Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/ER1ViB51eK3GNYidlFyIU5pz7pA.roa
File: ER1ViB51eK3GNYidlFyIU5pz7pA.roa (raw, json)
Hash identifier: LuGe00nbcrMZ8l+kp9f/ed4A210HJbkXpcki+PgU3DU=
Subject key identifier: 11:1D:55:88:1E:75:78:AD:C6:35:88:9D:94:5C:88:53:9A:73:EE:90
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 01942143B3D91669ABB51A2B2645A1F1D4B9
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/ER1ViB51eK3GNYidlFyIU5pz7pA.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.130.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
84.254.132.0/24 maxlen: 24
84.254.137.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.145.0/24 maxlen: 24
84.254.146.0/24 maxlen: 24
84.254.164.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.133.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
176.227.138.0/24 maxlen: 24
176.227.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b3:d9:16:69:ab:b5:1a:2b:26:45:a1:f1:d4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=111d55881e7578adc635889d945c88539a73ee90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:72:63:b3:24:6a:4d:66:9a:eb:da:67:7b:f8:
4b:e0:1c:38:d1:d7:20:77:c0:26:80:2a:c0:8f:c7:
58:c4:9a:c8:3d:ad:f8:a2:9a:11:7d:ef:3f:5f:3f:
e9:f5:cc:6d:74:18:62:60:ed:57:d4:c6:75:fe:3f:
79:95:6b:70:59:65:db:c8:6a:6b:10:ee:bb:4b:11:
fd:14:24:cf:12:4b:d5:49:7b:31:d7:07:ec:cd:3e:
97:18:3c:06:3c:41:f3:57:0e:de:23:e7:04:50:2d:
08:a5:97:c9:6b:33:d8:7b:de:1c:c4:e7:1c:fb:aa:
13:05:56:89:81:e5:1c:e2:0a:b0:a3:1f:2d:7d:b3:
ea:22:0d:c0:22:c1:d8:24:9f:79:80:26:1e:ee:7a:
4b:55:48:25:ea:f6:d2:75:b6:05:95:4f:39:7b:34:
c5:14:de:4f:8e:88:31:c4:ea:33:39:32:52:d9:e0:
8d:c6:55:bf:e1:92:46:20:6e:1b:ec:f7:11:dd:41:
cb:00:9a:1e:1e:0a:7a:49:7f:f7:7e:22:97:9d:da:
3f:61:52:07:50:a4:29:cb:97:a0:ee:54:2f:71:99:
05:63:21:52:20:13:ee:ab:f7:70:2d:31:37:be:12:
a5:20:e0:c6:75:f1:17:3a:33:ad:97:e2:5f:a9:c9:
28:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1D:55:88:1E:75:78:AD:C6:35:88:9D:94:5C:88:53:9A:73:EE:90
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/ER1ViB51eK3GNYidlFyIU5pz7pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0-84.254.132.255
84.254.137.0/24
84.254.144.0-84.254.146.255
84.254.164.0/24
95.210.111.0/24
95.210.132.0/23
176.227.131.0/24
176.227.138.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:a7:63:2c:93:61:58:c0:47:80:37:ca:dd:bc:2d:85:47:15:
91:01:0b:1a:50:6c:23:92:6d:76:69:87:c9:91:d8:01:81:ed:
25:cf:9c:22:9e:ee:d5:3d:0a:54:09:8e:32:9e:e0:7b:6c:a0:
c1:dc:b1:1e:3f:46:a0:3c:29:d6:0f:f9:32:bd:8c:e7:c5:ab:
ac:4a:b3:fb:ef:c3:0b:c8:8e:d3:79:c7:70:35:82:58:61:f5:
7e:97:5d:87:a5:84:06:a7:1b:72:c6:03:68:14:0b:8c:26:4f:
ea:29:d9:54:b9:ee:a9:01:79:10:48:8c:45:58:4e:4a:e3:8c:
83:f5:a4:2e:37:4b:53:b6:e3:94:2f:fd:db:93:01:a1:6c:ec:
5e:40:44:ca:93:e3:2c:b0:d4:a2:f2:f4:c5:cd:72:b5:3c:43:
d3:42:8a:47:78:20:d4:d3:de:24:56:9e:b2:2f:82:bb:2d:7f:
f6:c4:15:63:93:c0:03:fc:02:c5:a8:e5:8e:ab:c6:56:5f:69:
6d:a3:56:89:63:4c:8d:6d:94:c9:b4:84:9c:c3:d5:47:09:2b:
38:81:8f:ba:e2:2a:79:10:76:26:e9:93:c7:57:f5:e7:ff:03:
94:c6:6e:22:0b:49:f4:05:18:5f:96:8e:9f:98:54:99:67:0c:
4f:57:75:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQhQ7PZFmmrtRorJkWh8dS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFkNTU4ODFlNzU3OGFkYzYzNTg4OWQ5NDVjODg1MzlhNzNlZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3JjsyRqTWaa69pne/hL4Bw40dcg
d8AmgCrAj8dYxJrIPa34opoRfe8/Xz/p9cxtdBhiYO1X1MZ1/j95lWtwWWXbyGpr
EO67SxH9FCTPEkvVSXsx1wfszT6XGDwGPEHzVw7eI+cEUC0IpZfJazPYe94cxOcc
+6oTBVaJgeUc4gqwox8tfbPqIg3AIsHYJJ95gCYe7npLVUgl6vbSdbYFlU85ezTF
FN5PjogxxOozOTJS2eCNxlW/4ZJGIG4b7PcR3UHLAJoeHgp6SX/3fiKXndo/YVIH
UKQpy5eg7lQvcZkFYyFSIBPuq/dwLTE3vhKlIODGdfEXOjOtl+JfqckojQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBEdVYgedXitxjWInZRciFOac+6QMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvRVIxVmlCNTFlSzNHTllpZGxGeUlVNXB6N3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAFU/oID
BABU/oQDBABU/okwDAMEBFT+kAMEAFT+kgMEAFT+pAMEAF/SbwMEAV/ShAMEALDj
gwMEAbDjijANBgkqhkiG9w0BAQsFAAOCAQEAqKdjLJNhWMBHgDfK3bwthUcVkQEL
GlBsI5JtdmmHyZHYAYHtJc+cIp7u1T0KVAmOMp7ge2ygwdyxHj9GoDwp1g/5Mr2M
58WrrEqz++/DC8iO03nHcDWCWGH1fpddh6WEBqcbcsYDaBQLjCZP6inZVLnuqQF5
EEiMRVhOSuOMg/WkLjdLU7bjlC/925MBoWzsXkBEypPjLLDUovL0xc1ytTxD00KK
R3gg1NPeJFaesi+Cuy1/9sQVY5PAA/wCxajljqvGVl9pbaNWiWNMjW2UybSEnMPV
RwkrOIGPuuIqeRB2JumTx1f15/8DlMZuIgtJ9AUYX5aOn5hUmWcMT1d1zA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:57 2025 by rpki-client