Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/E9n95xnL19yX1B4Vk9ExkIt3f-c.roa
File: E9n95xnL19yX1B4Vk9ExkIt3f-c.roa (raw, json)
Hash identifier: ouMNy3kdRPfar+w1HNS2jM0LMO/r+ZZQenoBAODEfBY=
Subject key identifier: 13:D9:FD:E7:19:CB:D7:DC:97:D4:1E:15:93:D1:31:90:8B:77:7F:E7
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 01942068542D6DADF434D0254BB7AC0EC5F2
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/E9n95xnL19yX1B4Vk9ExkIt3f-c.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 81.171.61.0/24 maxlen: 24
81.171.66.0/24 maxlen: 24
81.171.68.0/24 maxlen: 24
81.171.70.0/23 maxlen: 23
81.171.105.0/24 maxlen: 24
81.171.106.0/24 maxlen: 24
81.171.115.0/24 maxlen: 24
81.171.116.0/24 maxlen: 24
2001:4de0:101::/48 maxlen: 48
2001:4de0:400::/40 maxlen: 40
2001:4de0:402::/48 maxlen: 48
2001:4de0:500::/40 maxlen: 40
2001:4de0:600::/40 maxlen: 40
2001:4de0:700::/40 maxlen: 40
2001:4de0:1000::/48 maxlen: 48
2001:4de0:2000::/40 maxlen: 40
2001:4de0:2100::/40 maxlen: 48
2001:4de0:2105::/48 maxlen: 48
2001:4de0:2200::/40 maxlen: 40
2001:4de0:2202::/48 maxlen: 48
2001:4de0:2300::/40 maxlen: 40
2001:4de0:3000::/40 maxlen: 40
2001:4de0:3004::/48 maxlen: 48
2001:4de0:3100::/40 maxlen: 40
2001:4de0:4000::/40 maxlen: 40
2001:4de0:4006::/48 maxlen: 48
2001:4de0:4100::/40 maxlen: 40
2001:4de0:4200::/40 maxlen: 40
2001:4de0:4300::/40 maxlen: 40
2001:4de0:5010::/48 maxlen: 48
2001:4de0:7001::/48 maxlen: 48
2001:4de0:7002::/48 maxlen: 48
2001:4de0:ac13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:54:2d:6d:ad:f4:34:d0:25:4b:b7:ac:0e:c5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13d9fde719cbd7dc97d41e1593d131908b777fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:66:67:ea:53:e5:79:98:d0:e2:f9:65:8a:4b:
51:1f:8c:34:8a:4c:6f:63:c1:73:74:5a:e8:be:a3:
04:d5:4c:6f:38:55:24:ed:8c:76:31:64:8e:d5:14:
7d:e0:22:ad:39:25:0d:29:52:61:72:3b:98:a1:78:
47:c5:42:5f:5f:ed:e8:71:d9:6e:b2:fc:2b:65:2e:
07:d7:a2:fa:b0:b5:79:f2:75:e1:8b:b0:63:32:9c:
21:29:b6:da:24:0d:45:dd:11:49:a5:b2:f4:f3:19:
2c:48:43:72:56:12:aa:97:f7:26:74:08:d1:1e:45:
80:8d:9f:c9:55:1b:df:7a:ef:76:6d:a9:0b:0f:ee:
f4:be:c2:fb:b3:a2:4a:da:4f:c0:5f:dc:43:ee:52:
52:b1:af:a9:24:fd:e9:17:7a:51:75:ee:9e:50:60:
c7:16:52:7c:58:e7:bc:2f:99:77:52:12:58:e3:31:
d3:03:cc:bc:eb:2e:7b:34:72:73:c7:5d:08:f6:bf:
e9:73:eb:cd:bf:bc:4d:eb:30:23:39:d5:f0:27:1e:
d6:b1:b8:fd:22:e1:04:ad:7f:0b:16:2c:92:6c:cf:
3b:c4:43:ca:c3:20:8e:4d:88:ec:cf:0d:9b:73:f3:
d1:4b:e5:7c:8c:c8:d0:ad:d8:8c:68:f4:fd:4a:01:
ef:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D9:FD:E7:19:CB:D7:DC:97:D4:1E:15:93:D1:31:90:8B:77:7F:E7
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/E9n95xnL19yX1B4Vk9ExkIt3f-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.61.0/24
81.171.66.0/24
81.171.68.0/24
81.171.70.0/23
81.171.105.0-81.171.106.255
81.171.115.0-81.171.116.255
IPv6:
2001:4de0:101::/48
2001:4de0:400::/38
2001:4de0:1000::/48
2001:4de0:2000::/38
2001:4de0:3000::/39
2001:4de0:4000::/38
2001:4de0:5010::/48
2001:4de0:7001::-2001:4de0:7002:ffff:ffff:ffff:ffff:ffff
2001:4de0:ac13::/48
Signature Algorithm: sha256WithRSAEncryption
b7:e3:f9:4e:cf:c6:00:f7:0a:2b:81:c3:67:c6:fc:f4:cd:49:
31:76:15:b4:cd:68:0d:e9:d0:73:32:cf:50:0b:57:dc:9f:34:
7e:6f:58:5a:ea:d5:21:bd:c5:c5:e1:66:32:03:e3:0b:cc:9d:
31:bb:b5:bc:c4:8a:84:6e:ef:0f:7f:20:7d:56:eb:4e:bf:dd:
87:b9:6f:6a:0f:29:40:36:a9:67:b1:8d:9d:86:bf:df:99:3b:
7d:2a:9b:2e:12:49:54:e1:0f:11:bd:63:06:55:df:60:89:57:
3a:82:af:0e:17:f0:83:47:dc:93:e6:1e:69:57:98:f7:6c:c3:
9f:eb:f4:60:27:ae:86:09:49:04:63:52:2e:21:32:3f:96:67:
9b:77:4a:f5:ae:cb:08:81:94:18:4a:67:0c:42:54:1c:74:4d:
ca:a9:c0:c1:19:c8:c3:aa:b1:24:4c:5c:f6:bd:28:34:e3:c0:
c8:9d:5d:a3:21:99:8a:15:56:99:e8:8a:85:1f:2f:a4:47:19:
04:d1:6e:3b:5c:16:05:34:d3:3e:aa:ae:b3:ff:c2:47:ce:ee:
e0:1f:62:cb:51:05:ef:dd:a3:80:1d:e1:cf:94:03:5f:69:46:
c6:6c:61:53:48:75:9a:6b:b1:a7:d1:c4:fd:71:8b:67:12:67:
62:2d:ea:d3
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZQgaFQtba30NNAlS7esDsXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2Q5ZmRlNzE5Y2JkN2RjOTdkNDFlMTU5M2QxMzE5MDhiNzc3ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWZn6lPleZjQ4vlliktRH4w0ikxv
Y8FzdFrovqME1UxvOFUk7Yx2MWSO1RR94CKtOSUNKVJhcjuYoXhHxUJfX+3ocdlu
svwrZS4H16L6sLV58nXhi7BjMpwhKbbaJA1F3RFJpbL08xksSENyVhKql/cmdAjR
HkWAjZ/JVRvfeu92bakLD+70vsL7s6JK2k/AX9xD7lJSsa+pJP3pF3pRde6eUGDH
FlJ8WOe8L5l3UhJY4zHTA8y86y57NHJzx10I9r/pc+vNv7xN6zAjOdXwJx7Wsbj9
IuEErX8LFiySbM87xEPKwyCOTYjszw2bc/PRS+V8jMjQrdiMaPT9SgHv6QIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFBPZ/ecZy9fcl9QeFZPRMZCLd3/nMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvRTluOTV4bkwxOXlYMUI0Vms5RXhrSXQzZi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDA6BAIAATA0AwQAUas9
AwQAUatCAwQAUatEAwQBUatGMAwDBABRq2kDBABRq2owDAMEAFGrcwMEAFGrdDBe
BAIAAjBYAwcAIAFN4AEBAwYCIAFN4AQDBwAgAU3gEAADBgIgAU3gIAMGASABTeAw
AwYCIAFN4EADBwAgAU3gUBAwEgMHACABTeBwAQMHACABTeBwAgMHACABTeCsEzAN
BgkqhkiG9w0BAQsFAAOCAQEAt+P5Ts/GAPcKK4HDZ8b89M1JMXYVtM1oDenQczLP
UAtX3J80fm9YWurVIb3FxeFmMgPjC8ydMbu1vMSKhG7vD38gfVbrTr/dh7lvag8p
QDapZ7GNnYa/35k7fSqbLhJJVOEPEb1jBlXfYIlXOoKvDhfwg0fck+YeaVeY92zD
n+v0YCeuhglJBGNSLiEyP5Znm3dK9a7LCIGUGEpnDEJUHHRNyqnAwRnIw6qxJExc
9r0oNOPAyJ1doyGZihVWmeiKhR8vpEcZBNFuO1wWBTTTPqqus//CR87u4B9iy1EF
792jgB3hz5QDX2lGxmxhU0h1mmuxp9HE/XGLZxJnYi3q0w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:03:35 2025 by rpki-client