Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/eWWR4vM0w5SZ0sBVPl9f9xfpWlM.roa
File: eWWR4vM0w5SZ0sBVPl9f9xfpWlM.roa (raw, json)
Hash identifier: 0jDZKCUWokK8TsjPgI0+fTiqYEgYJ/hp0vG/qzmnqKA=
Subject key identifier: 79:65:91:E2:F3:34:C3:94:99:D2:C0:55:3E:5F:5F:F7:17:E9:5A:53
Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Certificate serial: 019421B22F3B5961EBB41FABF4887564B017
Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/eWWR4vM0w5SZ0sBVPl9f9xfpWlM.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12826
IP address blocks: 91.151.64.0/20 maxlen: 20
91.151.64.0/24 maxlen: 24
91.151.65.0/24 maxlen: 24
91.151.66.0/24 maxlen: 24
91.151.67.0/24 maxlen: 24
91.151.68.0/24 maxlen: 24
91.151.69.0/24 maxlen: 24
91.151.70.0/23 maxlen: 23
91.151.72.0/23 maxlen: 23
91.151.74.0/24 maxlen: 24
91.151.76.0/24 maxlen: 24
91.151.77.0/24 maxlen: 24
185.55.164.0/22 maxlen: 22
2a00:ef60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2f:3b:59:61:eb:b4:1f:ab:f4:88:75:64:b0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=796591e2f334c39499d2c0553e5f5ff717e95a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:13:92:63:f0:c0:66:fd:56:75:80:b5:cd:e3:
05:10:5b:2b:6d:39:ec:00:30:bc:8c:f7:1d:62:bb:
5f:09:d6:49:de:46:43:a3:c9:20:a8:7d:45:5f:15:
05:4b:a0:15:ac:01:e5:3e:25:80:5f:91:a7:3c:41:
73:fc:fb:04:4e:5b:f6:4a:95:37:98:01:7a:c1:8d:
12:22:94:23:af:b1:02:28:b1:cd:dd:d1:be:82:82:
0c:ed:79:a5:10:c9:5c:a8:d4:de:ce:37:22:42:ab:
80:c9:4f:45:a5:b2:d4:74:9a:f7:f2:d1:4b:47:3b:
58:1c:52:1a:ee:82:f7:6b:bc:c1:7b:0c:21:e6:8d:
f5:ca:2c:f6:b7:e7:4f:8f:99:ab:8d:ac:92:fa:52:
f3:bf:7f:98:c9:ad:14:ce:7b:86:e1:1d:14:ec:3d:
da:1d:31:65:57:46:cf:3d:9e:a3:07:a1:03:39:3a:
56:a7:d1:61:7f:3e:db:7f:9f:29:18:41:d9:87:8e:
e6:41:cf:00:a1:39:0c:40:05:bf:93:ce:6a:9f:fc:
85:cc:d3:64:11:1f:03:4e:d6:63:6b:52:26:66:52:
c4:5e:32:66:21:90:c8:0c:3e:25:40:86:e4:a8:84:
5e:90:56:23:6e:f8:8a:a6:1d:f8:49:a4:2c:ca:5b:
33:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:65:91:E2:F3:34:C3:94:99:D2:C0:55:3E:5F:5F:F7:17:E9:5A:53
X509v3 Authority Key Identifier:
keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/eWWR4vM0w5SZ0sBVPl9f9xfpWlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.64.0/20
185.55.164.0/22
IPv6:
2a00:ef60::/32
Signature Algorithm: sha256WithRSAEncryption
3e:88:43:82:ba:12:92:71:7c:dc:b9:59:70:4b:3c:9d:03:20:
c6:17:21:bd:86:c0:3f:64:e4:d2:2f:12:9f:0c:de:ba:2f:3e:
35:9f:9a:66:65:ef:c1:8c:4a:19:f1:14:47:9c:fc:3f:ff:78:
a4:94:fa:86:37:ea:a4:d1:c6:1f:b0:5d:32:73:de:16:85:18:
76:5b:ab:77:d1:78:42:b6:ef:55:c7:ea:52:d6:98:3a:64:34:
16:d3:a8:e1:c5:41:75:b5:c6:9a:f4:76:90:9a:c5:0b:84:a3:
f1:43:03:94:5a:39:ff:6e:b1:ba:d9:94:c1:02:1b:da:58:26:
cd:7b:6d:86:60:9c:91:fc:df:ce:1e:20:f8:5d:4c:89:99:f0:
94:9a:d3:0c:42:28:83:72:1a:6e:c3:27:76:2d:08:1e:ee:41:
d3:4a:14:43:3b:b6:59:fe:63:7d:27:63:eb:04:f7:30:41:e8:
be:2d:50:15:59:56:35:bd:4f:40:d7:75:78:29:14:eb:76:df:
e2:9b:ab:67:fa:b6:99:50:88:26:bc:5f:fa:71:7d:8f:01:fd:
ae:28:11:25:b0:47:0b:06:63:e6:c6:35:58:b9:88:bf:f1:89:
cc:00:2c:75:33:ba:86:43:81:b6:ea:d3:19:2d:9c:33:45:02:
43:e8:62:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsi87WWHrtB+r9Ih1ZLAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2
ODI5MzMwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTY1OTFlMmYzMzRjMzk0OTlkMmMwNTUzZTVmNWZmNzE3ZTk1YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ROSY/DAZv1WdYC1zeMFEFsrbTns
ADC8jPcdYrtfCdZJ3kZDo8kgqH1FXxUFS6AVrAHlPiWAX5GnPEFz/PsETlv2SpU3
mAF6wY0SIpQjr7ECKLHN3dG+goIM7XmlEMlcqNTezjciQquAyU9FpbLUdJr38tFL
RztYHFIa7oL3a7zBewwh5o31yiz2t+dPj5mrjayS+lLzv3+Yya0UznuG4R0U7D3a
HTFlV0bPPZ6jB6EDOTpWp9Fhfz7bf58pGEHZh47mQc8AoTkMQAW/k85qn/yFzNNk
ER8DTtZja1ImZlLEXjJmIZDIDD4lQIbkqIRekFYjbviKph34SaQsylszTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHllkeLzNMOUmdLAVT5fX/cX6VpTMB8GA1UdIwQY
MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt
OTVhYjgxYjc3NjkxLzEvZVdXUjR2TTB3NVNaMHNCVlBsOWY5eGZwV2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx
LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW5dAAwQC
uTekMA0EAgACMAcDBQAqAO9gMA0GCSqGSIb3DQEBCwUAA4IBAQA+iEOCuhKScXzc
uVlwSzydAyDGFyG9hsA/ZOTSLxKfDN66Lz41n5pmZe/BjEoZ8RRHnPw//3iklPqG
N+qk0cYfsF0yc94WhRh2W6t30XhCtu9Vx+pS1pg6ZDQW06jhxUF1tcaa9HaQmsUL
hKPxQwOUWjn/brG62ZTBAhvaWCbNe22GYJyR/N/OHiD4XUyJmfCUmtMMQiiDchpu
wyd2LQge7kHTShRDO7ZZ/mN9J2PrBPcwQei+LVAVWVY1vU9A13V4KRTrdt/im6tn
+raZUIgmvF/6cX2PAf2uKBElsEcLBmPmxjVYuYi/8YnMACx1M7qGQ4G26tMZLZwz
RQJD6GJV
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:26:22 2025 by rpki-client