Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/koANhf94Ms7kfxsa0LrqViexTxU.roa
File: koANhf94Ms7kfxsa0LrqViexTxU.roa (raw, json)
Hash identifier: n1usXJi4k9IdIFnEicQPzyVEwnESkffY6S41/7XDahM=
Subject key identifier: 92:80:0D:85:FF:78:32:CE:E4:7F:1B:1A:D0:BA:EA:56:27:B1:4F:15
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 0194258F89D6595F920156DD773D8379E282
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/koANhf94Ms7kfxsa0LrqViexTxU.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2072
IP address blocks: 193.49.22.0/24 maxlen: 24
193.49.163.0/24 maxlen: 24
193.50.0.0/24 maxlen: 24
193.50.1.0/24 maxlen: 24
193.50.2.0/24 maxlen: 24
193.50.67.0/24 maxlen: 24
193.50.68.0/24 maxlen: 24
193.50.201.0/24 maxlen: 24
193.51.65.0/24 maxlen: 24
193.51.66.0/24 maxlen: 24
193.51.128.48/29 maxlen: 29
193.51.128.56/29 maxlen: 29
193.51.128.128/25 maxlen: 25
193.51.165.0/24 maxlen: 24
193.54.195.0/24 maxlen: 24
193.54.225.0/24 maxlen: 24
194.57.183.0/24 maxlen: 24
194.57.241.0/24 maxlen: 24
194.57.241.0/26 maxlen: 26
194.199.83.0/24 maxlen: 24
194.199.84.0/24 maxlen: 24
194.199.85.0/24 maxlen: 24
194.199.86.0/24 maxlen: 24
194.199.87.0/24 maxlen: 24
194.199.88.0/24 maxlen: 24
194.199.89.0/24 maxlen: 24
194.199.90.0/24 maxlen: 24
195.83.166.0/24 maxlen: 24
195.83.221.0/24 maxlen: 24
195.83.222.0/24 maxlen: 24
195.83.223.0/24 maxlen: 24
195.221.157.0/24 maxlen: 24
195.221.158.0/24 maxlen: 24
195.221.159.0/24 maxlen: 24
195.221.160.0/24 maxlen: 24
195.221.161.0/24 maxlen: 24
195.221.162.0/24 maxlen: 24
2001:660:3020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:89:d6:59:5f:92:01:56:dd:77:3d:83:79:e2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92800d85ff7832cee47f1b1ad0baea5627b14f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:01:9d:c0:99:bc:5d:b3:44:2b:d5:ba:73:
6e:30:3e:7e:3b:18:9e:5b:64:80:8a:07:9f:da:56:
7d:0c:13:bd:d2:4d:83:ca:30:8e:f3:5d:5d:f2:27:
59:fd:ed:66:46:ee:d9:22:17:1f:23:ff:ff:97:0b:
dc:1a:28:09:25:5e:a1:4a:db:be:e9:80:eb:e0:3e:
0f:47:c8:bd:25:c2:48:98:8c:68:f9:32:8f:c8:dc:
78:ce:8b:91:06:6e:c7:10:86:0b:f6:60:2f:5c:ee:
ca:8a:b1:56:97:ec:0f:db:be:93:eb:01:3f:05:0e:
04:09:9d:69:8e:bb:1d:90:23:d3:b2:6b:78:cf:b5:
5d:29:4b:bf:31:ad:44:9e:fe:4e:3e:ca:cb:06:03:
3d:b3:6b:1e:bf:b8:29:a4:fa:1e:df:68:d3:a7:eb:
35:24:53:b5:d7:5f:29:bd:70:8e:41:c4:6f:94:76:
c3:ab:a5:87:93:ba:c3:b4:e4:81:71:67:5b:ec:1f:
6e:98:fa:f8:28:20:01:fc:60:b9:7a:9a:75:45:5d:
ff:16:c0:54:32:15:af:5a:6a:9b:a5:41:88:ec:16:
d4:5b:96:8d:91:4d:7d:83:1f:af:5e:d9:a6:33:4d:
a7:fc:a5:01:1b:00:b7:00:34:9a:a2:ec:31:92:56:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:80:0D:85:FF:78:32:CE:E4:7F:1B:1A:D0:BA:EA:56:27:B1:4F:15
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/koANhf94Ms7kfxsa0LrqViexTxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.49.22.0/24
193.49.163.0/24
193.50.0.0-193.50.2.255
193.50.67.0-193.50.68.255
193.50.201.0/24
193.51.65.0-193.51.66.255
193.51.128.48/28
193.51.128.128/25
193.51.165.0/24
193.54.195.0/24
193.54.225.0/24
194.57.183.0/24
194.57.241.0/24
194.199.83.0-194.199.90.255
195.83.166.0/24
195.83.221.0-195.83.223.255
195.221.157.0-195.221.162.255
IPv6:
2001:660:3020::/48
Signature Algorithm: sha256WithRSAEncryption
74:52:da:56:0d:ce:f4:c9:f3:90:d1:49:42:61:10:8a:d7:f5:
45:02:fa:cd:d6:bf:6c:a8:b6:86:89:b7:4f:62:2c:ef:cd:da:
4a:43:7f:79:6d:1e:c8:c7:b7:af:ba:f9:62:25:d6:2f:2b:5d:
5f:e4:4b:8b:6b:88:41:4f:6b:9c:2c:42:52:8c:64:df:4a:08:
b0:2d:56:52:cc:9b:7c:97:18:f7:86:8e:9f:14:9b:39:cc:cc:
ad:e1:a7:0a:d8:ea:40:25:98:a0:4c:bc:4c:49:36:da:36:c6:
75:06:5f:d2:4f:83:7a:44:a7:03:f0:1f:b6:bf:7a:33:0c:28:
79:4f:9e:18:eb:b4:7b:6e:b0:06:43:f7:38:6d:4e:7e:8f:46:
c3:78:eb:73:d1:f7:10:03:e6:6f:01:4c:ce:26:95:b4:42:76:
28:24:ed:dd:6e:95:0b:b8:4b:c0:f5:51:7f:c7:1d:2a:c7:0d:
d6:d2:16:49:3b:92:af:2f:80:9d:ce:29:c4:07:cb:bc:98:aa:
2e:98:60:45:2d:d0:39:4d:83:2a:a4:2d:7f:e7:e0:80:06:f9:
37:eb:26:04:15:0a:75:d1:03:fe:ac:8e:fd:0c:a0:c1:20:ce:
c0:0d:43:5b:a5:57:06:ed:0c:9a:3e:ec:cb:8d:ab:89:9c:7b:
79:e3:6f:fa
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZQlj4nWWV+SAVbddz2DeeKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjgwMGQ4NWZmNzgzMmNlZTQ3ZjFiMWFkMGJhZWE1NjI3YjE0ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqgBncCZvF2zRCvVunNuMD5+Oxie
W2SAigef2lZ9DBO90k2DyjCO811d8idZ/e1mRu7ZIhcfI///lwvcGigJJV6hStu+
6YDr4D4PR8i9JcJImIxo+TKPyNx4zouRBm7HEIYL9mAvXO7KirFWl+wP276T6wE/
BQ4ECZ1pjrsdkCPTsmt4z7VdKUu/Ma1Env5OPsrLBgM9s2sev7gppPoe32jTp+s1
JFO1118pvXCOQcRvlHbDq6WHk7rDtOSBcWdb7B9umPr4KCAB/GC5epp1RV3/FsBU
MhWvWmqbpUGI7BbUW5aNkU19gx+vXtmmM02n/KUBGwC3ADSaouwxklY18QIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFJKADYX/eDLO5H8bGtC66lYnsU8VMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEva29BTmhmOTRNczdrZnhzYTBMcnFWaWV4VHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBngQCAAEwgZcDBADB
MRYDBADBMaMwCwMDAcEyAwQAwTICMAwDBADBMkMDBADBMkQDBADBMskwDAMEAMEz
QQMEAMEzQgMFBMEzgDADBQfBM4CAAwQAwTOlAwQAwTbDAwQAwTbhAwQAwjm3AwQA
wjnxMAwDBADCx1MDBADCx1oDBADDU6YwDAMEAMNT3QMEBcNTwDAMAwQAw92dAwQA
w92iMA8EAgACMAkDBwAgAQZgMCAwDQYJKoZIhvcNAQELBQADggEBAHRS2lYNzvTJ
85DRSUJhEIrX9UUC+s3Wv2yotoaJt09iLO/N2kpDf3ltHsjHt6+6+WIl1i8rXV/k
S4triEFPa5wsQlKMZN9KCLAtVlLMm3yXGPeGjp8UmznMzK3hpwrY6kAlmKBMvExJ
Nto2xnUGX9JPg3pEpwPwH7a/ejMMKHlPnhjrtHtusAZD9zhtTn6PRsN463PR9xAD
5m8BTM4mlbRCdigk7d1ulQu4S8D1UX/HHSrHDdbSFkk7kq8vgJ3OKcQHy7yYqi6Y
YEUt0DlNgyqkLX/n4IAG+TfrJgQVCnXRA/6sjv0MoMEgzsANQ1ulVwbtDJo+7MuN
q4mce3njb/o=
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:20:35 2025 by rpki-client