Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/btDg54MeJbXTPEtxucWKVoxBNaM.roa
File: btDg54MeJbXTPEtxucWKVoxBNaM.roa (raw, json)
Hash identifier: H3nemfeenmHgaltlyzaYjSQZrnYMiZ/c/aLfawo+I4k=
Subject key identifier: 6E:D0:E0:E7:83:1E:25:B5:D3:3C:4B:71:B9:C5:8A:56:8C:41:35:A3
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0194266B5C245719A391C74B67400219F044
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/btDg54MeJbXTPEtxucWKVoxBNaM.roa
Signing time: Thu 02 Jan 2025 09:49:17 +0000
ROA not before: Thu 02 Jan 2025 09:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197897
IP address blocks: 31.211.128.0/19 maxlen: 24
95.158.148.0/24 maxlen: 24
95.158.151.0/24 maxlen: 24
151.252.192.0/22 maxlen: 24
151.252.196.0/23 maxlen: 24
151.252.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5c:24:57:19:a3:91:c7:4b:67:40:02:19:f0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 09:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ed0e0e7831e25b5d33c4b71b9c58a568c4135a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b9:ce:e4:44:ae:31:da:3f:98:41:b6:07:fb:
62:17:3d:6f:a5:80:0a:ce:77:a8:d1:7e:68:9c:e5:
85:3a:0c:5f:97:bf:14:1c:e3:70:90:d9:0f:01:29:
b3:d9:16:2e:cf:bb:3e:c3:fb:23:5e:f7:8f:04:d0:
2e:af:85:ed:04:cb:0e:1e:83:e8:16:60:5e:f7:3e:
01:7f:5f:84:ec:10:62:fb:82:b7:ee:54:c2:78:24:
7d:25:6b:e8:4b:c3:1c:fa:05:41:7b:5a:fe:c0:c9:
51:a4:c2:be:5b:13:2d:dd:ab:f9:b3:cc:13:2f:05:
ee:65:1a:af:00:81:ba:9a:c1:2e:65:b3:ad:5e:f8:
bf:65:60:de:fb:7b:8a:cf:a0:18:d7:81:8b:35:b5:
54:0b:ad:e5:f0:60:ee:38:27:9c:c8:f7:af:2b:e8:
43:5f:8d:23:cd:94:25:b8:e2:cc:95:40:69:1b:e1:
96:dd:7f:fc:fd:36:06:27:c1:d8:a0:67:64:9a:51:
f2:d5:04:de:e3:39:06:7b:f2:92:aa:09:db:ee:26:
4f:33:fb:54:74:11:93:5c:1c:8f:1a:2d:2c:28:e3:
6b:3c:58:e3:75:5a:80:a8:22:0e:f7:04:4c:55:2c:
1b:7d:41:00:11:fc:75:0c:67:cc:ca:69:df:26:85:
d0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D0:E0:E7:83:1E:25:B5:D3:3C:4B:71:B9:C5:8A:56:8C:41:35:A3
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/btDg54MeJbXTPEtxucWKVoxBNaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.211.128.0/19
95.158.148.0/24
95.158.151.0/24
151.252.192.0-151.252.197.255
151.252.200.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:7a:10:85:03:8c:87:f1:54:d8:36:d4:a1:e6:9a:49:33:dd:
46:68:7c:b7:9f:57:f7:e0:4c:e6:32:13:43:c3:12:7f:1d:9f:
5e:99:ff:9a:a3:3c:26:3f:0c:10:67:08:73:da:a2:a3:4b:1b:
29:3a:2d:46:97:61:bb:31:9a:88:2c:35:6e:bb:7b:e5:54:fe:
98:c0:1c:d7:12:56:7a:6d:93:76:ce:a9:44:2d:b5:90:40:87:
c9:2b:39:fc:51:c3:e9:bc:6f:9e:6b:06:41:f0:a1:47:03:ca:
03:b8:09:57:5c:13:26:88:bf:38:b4:43:82:5f:0f:9b:9f:b4:
35:38:58:94:13:90:7d:58:61:96:3c:d7:75:ab:3d:33:bf:89:
ac:09:5f:13:21:4b:de:95:52:90:02:bb:34:c3:d2:a4:2b:10:
ba:21:30:ea:bb:50:c9:2c:62:c4:00:49:78:d1:c9:ce:65:ab:
00:ae:e0:fb:13:86:eb:f4:da:0d:12:9c:a7:18:97:80:2c:b0:
b0:62:f8:03:16:4f:ee:a9:9e:d2:b7:38:6d:ed:90:90:a6:d6:
1c:7d:34:13:ae:f7:2e:61:38:d1:a6:be:ad:ad:59:16:75:a8:
09:ce:b8:68:7d:4d:29:8c:84:c9:d3:9b:2d:ae:34:e3:4e:3d:
88:ef:8c:13
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQma1wkVxmjkcdLZ0ACGfBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjUwMTAyMDk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQwZTBlNzgzMWUyNWI1ZDMzYzRiNzFiOWM1OGE1NjhjNDEzNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLnO5ESuMdo/mEG2B/tiFz1vpYAK
zneo0X5onOWFOgxfl78UHONwkNkPASmz2RYuz7s+w/sjXvePBNAur4XtBMsOHoPo
FmBe9z4Bf1+E7BBi+4K37lTCeCR9JWvoS8Mc+gVBe1r+wMlRpMK+WxMt3av5s8wT
LwXuZRqvAIG6msEuZbOtXvi/ZWDe+3uKz6AY14GLNbVUC63l8GDuOCecyPevK+hD
X40jzZQluOLMlUBpG+GW3X/8/TYGJ8HYoGdkmlHy1QTe4zkGe/KSqgnb7iZPM/tU
dBGTXByPGi0sKONrPFjjdVqAqCIO9wRMVSwbfUEAEfx1DGfMymnfJoXQrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG7Q4OeDHiW10zxLcbnFilaMQTWjMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvYnREZzU0TWVKYlhUUEV0eHVjV0tWb3hCTmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQFH9OAAwQA
X56UAwQAX56XMAwDBAaX/MADBAGX/MQDBAOX/MgwDQYJKoZIhvcNAQELBQADggEB
ALF6EIUDjIfxVNg21KHmmkkz3UZofLefV/fgTOYyE0PDEn8dn16Z/5qjPCY/DBBn
CHPaoqNLGyk6LUaXYbsxmogsNW67e+VU/pjAHNcSVnptk3bOqUQttZBAh8krOfxR
w+m8b55rBkHwoUcDygO4CVdcEyaIvzi0Q4JfD5uftDU4WJQTkH1YYZY813WrPTO/
iawJXxMhS96VUpACuzTD0qQrELohMOq7UMksYsQASXjRyc5lqwCu4PsThuv02g0S
nKcYl4AssLBi+AMWT+6pntK3OG3tkJCm1hx9NBOu9y5hONGmvq2tWRZ1qAnOuGh9
TSmMhMnTmy2uNONOPYjvjBM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:10 2025 by rpki-client