Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/EWVGu4R3cKhh-BKSuA-TvtreUvQ.roa
File: EWVGu4R3cKhh-BKSuA-TvtreUvQ.roa (raw, json)
Hash identifier: Cb21KXqlqAwW72hMYX2oxSoLP7mzvnq3iAy2bdJYdnk=
Subject key identifier: 11:65:46:BB:84:77:70:A8:61:F8:12:92:B8:0F:93:BE:DA:DE:52:F4
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 019532290031EEF990F5AB8740A7B435A7C0
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/EWVGu4R3cKhh-BKSuA-TvtreUvQ.roa
Signing time: Sun 23 Feb 2025 09:35:02 +0000
ROA not before: Sun 23 Feb 2025 09:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51235
IP address blocks: 185.107.244.0/23 maxlen: 23
185.107.244.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
185.136.182.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
2a12:5440::/45 maxlen: 45
2a12:5440::/48 maxlen: 48
2a12:5440:1::/48 maxlen: 48
2a12:5440:2::/48 maxlen: 48
2a12:5440:8::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:32:29:00:31:ee:f9:90:f5:ab:87:40:a7:b4:35:a7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Feb 23 09:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=116546bb847770a861f81292b80f93bedade52f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:87:cd:c3:db:38:6b:c2:4b:7d:63:ba:7d:f1:
55:84:a7:03:0a:b8:26:9f:4a:e1:06:5c:bb:70:6d:
ff:1c:03:f4:5f:46:a0:02:b4:35:47:6f:8b:e9:cf:
16:f4:c6:92:23:66:8e:77:a6:f3:e2:0e:a7:f9:8b:
61:89:f6:ec:97:2c:f2:54:0e:3f:d6:7f:56:48:fa:
6b:b9:5c:b1:aa:28:53:61:a6:83:a7:ac:9e:9a:7f:
b7:63:a0:3c:3b:54:5e:fb:e3:e4:73:b3:75:f6:e9:
f8:bd:e7:76:19:96:39:62:5b:e7:16:bf:f5:76:91:
60:ae:9d:b2:91:86:3b:d1:59:14:b0:bf:2b:41:74:
b9:07:0d:2a:3f:0d:2a:b0:0c:25:7c:e0:77:93:e3:
e6:03:27:57:82:dd:89:fd:e3:39:73:7b:23:ae:2a:
9c:2e:76:c5:86:b4:f8:53:1d:1c:49:09:03:b3:05:
e2:e4:1f:bc:22:de:f9:22:b0:b6:ac:fe:8b:8c:5f:
4f:9c:47:80:22:49:33:49:44:88:b1:0c:2c:d2:ce:
d9:a3:4f:64:59:39:cc:68:b1:63:a8:21:e2:7a:93:
69:8d:de:55:5c:00:d0:f1:3e:94:03:9f:77:91:58:
92:e3:00:3d:d3:16:41:98:45:47:44:ea:62:41:c1:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:65:46:BB:84:77:70:A8:61:F8:12:92:B8:0F:93:BE:DA:DE:52:F4
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/EWVGu4R3cKhh-BKSuA-TvtreUvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/44
Signature Algorithm: sha256WithRSAEncryption
3a:f5:7b:a3:2d:a2:6b:6d:54:d0:48:00:8e:8a:9b:3d:d4:e5:
f5:e5:e0:78:cc:f0:ad:6e:96:c4:f2:f5:6b:91:e1:9e:94:25:
a2:f9:8e:b6:53:9f:28:9e:47:49:6c:1e:9f:65:a4:b0:91:65:
97:53:29:b2:20:71:e4:ed:7d:2c:c3:4e:75:87:04:85:4a:69:
05:3c:50:fe:7c:1e:b5:3d:c3:c6:43:b1:1e:f2:66:56:a8:89:
fd:ba:33:7d:78:55:f1:6d:1d:fc:68:69:d9:f9:77:15:ce:80:
50:05:4a:ed:df:17:20:55:14:58:d9:e4:a1:bc:e5:80:92:91:
4e:51:25:e8:21:97:79:80:3e:5b:27:d4:b2:de:2f:19:a7:61:
b1:d0:b5:a1:88:30:07:6b:8e:8f:d2:2c:a7:6f:d1:8d:02:1a:
80:26:51:53:3e:64:be:fe:22:29:19:49:d7:03:5b:a8:34:bb:
2a:84:1c:94:24:24:f2:13:43:c1:01:d8:ca:f2:7c:fc:44:23:
58:4f:50:e8:dc:49:2f:17:2c:9e:34:cf:d0:1e:4a:95:51:a8:
35:de:b3:1c:30:cf:4a:74:7f:7e:a7:d2:4d:01:6b:55:91:15:
c4:ab:3d:fe:7a:3e:dd:85:a0:68:93:bb:3d:ad:69:7c:aa:f3:
9f:3d:0a:d3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZUyKQAx7vmQ9auHQKe0NafAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjUwMjIzMDkzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY1NDZiYjg0Nzc3MGE4NjFmODEyOTJiODBmOTNiZWRhZGU1MmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkofNw9s4a8JLfWO6ffFVhKcDCrgm
n0rhBly7cG3/HAP0X0agArQ1R2+L6c8W9MaSI2aOd6bz4g6n+YthifbslyzyVA4/
1n9WSPpruVyxqihTYaaDp6yemn+3Y6A8O1Re++Pkc7N19un4ved2GZY5YlvnFr/1
dpFgrp2ykYY70VkUsL8rQXS5Bw0qPw0qsAwlfOB3k+PmAydXgt2J/eM5c3sjriqc
LnbFhrT4Ux0cSQkDswXi5B+8It75IrC2rP6LjF9PnEeAIkkzSUSIsQws0s7Zo09k
WTnMaLFjqCHiepNpjd5VXADQ8T6UA593kViS4wA90xZBmEVHROpiQcG7+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBFlRruEd3CoYfgSkrgPk77a3lL0MB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvRVdWR3U0UjNjS2hoLUJLU3VBLVR2dHJlVXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwQqElRAAAAwDQYJKoZIhvcNAQELBQADggEBADr1
e6MtomttVNBIAI6Kmz3U5fXl4HjM8K1ulsTy9WuR4Z6UJaL5jrZTnyieR0lsHp9l
pLCRZZdTKbIgceTtfSzDTnWHBIVKaQU8UP58HrU9w8ZDsR7yZlaoif26M314VfFt
Hfxoadn5dxXOgFAFSu3fFyBVFFjZ5KG85YCSkU5RJeghl3mAPlsn1LLeLxmnYbHQ
taGIMAdrjo/SLKdv0Y0CGoAmUVM+ZL7+IikZSdcDW6g0uyqEHJQkJPITQ8EB2Mry
fPxEI1hPUOjcSS8XLJ40z9AeSpVRqDXesxwwz0p0f36n0k0Ba1WRFcSrPf56Pt2F
oGiTuz2taXyq8589CtM=
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:54:49 2025 by rpki-client