Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/EgUed3OS5r6UcW0VzyUQOqijGyE.roa
File: EgUed3OS5r6UcW0VzyUQOqijGyE.roa (raw, json)
Hash identifier: fxzBB+2/n6aM1AwbZDhuW1COKGh5iBae7DMl/0iQ9A8=
Subject key identifier: 12:05:1E:77:73:92:E6:BE:94:71:6D:15:CF:25:10:3A:A8:A3:1B:21
Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Certificate serial: 019421B22F79C0C7386E1DB14E65D98CF124
Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/EgUed3OS5r6UcW0VzyUQOqijGyE.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34993
IP address blocks: 37.148.252.0/22 maxlen: 22
89.248.208.0/24 maxlen: 24
89.248.210.0/23 maxlen: 23
141.98.220.0/22 maxlen: 22
185.57.148.0/22 maxlen: 22
185.151.188.0/22 maxlen: 22
193.25.122.0/23 maxlen: 23
193.25.168.0/23 maxlen: 23
2a0a:1580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2f:79:c0:c7:38:6e:1d:b1:4e:65:d9:8c:f1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12051e777392e6be94716d15cf25103aa8a31b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d6:c7:53:d4:60:77:7c:c7:67:33:a8:ae:6e:
50:d5:71:c5:3e:cd:27:92:99:0f:27:d3:e6:a7:bd:
13:9e:9d:c3:7d:34:7e:b4:2a:ec:0e:c4:e0:8b:59:
1a:e9:d2:ea:f8:a4:0b:2c:7c:7e:a8:1d:be:d3:70:
5d:e3:d4:13:25:f5:b7:73:01:57:97:83:08:b0:b8:
d4:33:b7:dc:70:b3:ca:fb:10:78:98:bf:19:0c:8e:
56:20:8d:c8:ab:77:48:2b:3d:98:ee:aa:83:c5:5d:
9a:52:f2:5c:b0:3c:c8:20:c5:11:ce:ab:fb:c1:32:
56:16:7c:56:1e:d9:af:89:5f:96:ee:05:f2:c8:cb:
84:f4:c3:28:47:70:20:12:8b:b9:da:42:f0:6b:4d:
fe:13:9f:9c:20:13:a4:f8:1f:09:b3:87:18:07:25:
55:93:a1:ca:dd:85:14:95:df:22:bb:15:a7:f1:de:
79:d7:9b:01:e7:8e:21:30:a6:e3:e5:30:ea:bb:be:
56:83:d0:0f:19:73:9b:f1:36:8c:a5:81:42:1d:b3:
5e:6c:39:fd:d9:98:15:96:ad:68:05:d8:1c:ae:c5:
0f:3a:20:fe:cb:f2:57:fd:93:78:a2:f4:74:73:97:
33:d3:1f:ae:c5:c4:ce:28:f2:52:21:12:b3:bb:55:
89:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:05:1E:77:73:92:E6:BE:94:71:6D:15:CF:25:10:3A:A8:A3:1B:21
X509v3 Authority Key Identifier:
keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/EgUed3OS5r6UcW0VzyUQOqijGyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.252.0/22
89.248.208.0/24
89.248.210.0/23
141.98.220.0/22
185.57.148.0/22
185.151.188.0/22
193.25.122.0/23
193.25.168.0/23
IPv6:
2a0a:1580::/29
Signature Algorithm: sha256WithRSAEncryption
99:35:85:1f:a2:fe:92:d5:72:41:17:0f:6f:cb:44:c7:71:68:
1b:87:09:20:2b:71:b7:8c:b0:62:76:78:f0:e3:54:75:dd:05:
c7:0b:2a:0c:df:44:4d:d0:a4:92:5d:72:68:c7:43:8f:89:2b:
ae:1e:73:b1:6d:08:0e:59:ed:33:94:08:a6:81:62:99:f5:6a:
80:55:e6:72:2d:93:a2:3c:6c:c9:a8:06:df:e2:44:d2:a6:ea:
1a:c8:98:a6:2c:60:ba:6c:e8:44:57:d4:bc:d6:bd:44:b0:a6:
39:1a:97:6c:a5:8b:a1:82:68:21:e2:95:14:c6:cf:8e:c5:0a:
6b:4e:08:9e:eb:55:30:c3:55:94:0d:ab:24:e3:83:d5:38:26:
31:65:02:37:7d:eb:81:95:95:18:6d:b7:bd:42:b1:61:c3:59:
71:bd:ef:dd:38:ab:9a:a3:4f:72:d4:d1:d8:c8:6e:45:6c:0b:
5b:32:8a:f6:f5:f7:21:b1:5c:54:7b:86:46:77:d4:66:de:1c:
69:ef:8b:a3:a0:3a:c3:03:d4:2d:1d:b9:60:3e:b2:0d:5a:76:
c1:5a:2d:37:ec:41:73:b3:7f:03:25:02:2d:9f:c1:02:da:fa:
24:8e:a5:9d:8c:15:97:13:29:bb:e9:04:8d:33:89:4f:93:d7:
4e:fa:84:48
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQhsi95wMc4bh2xTmXZjPEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2
ODI5MzMwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjA1MWU3NzczOTJlNmJlOTQ3MTZkMTVjZjI1MTAzYWE4YTMxYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dbHU9Rgd3zHZzOorm5Q1XHFPs0n
kpkPJ9Pmp70Tnp3DfTR+tCrsDsTgi1ka6dLq+KQLLHx+qB2+03Bd49QTJfW3cwFX
l4MIsLjUM7fccLPK+xB4mL8ZDI5WII3Iq3dIKz2Y7qqDxV2aUvJcsDzIIMURzqv7
wTJWFnxWHtmviV+W7gXyyMuE9MMoR3AgEou52kLwa03+E5+cIBOk+B8Js4cYByVV
k6HK3YUUld8iuxWn8d5515sB544hMKbj5TDqu75Wg9APGXOb8TaMpYFCHbNebDn9
2ZgVlq1oBdgcrsUPOiD+y/JX/ZN4ovR0c5cz0x+uxcTOKPJSIRKzu1WJzQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBIFHndzkua+lHFtFc8lEDqooxshMB8GA1UdIwQY
MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt
OTVhYjgxYjc3NjkxLzEvRWdVZWQzT1M1cjZVY1cwVnp5VVFPcWlqR3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx
LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCJZT8AwQA
WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8AwQBwRl6AwQBwRmoMA0EAgACMAcD
BQMqChWAMA0GCSqGSIb3DQEBCwUAA4IBAQCZNYUfov6S1XJBFw9vy0THcWgbhwkg
K3G3jLBidnjw41R13QXHCyoM30RN0KSSXXJox0OPiSuuHnOxbQgOWe0zlAimgWKZ
9WqAVeZyLZOiPGzJqAbf4kTSpuoayJimLGC6bOhEV9S81r1EsKY5GpdspYuhgmgh
4pUUxs+OxQprTgie61Uww1WUDask44PVOCYxZQI3feuBlZUYbbe9QrFhw1lxve/d
OKuao09y1NHYyG5FbAtbMor29fchsVxUe4ZGd9Rm3hxp74ujoDrDA9QtHblgPrIN
WnbBWi037EFzs38DJQItn8EC2vokjqWdjBWXEym76QSNM4lPk9dO+oRI
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:59:09 2025 by rpki-client