Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/EoONLCC0uBU4UnkK6hGEDKnLwOs.roa
File: EoONLCC0uBU4UnkK6hGEDKnLwOs.roa (raw, json)
Hash identifier: BvTXgf3VZmemwuiX/6PvTlFRYmGF/FW7bb7KGQyaCiA=
Subject key identifier: 12:83:8D:2C:20:B4:B8:15:38:52:79:0A:EA:11:84:0C:A9:CB:C0:EB
Certificate issuer: /CN=dd4670c2a6fd7223327f68badbe6d08322b78058
Certificate serial: 0194258F5C0E178A6570830282F5F5F01F92
Authority key identifier: DD:46:70:C2:A6:FD:72:23:32:7F:68:BA:DB:E6:D0:83:22:B7:80:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UZwwqb9ciMyf2i62-bQgyK3gFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/EoONLCC0uBU4UnkK6hGEDKnLwOs.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197177
IP address blocks: 81.161.100.0/24 maxlen: 24
91.223.52.0/24 maxlen: 24
109.106.4.0/22 maxlen: 23
185.174.12.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/3UZwwqb9ciMyf2i62-bQgyK3gFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/3UZwwqb9ciMyf2i62-bQgyK3gFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3UZwwqb9ciMyf2i62-bQgyK3gFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5c:0e:17:8a:65:70:83:02:82:f5:f5:f0:1f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4670c2a6fd7223327f68badbe6d08322b78058
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12838d2c20b4b8153852790aea11840ca9cbc0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:21:a4:f2:3b:a4:8c:b7:99:5a:3b:7f:0d:a3:
e5:b1:fb:dd:1d:bc:02:61:bd:03:c8:f6:27:e0:9c:
4c:40:10:1f:51:e3:67:06:31:67:f5:eb:cc:95:6c:
49:d0:e6:a4:cd:e1:76:50:5d:df:b4:b0:7b:25:21:
6b:48:c1:28:a2:14:4b:12:f0:fd:47:63:f4:f7:33:
ee:c6:26:fd:b3:3d:7e:64:a4:f0:a8:87:c8:15:5c:
78:ce:6f:0e:17:a9:c0:4b:9e:94:07:2e:1a:89:c2:
ac:e1:28:30:b0:f5:ed:e4:d4:9d:e0:83:6b:77:1b:
5c:39:a1:fc:c8:cd:ea:98:81:62:04:17:cd:59:3c:
40:a4:30:87:9a:6c:6e:86:69:6b:44:85:3c:e1:a4:
55:4a:ef:5b:96:ac:d9:61:28:f6:3c:2f:7f:60:e1:
04:d5:07:1b:a6:c7:be:aa:6d:49:40:61:3a:70:69:
5a:40:25:52:6e:fc:3a:da:1e:6d:9a:2c:d6:31:f7:
e7:19:38:2f:52:ed:64:c2:b8:e8:94:7b:56:9c:c4:
aa:12:59:4b:31:71:67:e0:3c:b7:a6:66:51:6d:08:
10:5d:76:a6:f4:fc:40:a2:0f:5e:af:ae:0d:b2:b5:
cb:0c:fb:9d:28:4f:63:ab:27:ef:81:57:0b:e3:0d:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:83:8D:2C:20:B4:B8:15:38:52:79:0A:EA:11:84:0C:A9:CB:C0:EB
X509v3 Authority Key Identifier:
keyid:DD:46:70:C2:A6:FD:72:23:32:7F:68:BA:DB:E6:D0:83:22:B7:80:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UZwwqb9ciMyf2i62-bQgyK3gFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/EoONLCC0uBU4UnkK6hGEDKnLwOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/3UZwwqb9ciMyf2i62-bQgyK3gFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.100.0/24
91.223.52.0/24
109.106.4.0/22
185.174.12.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:29:f4:9f:a8:6f:54:83:bc:4f:15:31:3a:91:da:7c:c7:4d:
97:b9:a3:30:49:29:2a:2e:68:6a:68:d2:71:e1:35:9d:2e:79:
63:4e:30:18:07:1a:57:52:39:4e:4f:8d:47:39:a8:13:88:06:
24:70:fa:63:6e:09:1b:7f:b3:87:bb:5f:23:36:6a:ed:40:19:
b8:0a:30:51:b0:36:1b:ad:25:ed:bb:72:4b:56:3f:27:f4:a8:
92:07:bc:35:ec:b1:19:a2:6b:b2:2c:be:d6:9a:2f:d0:4f:15:
52:38:c6:d2:44:2f:1a:65:b3:ec:33:c3:0c:a2:cf:b3:aa:d0:
fc:76:30:a4:9f:2d:22:b5:d9:e2:32:00:aa:f2:13:88:41:bd:
3c:2b:1a:24:58:20:fc:9a:a8:06:ab:fa:aa:a5:98:5d:b1:cf:
b4:11:81:b5:ee:cf:b5:7a:45:da:36:01:2d:b0:01:e8:ab:31:
31:22:e2:4a:c3:ea:d6:9b:8b:0e:1a:be:95:40:14:f8:1f:33:
5f:db:23:2e:ad:61:06:3d:53:10:72:64:37:1a:6b:62:1e:cb:
b1:98:fc:a2:8e:28:52:01:9f:7b:4e:e8:51:0a:48:3e:f2:b9:
6c:c0:ba:42:19:f8:b3:ed:04:0e:e3:34:74:e3:4d:a1:3c:d5:
4e:47:c7:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj1wOF4plcIMCgvX18B+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDY3MGMyYTZmZDcyMjMzMjdmNjhiYWRiZTZkMDgzMjJi
NzgwNTgwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjgzOGQyYzIwYjRiODE1Mzg1Mjc5MGFlYTExODQwY2E5Y2JjMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SGk8jukjLeZWjt/DaPlsfvdHbwC
Yb0DyPYn4JxMQBAfUeNnBjFn9evMlWxJ0OakzeF2UF3ftLB7JSFrSMEoohRLEvD9
R2P09zPuxib9sz1+ZKTwqIfIFVx4zm8OF6nAS56UBy4aicKs4SgwsPXt5NSd4INr
dxtcOaH8yM3qmIFiBBfNWTxApDCHmmxuhmlrRIU84aRVSu9blqzZYSj2PC9/YOEE
1Qcbpse+qm1JQGE6cGlaQCVSbvw62h5tmizWMffnGTgvUu1kwrjolHtWnMSqEllL
MXFn4Dy3pmZRbQgQXXam9PxAog9er64NsrXLDPudKE9jqyfvgVcL4w1d+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBKDjSwgtLgVOFJ5CuoRhAypy8DrMB8GA1UdIwQY
MBaAFN1GcMKm/XIjMn9outvm0IMit4BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Vad3dxYjljaU15ZjJpNjItYlFneUszZ0ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83YTc3ODEtOWI0Yy00ODJiLWIyOTUt
OWNkM2M2YTE4ODY2LzEvRW9PTkxDQzB1QlU0VW5rSzZoR0VES25Md09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83YTc3ODEtOWI0Yy00ODJiLWIyOTUtOWNkM2M2YTE4ODY2
LzEvM1Vad3dxYjljaU15ZjJpNjItYlFneUszZ0ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUaFkAwQA
W980AwQCbWoEAwQCua4MMA0GCSqGSIb3DQEBCwUAA4IBAQDDKfSfqG9Ug7xPFTE6
kdp8x02XuaMwSSkqLmhqaNJx4TWdLnljTjAYBxpXUjlOT41HOagTiAYkcPpjbgkb
f7OHu18jNmrtQBm4CjBRsDYbrSXtu3JLVj8n9KiSB7w17LEZomuyLL7Wmi/QTxVS
OMbSRC8aZbPsM8MMos+zqtD8djCkny0itdniMgCq8hOIQb08KxokWCD8mqgGq/qq
pZhdsc+0EYG17s+1ekXaNgEtsAHoqzExIuJKw+rWm4sOGr6VQBT4HzNf2yMurWEG
PVMQcmQ3GmtiHsuxmPyijihSAZ97TuhRCkg+8rlswLpCGfiz7QQO4zR0402hPNVO
R8ed
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:58:07 2025 by rpki-client