Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/aeq0M_Wlrma2wrWV2KK3our1J68.roa
File: aeq0M_Wlrma2wrWV2KK3our1J68.roa (raw, json)
Hash identifier: cB9AVSumNIn7tIPt4nPlnxcQS8vWgLkGe6b+JNzdHyY=
Subject key identifier: 69:EA:B4:33:F5:A5:AE:66:B6:C2:B5:95:D8:A2:B7:A2:EA:F5:27:AF
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 0194252186F44C63C19A26C049360434DD96
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/aeq0M_Wlrma2wrWV2KK3our1J68.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
46.20.48.0/20 maxlen: 20
46.20.56.0/23 maxlen: 23
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
91.208.50.0/24 maxlen: 24
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
128.127.80.0/20 maxlen: 20
128.127.80.0/21 maxlen: 21
185.15.232.0/22 maxlen: 22
188.125.224.0/19 maxlen: 19
188.125.242.0/23 maxlen: 23
188.125.244.0/22 maxlen: 22
213.109.32.0/20 maxlen: 20
213.109.34.0/23 maxlen: 23
213.109.39.0/24 maxlen: 24
213.109.40.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:86:f4:4c:63:c1:9a:26:c0:49:36:04:34:dd:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69eab433f5a5ae66b6c2b595d8a2b7a2eaf527af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:e7:b4:b7:d6:2e:2d:52:da:54:8c:6d:29:
37:87:52:6f:f0:9f:c2:17:94:32:3b:82:e0:7d:d0:
25:7b:b7:d7:61:a8:61:df:85:8e:3c:ef:57:73:d3:
4e:9a:20:22:09:20:11:d8:f6:27:16:2e:cc:ac:c1:
a2:bb:a4:6e:10:26:17:31:3d:75:f2:6e:1b:bc:26:
a4:bc:8f:9e:84:b6:ee:65:6c:ad:65:7d:05:ef:75:
f5:b6:25:e2:ea:ee:45:a6:c4:62:d2:6d:c9:f1:de:
18:6b:3a:bd:30:eb:e5:5c:ef:ba:35:37:51:77:36:
14:52:44:f1:e9:58:df:f5:c2:d3:17:60:1c:cf:4d:
a3:ab:6a:19:81:ba:25:9f:d3:6b:a7:da:97:8a:3e:
db:49:f5:92:b7:af:ee:a2:c7:ba:2b:bb:12:07:97:
2e:3e:f0:03:5f:dd:2a:fd:eb:17:f0:fc:6d:9b:d4:
5d:01:76:54:80:f1:57:9b:eb:af:15:e2:bf:ca:17:
d3:b3:85:f1:da:fe:b6:df:3a:51:a9:ab:ed:75:85:
4c:3c:09:4b:9d:53:42:e8:5c:91:98:7f:77:6b:1c:
03:16:f6:32:73:b3:80:97:64:ba:6e:5b:08:1a:0e:
85:22:26:27:27:91:eb:a1:72:34:6b:f6:1b:5e:1a:
fe:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EA:B4:33:F5:A5:AE:66:B6:C2:B5:95:D8:A2:B7:A2:EA:F5:27:AF
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/aeq0M_Wlrma2wrWV2KK3our1J68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
03:f4:36:1d:93:db:fc:f6:aa:4a:46:ff:e1:de:50:dc:b5:65:
1e:b7:18:c6:b9:23:3b:d2:a1:a1:a8:5d:90:00:0e:02:d8:74:
49:c2:d7:12:4b:f7:0b:6d:fc:1f:02:a6:b4:87:04:d3:e5:30:
70:59:7d:ca:18:51:bf:14:ed:31:ab:d1:66:3e:8f:da:27:ff:
a7:87:24:61:eb:8c:b8:95:9b:29:25:fa:92:e4:21:97:7e:b3:
9d:01:0d:1d:99:92:57:88:c8:a1:ad:e3:81:54:3b:63:17:d1:
19:78:51:7c:54:dd:d2:ac:85:8d:07:e9:a1:ae:e4:3b:dc:92:
2a:c9:51:9c:17:c5:eb:7f:05:a8:35:eb:b0:bd:b7:27:cd:08:
f3:66:06:03:d6:19:c5:e0:55:94:5f:0e:59:07:52:12:71:d6:
d9:61:fd:64:5f:1f:0b:05:22:de:e4:60:6d:e5:16:2a:b3:55:
5b:e7:d6:75:de:de:16:c0:9b:aa:36:70:95:1a:05:be:2f:41:
1f:a3:d8:7b:a1:c4:f4:48:22:0c:00:9f:27:31:79:f3:ac:4c:
6a:cf:e8:ac:cd:1d:95:95:99:73:9e:f4:b2:b4:2f:b0:7f:f9:
5b:a7:28:ae:5a:14:bf:6f:e8:a8:07:20:2a:92:e2:39:5a:07:
04:21:46:fb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQlIYb0TGPBmibASTYENN2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVhYjQzM2Y1YTVhZTY2YjZjMmI1OTVkOGEyYjdhMmVhZjUyN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXXntLfWLi1S2lSMbSk3h1Jv8J/C
F5QyO4LgfdAle7fXYahh34WOPO9Xc9NOmiAiCSAR2PYnFi7MrMGiu6RuECYXMT11
8m4bvCakvI+ehLbuZWytZX0F73X1tiXi6u5FpsRi0m3J8d4Yazq9MOvlXO+6NTdR
dzYUUkTx6Vjf9cLTF2Acz02jq2oZgboln9Nrp9qXij7bSfWSt6/uose6K7sSB5cu
PvADX90q/esX8Pxtm9RdAXZUgPFXm+uvFeK/yhfTs4Xx2v623zpRqavtdYVMPAlL
nVNC6FyRmH93axwDFvYyc7OAl2S6blsIGg6FIiYnJ5HroXI0a/YbXhr+XwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGnqtDP1pa5mtsK1ldiit6Lq9SevMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvYWVxME1fV2xybWEyd3JXVjJLSzNvdXIxSjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEJYOgAwQE
LhQwAwQBW85sAwQAW9AyAwQEXa+AAwQEgH9QAwQCuQ/oAwQFvH3gAwQE1W0gMA0E
AgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IBAQAD9DYdk9v89qpKRv/h3lDc
tWUetxjGuSM70qGhqF2QAA4C2HRJwtcSS/cLbfwfAqa0hwTT5TBwWX3KGFG/FO0x
q9FmPo/aJ/+nhyRh64y4lZspJfqS5CGXfrOdAQ0dmZJXiMihreOBVDtjF9EZeFF8
VN3SrIWNB+mhruQ73JIqyVGcF8XrfwWoNeuwvbcnzQjzZgYD1hnF4FWUXw5ZB1IS
cdbZYf1kXx8LBSLe5GBt5RYqs1Vb59Z13t4WwJuqNnCVGgW+L0Efo9h7ocT0SCIM
AJ8nMXnzrExqz+iszR2VlZlznvSytC+wf/lbpyiuWhS/b+ioByAqkuI5WgcEIUb7
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:25:39 2025 by rpki-client