e:da:4c:
ce:92:87:02:de:31:fd:f8:2b:a7:ea:24:ee:9f:cc:
87:26:f3:5b:31:92:af:9b:35:82:6f:b6:db:40:c2:
3b:07:e7:ad:59:09:5c:a5:64:83:54:a9:7c:2f:63:
c6:33:0d:d0:30:fa:f3:3a:70:11:4d:59:f5:41:6a:
6f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E0:A2:A0:41:EF:5C:39:62:43:EC:AC:09:95:35:EA:2B:60:77:20
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E-CioEHvXDliQ-ysCZU16itgdyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.221.0/24
109.176.29.0/24
109.176.31.0/24
213.218.242.0/24
Signature Algorithm: sha256WithRSAEncryption
54:53:09:0c:5c:4e:4a:d3:6b:6d:bf:ab:06:43:b4:3a:f3:d0:
8c:b9:02:48:93:44:e3:3d:8e:42:35:63:35:1c:81:2c:90:4a:
b9:b7:3e:4f:5f:c3:9a:3f:06:3d:0e:61:70:10:5b:e1:ca:fb:
7b:4c:5e:8a:96:11:cf:9c:bc:e1:d8:ac:57:12:30:c5:f0:b1:
21:34:c6:7b:4c:61:25:9a:13:56:2d:ba:fe:0c:1c:a3:4d:71:
fc:89:3a:00:b3:36:a7:6e:48:91:7c:aa:4e:74:71:1b:e6:d0:
a3:8c:dc:7b:ec:d7:e4:4a:d9:7a:51:8d:f0:1a:60:75:46:db:
53:8d:8b:29:04:98:fb:c0:1f:c1:fa:a4:98:a1:45:90:c5:6c:
3b:b9:38:d2:1d:44:b7:95:43:d7:ea:eb:f8:cb:2f:4d:95:b9:
24:2e:a2:0a:9f:f1:ac:22:7e:4e:52:13:b3:57:2b:99:a4:2c:
af:35:20:4d:05:c1:a9:9d:12:db:b8:42:f9:c4:fa:57:38:f3:
4e:5e:ed:27:c4:2b:a0:a1:bf:b1:8a:92:51:b9:60:89:76:39:
d9:c9:ea:93:f5:cd:e8:8c:05:e1:41:f9:3d:0a:41:3c:91:24:
c3:4c:3e:84:3d:33:38:83:58:bf:e4:91:9d:79:78:97:f5:ce:
65:85:f8:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVtRu/zD33qjPfYs+ohzZSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA2MjEwNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2UwYTJhMDQxZWY1YzM5NjI0M2VjYWMwOTk1MzVlYTJiNjA3NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3XVGDxrl3Glhcaf50YkFZldOfeD
BSCLodm1pDoo29rGOGJpxxG6JL1K3Gs3BBzA14Wc4U3jUklFhG7frt7SpEvV50ha
kvDppcjlU7S5RvRISQDbP9Vc6M1ZhpTNktE1aBE8xQfUKFoi1pYEt2r1XaZl4QXf
IyASmn7FXoICRlaDIclANtI33x9479vszr1AgHTd36u2qaMt+Is7HoaATR1bv/wb
0DcdacqdvrbtMYrMhl6sllSWw2ZKyykYHrku2kzOkocC3jH9+Cun6iTun8yHJvNb
MZKvmzWCb7bbQMI7B+etWQlcpWSDVKl8L2PGMw3QMPrzOnARTVn1QWpvowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBPgoqBB71w5YkPsrAmVNeorYHcgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRS1DaW9FSHZYRGxpUS15c0NaVTE2aXRnZHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdXdAwQA
bbAdAwQAbbAfAwQA1dryMA0GCSqGSIb3DQEBCwUAA4IBAQBUUwkMXE5K02ttv6sG
Q7Q689CMuQJIk0TjPY5CNWM1HIEskEq5tz5PX8OaPwY9DmFwEFvhyvt7TF6KlhHP
nLzh2KxXEjDF8LEhNMZ7TGElmhNWLbr+DByjTXH8iToAszanbkiRfKpOdHEb5tCj
jNx77NfkStl6UY3wGmB1RttTjYspBJj7wB/B+qSYoUWQxWw7uTjSHUS3lUPX6uv4
yy9NlbkkLqIKn/GsIn5OUhOzVyuZpCyvNSBNBcGpnRLbuEL5xPpXOPNOXu0nxCug
ob+xipJRuWCJdjnZyeqT9c3ojAXhQfk9CkE8kSTDTD6EPTM4g1i/5JGdeXiX9c5l
hfji
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:20 2025 by rpki-client