Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/oJy5Ih3Wi9poj-CApp9bi93q2-8.roa
File: oJy5Ih3Wi9poj-CApp9bi93q2-8.roa (raw, json)
Hash identifier: UiKgdsncZ7pajJ8yDf76t7tbkfWUzikpYtARnAAsGHo=
Subject key identifier: A0:9C:B9:22:1D:D6:8B:DA:68:8F:E0:80:A6:9F:5B:8B:DD:EA:DB:EF
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 0194258F8C43E8163C50D423A3458CB4628B
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/oJy5Ih3Wi9poj-CApp9bi93q2-8.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2259
IP address blocks: 193.48.86.0/24 maxlen: 24
193.48.87.0/24 maxlen: 24
193.48.89.0/24 maxlen: 24
193.48.90.0/24 maxlen: 24
193.49.5.0/27 maxlen: 27
193.49.5.64/27 maxlen: 27
193.49.237.0/24 maxlen: 24
193.50.8.0/24 maxlen: 24
193.50.153.0/24 maxlen: 24
193.50.251.0/24 maxlen: 24
193.51.107.0/24 maxlen: 24
193.54.148.0/24 maxlen: 24
193.54.209.0/24 maxlen: 24
193.54.210.0/24 maxlen: 24
193.54.211.0/24 maxlen: 24
193.54.214.0/24 maxlen: 24
193.54.229.0/24 maxlen: 24
193.54.230.0/24 maxlen: 24
194.167.107.0/24 maxlen: 24
194.167.108.0/24 maxlen: 24
194.167.188.0/24 maxlen: 24
194.199.214.0/24 maxlen: 24
194.199.215.0/24 maxlen: 24
194.254.1.0/24 maxlen: 24
194.254.2.0/24 maxlen: 24
194.254.3.0/24 maxlen: 24
194.254.4.0/24 maxlen: 24
194.254.11.0/24 maxlen: 24
194.254.12.0/24 maxlen: 24
194.254.52.0/23 maxlen: 23
194.254.54.0/23 maxlen: 23
194.254.56.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8c:43:e8:16:3c:50:d4:23:a3:45:8c:b4:62:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a09cb9221dd68bda688fe080a69f5b8bddeadbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7d:aa:fc:5c:22:b8:86:35:81:e7:ab:35:98:
28:a5:bb:fa:01:f4:5d:bb:d8:2c:99:a1:7c:6f:57:
5c:ae:38:1e:69:db:f5:c5:19:c9:55:c9:eb:f4:8f:
bb:d3:8d:7a:9a:92:33:93:23:9b:8d:6c:7e:47:78:
89:1c:9a:b7:d1:54:fc:50:7e:4d:59:2b:51:e2:95:
e8:18:91:bb:e2:92:ff:1d:cd:d7:f3:ae:ed:cc:4a:
4b:d8:37:90:ee:89:09:7f:20:e4:a5:f5:a7:80:12:
48:55:9d:7c:94:4a:df:f0:df:48:cd:7c:ef:35:16:
53:fc:3b:d8:34:44:e3:8a:a4:b4:6c:b7:2d:bf:be:
23:12:06:d4:ac:de:7e:28:34:01:a8:0c:1f:e4:77:
31:90:4c:99:7c:e0:18:44:9b:38:e0:09:af:89:9e:
64:76:e1:a7:6d:40:85:4b:4f:91:f8:c9:00:e7:28:
f2:b8:12:e5:8a:4d:93:15:16:0b:18:8a:1e:6f:44:
10:f8:f5:82:71:28:64:59:e8:fc:4d:28:58:90:d0:
e2:51:d5:dc:f3:ef:21:04:fb:7a:70:01:56:c7:6e:
0e:36:23:d9:8c:a5:6b:24:a6:32:81:21:59:f4:f3:
b6:79:8b:58:d3:6e:8b:d6:79:dd:51:16:20:83:bc:
09:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9C:B9:22:1D:D6:8B:DA:68:8F:E0:80:A6:9F:5B:8B:DD:EA:DB:EF
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/oJy5Ih3Wi9poj-CApp9bi93q2-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.48.86.0/23
193.48.89.0-193.48.90.255
193.49.5.0/27
193.49.5.64/27
193.49.237.0/24
193.50.8.0/24
193.50.153.0/24
193.50.251.0/24
193.51.107.0/24
193.54.148.0/24
193.54.209.0-193.54.211.255
193.54.214.0/24
193.54.229.0-193.54.230.255
194.167.107.0-194.167.108.255
194.167.188.0/24
194.199.214.0/23
194.254.1.0-194.254.4.255
194.254.11.0-194.254.12.255
194.254.52.0-194.254.57.255
Signature Algorithm: sha256WithRSAEncryption
43:28:a1:bc:d4:a3:a1:e9:0d:9c:5d:08:87:dd:54:17:5d:a6:
0c:d3:0b:fe:39:b1:9f:04:a6:5c:aa:9d:24:7d:5c:3e:29:63:
e8:5b:39:5c:21:30:d3:1f:61:ea:32:76:0f:8f:12:02:91:a6:
dd:39:56:7d:9b:79:ff:d2:f5:4a:97:e9:5c:86:64:d8:5e:d8:
e3:23:10:09:eb:cb:c5:95:99:b4:d1:2b:62:3e:e3:1d:96:4c:
f7:1c:d6:1e:fe:74:b7:f3:12:f2:d1:ab:f5:58:df:4f:dc:9f:
1c:c6:a8:f0:e6:56:34:67:57:ce:41:55:af:67:42:4e:f8:2a:
47:b3:a2:12:47:26:47:3d:13:8c:f6:86:34:a9:fe:a4:6c:55:
13:1d:61:a9:5c:42:c0:25:16:55:64:53:8e:df:50:6a:04:19:
85:c9:bf:f3:8c:b4:1a:bb:18:4f:53:64:86:96:38:f2:0b:a7:
cd:56:0a:60:18:b8:38:da:c7:7c:31:25:91:d0:18:9a:28:d6:
ac:70:5f:72:8b:c0:5f:78:55:9a:c7:ff:6c:42:a7:d7:ef:d9:
d2:d8:8a:1b:f3:99:60:e4:70:1a:d6:8d:34:64:fb:0f:be:39:
48:6d:db:c4:b5:ce:d3:63:15:ef:d8:58:9f:c6:95:23:b8:e4:
23:b9:28:74
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQlj4xD6BY8UNQjo0WMtGKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDljYjkyMjFkZDY4YmRhNjg4ZmUwODBhNjlmNWI4YmRkZWFkYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH2q/FwiuIY1geerNZgopbv6AfRd
u9gsmaF8b1dcrjgeadv1xRnJVcnr9I+70416mpIzkyObjWx+R3iJHJq30VT8UH5N
WStR4pXoGJG74pL/Hc3X867tzEpL2DeQ7okJfyDkpfWngBJIVZ18lErf8N9IzXzv
NRZT/DvYNETjiqS0bLctv74jEgbUrN5+KDQBqAwf5HcxkEyZfOAYRJs44AmviZ5k
duGnbUCFS0+R+MkA5yjyuBLlik2TFRYLGIoeb0QQ+PWCcShkWej8TShYkNDiUdXc
8+8hBPt6cAFWx24ONiPZjKVrJKYygSFZ9PO2eYtY026L1nndURYgg7wJXQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKCcuSId1ovaaI/ggKafW4vd6tvvMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvb0p5NUloM1dpOXBvai1DQXBwOWJpOTNxMi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAHB
MFYwDAMEAMEwWQMEAMEwWgMFBcExBQADBQXBMQVAAwQAwTHtAwQAwTIIAwQAwTKZ
AwQAwTL7AwQAwTNrAwQAwTaUMAwDBADBNtEDBALBNtADBADBNtYwDAMEAME25QME
AME25jAMAwQAwqdrAwQAwqdsAwQAwqe8AwQBwsfWMAwDBADC/gEDBADC/gQwDAME
AML+CwMEAML+DDAMAwQCwv40AwQBwv44MA0GCSqGSIb3DQEBCwUAA4IBAQBDKKG8
1KOh6Q2cXQiH3VQXXaYM0wv+ObGfBKZcqp0kfVw+KWPoWzlcITDTH2HqMnYPjxIC
kabdOVZ9m3n/0vVKl+lchmTYXtjjIxAJ68vFlZm00StiPuMdlkz3HNYe/nS38xLy
0av1WN9P3J8cxqjw5lY0Z1fOQVWvZ0JO+CpHs6ISRyZHPROM9oY0qf6kbFUTHWGp
XELAJRZVZFOO31BqBBmFyb/zjLQauxhPU2SGljjyC6fNVgpgGLg42sd8MSWR0Bia
KNascF9yi8BfeFWax/9sQqfX79nS2Iob85lg5HAa1o00ZPsPvjlIbdvEtc7TYxXv
2FifxpUjuOQjuSh0
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:41:06 2025 by rpki-client