Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/eEvrSYjLUGg5GhW7JvZI3HWYfcI.roa
File: eEvrSYjLUGg5GhW7JvZI3HWYfcI.roa (raw, json)
Hash identifier: GMSu0KMyD4SKyVpe+o1Z3AHIVpLBmKGk+5TuUmweIis=
Subject key identifier: 78:4B:EB:49:88:CB:50:68:39:1A:15:BB:26:F6:48:DC:75:98:7D:C2
Certificate issuer: /CN=6c91d7d5f5ce57926c903973ecbf112bfae1530d
Certificate serial: 019422FBA176A088B94AE3CE9DF66BD27D2D
Authority key identifier: 6C:91:D7:D5:F5:CE:57:92:6C:90:39:73:EC:BF:11:2B:FA:E1:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/eEvrSYjLUGg5GhW7JvZI3HWYfcI.roa
Signing time: Wed 01 Jan 2025 17:48:23 +0000
ROA not before: Wed 01 Jan 2025 17:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196881
IP address blocks: 93.190.112.0/21 maxlen: 21
93.190.112.0/24 maxlen: 24
93.190.113.0/24 maxlen: 24
93.190.114.0/24 maxlen: 24
93.190.115.0/24 maxlen: 24
93.190.116.0/24 maxlen: 24
93.190.117.0/24 maxlen: 24
93.190.118.0/24 maxlen: 24
93.190.119.0/24 maxlen: 24
185.135.36.0/22 maxlen: 22
185.135.36.0/24 maxlen: 24
185.135.37.0/24 maxlen: 24
185.135.38.0/24 maxlen: 24
185.135.39.0/24 maxlen: 24
2a05:5b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a1:76:a0:88:b9:4a:e3:ce:9d:f6:6b:d2:7d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c91d7d5f5ce57926c903973ecbf112bfae1530d
Validity
Not Before: Jan 1 17:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=784beb4988cb5068391a15bb26f648dc75987dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cd:04:2d:4b:f6:8e:32:f0:ea:9d:39:f0:30:
ce:30:75:60:70:e6:0e:d2:bf:83:4f:de:dc:6b:04:
23:c7:de:1f:5b:4f:20:f8:6a:8d:77:3f:e0:73:b7:
7b:86:d4:32:ae:42:e8:c4:cb:cd:54:b7:d6:43:a6:
38:39:6d:0d:76:98:b7:f9:58:69:32:ca:9a:f4:d3:
73:22:9f:23:42:c6:e6:cb:94:e3:61:36:2d:1e:c0:
c1:bd:cf:7f:42:a6:af:e5:d2:b1:18:4b:14:32:39:
50:33:43:5d:be:44:a9:47:bd:99:0b:33:49:35:b0:
17:00:98:76:70:75:eb:bf:e0:bb:71:01:cd:11:84:
00:de:da:d2:56:2c:2c:41:fb:64:f2:bf:75:1d:46:
a9:67:9e:ae:bf:db:6e:cc:c5:5b:a7:ef:bf:0f:2f:
a8:97:03:36:8b:1c:e0:ee:87:f1:d9:7e:bc:11:a2:
ad:29:20:e7:b3:b8:7b:db:89:a9:1d:46:48:36:33:
51:f7:cf:27:17:14:45:3a:ca:60:2d:75:c0:95:11:
9c:80:0a:a6:cd:72:70:0b:1d:51:64:4d:ef:97:e8:
7a:25:77:b7:7b:80:f8:35:b4:40:b7:4f:49:fa:40:
8a:e3:e6:21:ec:87:63:6f:3c:0d:de:dc:2e:27:cf:
8c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4B:EB:49:88:CB:50:68:39:1A:15:BB:26:F6:48:DC:75:98:7D:C2
X509v3 Authority Key Identifier:
keyid:6C:91:D7:D5:F5:CE:57:92:6C:90:39:73:EC:BF:11:2B:FA:E1:53:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/eEvrSYjLUGg5GhW7JvZI3HWYfcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.112.0/21
185.135.36.0/22
IPv6:
2a05:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
af:ca:98:3b:98:b7:87:83:86:eb:e3:45:03:5e:7b:b9:98:c7:
7e:be:ba:71:cd:cd:3e:9a:88:7e:ec:86:d8:c4:d7:5d:25:08:
d8:af:7a:71:ef:ae:a1:6f:73:79:90:98:c7:53:64:57:b8:fc:
e5:25:75:3d:60:29:5e:19:08:2c:ac:e0:1c:63:c3:73:99:52:
37:69:31:b6:70:28:62:71:15:22:63:bb:78:41:79:30:f8:a6:
47:78:c1:e5:68:00:d7:6c:4e:a1:b9:0a:f0:99:c9:2d:9a:15:
8b:fb:8a:1a:f0:e5:d3:24:03:4c:e3:1c:5c:17:18:b3:bc:3c:
0b:2c:91:38:2b:92:f2:52:76:af:7c:4a:91:8d:17:25:fb:53:
64:87:01:0a:6e:ce:eb:3d:e7:27:ee:73:72:11:1f:92:cd:ec:
68:3a:be:9a:f1:d4:b1:d0:ba:46:e8:4c:d5:eb:d6:c2:d1:f5:
9f:cc:5d:5e:e5:2b:20:18:20:c8:c7:4e:68:9b:c3:2a:b2:b6:
a3:0c:c6:df:cd:f7:9f:09:ca:a9:cd:9b:e5:06:b4:76:21:27:
ec:bd:d8:d4:3f:2e:80:05:07:93:04:74:ff:d7:03:81:23:90:
56:13:c6:67:d2:d9:12:54:eb:6a:20:f2:84:43:e2:19:41:09:
8d:83:93:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi+6F2oIi5SuPOnfZr0n0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOTFkN2Q1ZjVjZTU3OTI2YzkwMzk3M2VjYmYxMTJiZmFl
MTUzMGQwHhcNMjUwMTAxMTc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODRiZWI0OTg4Y2I1MDY4MzkxYTE1YmIyNmY2NDhkYzc1OTg3ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws0ELUv2jjLw6p058DDOMHVgcOYO
0r+DT97cawQjx94fW08g+GqNdz/gc7d7htQyrkLoxMvNVLfWQ6Y4OW0Ndpi3+Vhp
Msqa9NNzIp8jQsbmy5TjYTYtHsDBvc9/Qqav5dKxGEsUMjlQM0NdvkSpR72ZCzNJ
NbAXAJh2cHXrv+C7cQHNEYQA3trSViwsQftk8r91HUapZ56uv9tuzMVbp++/Dy+o
lwM2ixzg7ofx2X68EaKtKSDns7h724mpHUZINjNR988nFxRFOspgLXXAlRGcgAqm
zXJwCx1RZE3vl+h6JXe3e4D4NbRAt09J+kCK4+Yh7IdjbzwN3twuJ8+MDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHhL60mIy1BoORoVuyb2SNx1mH3CMB8GA1UdIwQY
MBaAFGyR19X1zleSbJA5c+y/ESv64VMNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkpIWDFmWE9WNUpza0RsejdMOFJLX3JoVXcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9kZDNmYzgtNDdkYy00YTM2LTg3MzQt
NDVkODRkYTM5ODc0LzEvZUV2clNZakxVR2c1R2hXN0p2WkkzSFdZZmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9kZDNmYzgtNDdkYy00YTM2LTg3MzQtNDVkODRkYTM5ODc0
LzEvYkpIWDFmWE9WNUpza0RsejdMOFJLX3JoVXcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXb5wAwQC
uYckMA0EAgACMAcDBQMqBVsAMA0GCSqGSIb3DQEBCwUAA4IBAQCvypg7mLeHg4br
40UDXnu5mMd+vrpxzc0+moh+7IbYxNddJQjYr3px766hb3N5kJjHU2RXuPzlJXU9
YCleGQgsrOAcY8NzmVI3aTG2cChicRUiY7t4QXkw+KZHeMHlaADXbE6huQrwmckt
mhWL+4oa8OXTJANM4xxcFxizvDwLLJE4K5LyUnavfEqRjRcl+1NkhwEKbs7rPecn
7nNyER+SzexoOr6a8dSx0LpG6EzV69bC0fWfzF1e5SsgGCDIx05om8MqsrajDMbf
zfefCcqpzZvlBrR2ISfsvdjUPy6ABQeTBHT/1wOBI5BWE8Zn0tkSVOtqIPKEQ+IZ
QQmNg5OA
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:39:18 2025 by rpki-client