Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/eemUGRUYW7MNIIBVrAM7WAtHk60.roa
File: eemUGRUYW7MNIIBVrAM7WAtHk60.roa (raw, json)
Hash identifier: SXzbJeZMYQE3HuAfnB9DA2zo/eUl42o9VNZpCcIkC3Q=
Subject key identifier: 79:E9:94:19:15:18:5B:B3:0D:20:80:55:AC:03:3B:58:0B:47:93:AD
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 0194A84C65D868FA300C82C2B8FD714BC01C
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/eemUGRUYW7MNIIBVrAM7WAtHk60.roa
Signing time: Mon 27 Jan 2025 15:06:06 +0000
ROA not before: Mon 27 Jan 2025 15:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
185.98.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:4c:65:d8:68:fa:30:0c:82:c2:b8:fd:71:4b:c0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 27 15:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79e9941915185bb30d208055ac033b580b4793ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:50:85:db:b3:d6:4c:10:c6:10:73:c7:46:01:
db:5b:77:b1:c7:56:be:2d:9c:57:c9:4a:ac:04:b1:
49:cc:f0:7a:a0:79:4c:f6:ef:61:e7:48:c3:2b:2a:
9a:a6:6c:8c:10:bc:24:55:0a:0d:95:f7:c1:1e:ab:
c6:c1:4a:5e:5e:bd:7d:46:90:b3:9e:2f:df:c7:2b:
61:56:2c:bc:97:9b:c7:e8:3a:b2:79:9b:e2:54:4b:
03:9d:31:ba:88:a9:de:13:dc:3d:00:b8:c2:e2:85:
39:c7:cf:f3:16:04:ab:08:9c:36:20:5a:de:e1:7b:
1e:9a:b0:45:d4:59:68:78:37:4b:37:1a:8f:07:46:
23:61:30:cf:e0:bb:a3:9a:ae:4e:5b:c2:73:a3:2a:
6a:45:0d:e0:1e:96:c2:c0:dc:f4:50:db:96:ae:d9:
0d:08:a3:b2:08:72:52:cd:b2:44:61:9b:5c:dd:a3:
b3:b7:3b:ae:4c:59:09:9a:93:d2:84:39:94:28:c4:
96:49:44:cb:ee:27:c3:08:6b:46:ed:82:74:13:b0:
a3:77:93:d3:03:16:6d:80:76:3c:7d:c9:bf:3c:44:
d8:a0:39:42:54:a9:e2:cb:be:fa:5c:d6:79:00:d4:
3b:af:73:93:16:70:6e:b4:65:b4:dc:2f:cb:97:ef:
3d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E9:94:19:15:18:5B:B3:0D:20:80:55:AC:03:3B:58:0B:47:93:AD
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/eemUGRUYW7MNIIBVrAM7WAtHk60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
185.98.158.0/24
Signature Algorithm: sha256WithRSAEncryption
68:12:44:ac:18:ce:f1:a4:27:30:40:24:61:83:56:27:6a:30:
31:0b:1b:8c:77:4d:0d:69:b0:24:0c:6e:26:6e:ec:8d:83:bf:
34:db:4c:8e:1b:fa:5f:4e:7a:a8:03:80:88:8d:83:d7:9b:ce:
15:da:c8:b7:dc:f8:57:68:92:c1:59:83:b1:dc:c0:7c:83:e2:
91:9f:e5:bc:da:a3:8e:c3:3e:94:1c:82:de:10:27:e9:02:b4:
49:11:4b:ea:6b:d6:81:f3:9a:c3:03:75:83:49:81:10:be:05:
0a:79:61:a7:72:a0:8f:20:14:0f:2d:b6:22:d2:78:b8:95:f0:
d8:d0:03:b4:9c:26:3a:27:17:75:e4:8f:44:e1:b6:eb:12:22:
06:67:f8:64:61:85:87:20:b2:c6:5f:a8:3c:e2:e6:5a:a9:85:
63:c7:63:f1:28:e1:0b:98:ae:e5:3f:1e:8f:6c:a9:91:a7:59:
d8:69:fd:b9:21:81:d4:54:a9:ad:fe:1e:97:b7:7e:5e:87:51:
17:32:dd:d6:57:de:47:2d:11:0e:1b:3e:59:5c:01:ed:96:07:
47:36:41:ba:73:0a:64:6d:14:1d:5f:9a:df:40:e5:ae:e6:db:
57:75:fa:4c:70:61:60:76:b8:c7:f4:d9:84:75:8f:05:a1:15:
85:60:e6:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSoTGXYaPowDILCuP1xS8AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwMTI3MTUwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWU5OTQxOTE1MTg1YmIzMGQyMDgwNTVhYzAzM2I1ODBiNDc5M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11CF27PWTBDGEHPHRgHbW3exx1a+
LZxXyUqsBLFJzPB6oHlM9u9h50jDKyqapmyMELwkVQoNlffBHqvGwUpeXr19RpCz
ni/fxythViy8l5vH6DqyeZviVEsDnTG6iKneE9w9ALjC4oU5x8/zFgSrCJw2IFre
4XsemrBF1FloeDdLNxqPB0YjYTDP4Lujmq5OW8JzoypqRQ3gHpbCwNz0UNuWrtkN
CKOyCHJSzbJEYZtc3aOztzuuTFkJmpPShDmUKMSWSUTL7ifDCGtG7YJ0E7Cjd5PT
AxZtgHY8fcm/PETYoDlCVKniy776XNZ5ANQ7r3OTFnButGW03C/Ll+895QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHnplBkVGFuzDSCAVawDO1gLR5OtMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvZWVtVUdSVVlXN01OSUlCVnJBTTdXQXRIazYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWSNQAwQB
WSjeAwQBWS18AwQAuWKeMA0GCSqGSIb3DQEBCwUAA4IBAQBoEkSsGM7xpCcwQCRh
g1YnajAxCxuMd00NabAkDG4mbuyNg78020yOG/pfTnqoA4CIjYPXm84V2si33PhX
aJLBWYOx3MB8g+KRn+W82qOOwz6UHILeECfpArRJEUvqa9aB85rDA3WDSYEQvgUK
eWGncqCPIBQPLbYi0ni4lfDY0AO0nCY6Jxd15I9E4bbrEiIGZ/hkYYWHILLGX6g8
4uZaqYVjx2PxKOELmK7lPx6PbKmRp1nYaf25IYHUVKmt/h6Xt35eh1EXMt3WV95H
LREOGz5ZXAHtlgdHNkG6cwpkbRQdX5rfQOWu5ttXdfpMcGFgdrjH9NmEdY8FoRWF
YOYu
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:42:04 2025 by rpki-client