Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/EAD0diuoZK02qxxsVWWiclAVX5I.roa
File: EAD0diuoZK02qxxsVWWiclAVX5I.roa (raw, json)
Hash identifier: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=
Subject key identifier: 10:00:F4:76:2B:A8:64:AD:36:AB:1C:6C:55:65:A2:72:50:15:5F:92
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019423D6FED4586DD9A902BEF048E0094C8A
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/EAD0diuoZK02qxxsVWWiclAVX5I.roa
Signing time: Wed 01 Jan 2025 21:47:59 +0000
ROA not before: Wed 01 Jan 2025 21:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205613
IP address blocks: 46.17.218.0/24 maxlen: 24
46.17.219.0/24 maxlen: 24
46.17.220.0/24 maxlen: 24
46.17.221.0/24 maxlen: 24
46.17.222.0/24 maxlen: 24
46.17.223.0/24 maxlen: 24
83.229.16.0/24 maxlen: 24
91.224.0.0/24 maxlen: 24
91.224.1.0/24 maxlen: 24
185.107.20.0/24 maxlen: 24
185.107.21.0/24 maxlen: 24
185.107.22.0/24 maxlen: 24
185.107.23.0/24 maxlen: 24
193.200.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fe:d4:58:6d:d9:a9:02:be:f0:48:e0:09:4c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Jan 1 21:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1000f4762ba864ad36ab1c6c5565a27250155f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:74:2e:4a:7a:ad:02:f7:c1:64:c7:59:fd:19:
68:71:e7:98:6b:d4:e1:8c:c9:80:93:28:9a:17:4f:
f3:3d:de:58:71:4b:8c:b3:73:33:f9:29:a9:cc:ba:
31:a1:c5:0f:cc:7e:ba:16:84:c4:37:a8:84:8d:f3:
52:d6:51:2d:8d:cf:bf:c1:35:bd:ec:2f:50:4f:cd:
3c:f1:6d:b6:e1:1d:41:fd:89:a6:c8:72:1d:a7:35:
11:cb:98:75:5d:be:8c:25:ac:27:55:fe:68:c7:0e:
32:93:2a:d9:ce:3a:41:66:40:f2:15:3b:2f:ab:8f:
bc:b1:13:73:68:1d:4e:61:8c:20:13:a3:c1:15:d3:
d8:92:90:46:55:d6:84:18:f1:81:02:00:96:50:cf:
f0:29:01:8b:c3:fd:ae:e6:32:f0:91:14:47:4b:88:
ab:ad:81:25:32:5a:83:73:1b:e0:8f:0a:97:b7:29:
6f:25:61:4c:88:a8:67:1f:0e:c1:6a:77:b4:76:0d:
45:87:ca:c2:93:14:f1:1d:86:43:4f:30:00:56:14:
53:ca:04:ed:ae:d6:50:cd:88:6f:b4:b2:ce:42:09:
ac:0d:99:57:e8:ce:27:53:38:57:6c:9f:e9:a4:e7:
72:be:a3:26:69:b4:93:c6:e3:ac:91:51:52:79:56:
af:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:00:F4:76:2B:A8:64:AD:36:AB:1C:6C:55:65:A2:72:50:15:5F:92
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/EAD0diuoZK02qxxsVWWiclAVX5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.218.0-46.17.223.255
83.229.16.0/24
91.224.0.0/23
185.107.20.0/22
193.200.154.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:64:0e:ec:28:45:4b:72:b8:ec:75:ec:a3:42:4f:c6:99:45:
eb:66:a5:f6:52:28:34:22:59:b1:c2:62:d9:20:6f:40:2f:22:
ff:6a:bb:bb:15:1b:bb:a6:9d:70:f4:d2:e8:2b:21:38:74:04:
84:16:a9:2b:4d:58:3e:cb:cf:2c:d8:da:43:2a:7e:8f:a9:44:
3b:d7:0e:b4:d8:7d:0f:7c:5b:a8:17:f7:2d:d6:18:ac:1d:b6:
78:b7:c8:17:82:6f:0f:34:3d:90:39:f1:39:f9:b3:b4:e1:67:
97:05:d4:9f:3f:69:26:e9:3f:86:7c:ee:b8:31:f4:33:2f:62:
74:b5:8c:04:0f:51:45:ed:f7:03:29:65:ee:f7:65:83:1b:15:
36:2d:30:0a:94:f7:47:d7:81:02:ad:2f:c1:b8:c1:1c:de:fe:
ad:24:47:55:13:8b:ac:61:ef:c9:f2:d4:f3:2b:fe:ea:02:09:
aa:cc:d6:e0:12:ed:2e:92:20:4f:4b:b3:3f:29:0c:1b:1d:a2:
8e:0a:0c:f4:50:41:4a:f8:40:9a:4f:1c:1a:a5:6c:a8:64:a8:
ad:0b:46:fc:f8:0b:f2:4c:e8:4d:c1:23:dc:e7:a4:3e:41:d4:
f5:e6:a6:b4:3a:22:13:2b:fa:f0:61:55:59:d0:b6:ca:02:4d:
4e:0b:60:59
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQj1v7UWG3ZqQK+8EjgCUyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUwMTAxMjE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDAwZjQ3NjJiYTg2NGFkMzZhYjFjNmM1NTY1YTI3MjUwMTU1ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73QuSnqtAvfBZMdZ/RloceeYa9Th
jMmAkyiaF0/zPd5YcUuMs3Mz+SmpzLoxocUPzH66FoTEN6iEjfNS1lEtjc+/wTW9
7C9QT8088W224R1B/YmmyHIdpzURy5h1Xb6MJawnVf5oxw4ykyrZzjpBZkDyFTsv
q4+8sRNzaB1OYYwgE6PBFdPYkpBGVdaEGPGBAgCWUM/wKQGLw/2u5jLwkRRHS4ir
rYElMlqDcxvgjwqXtylvJWFMiKhnHw7Bane0dg1Fh8rCkxTxHYZDTzAAVhRTygTt
rtZQzYhvtLLOQgmsDZlX6M4nUzhXbJ/ppOdyvqMmabSTxuOskVFSeVavXwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBAA9HYrqGStNqscbFVlonJQFV+SMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvRUFEMGRpdW9aSzAycXh4c1ZXV2ljbEFWWDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAEuEdoD
BAUuEcADBABT5RADBAFb4AADBAK5axQDBADByJowDQYJKoZIhvcNAQELBQADggEB
ADxkDuwoRUtyuOx17KNCT8aZRetmpfZSKDQiWbHCYtkgb0AvIv9qu7sVG7umnXD0
0ugrITh0BIQWqStNWD7LzyzY2kMqfo+pRDvXDrTYfQ98W6gX9y3WGKwdtni3yBeC
bw80PZA58Tn5s7ThZ5cF1J8/aSbpP4Z87rgx9DMvYnS1jAQPUUXt9wMpZe73ZYMb
FTYtMAqU90fXgQKtL8G4wRze/q0kR1UTi6xh78ny1PMr/uoCCarM1uAS7S6SIE9L
sz8pDBsdoo4KDPRQQUr4QJpPHBqlbKhkqK0LRvz4C/JM6E3BI9znpD5B1PXmprQ6
IhMr+vBhVVnQtsoCTU4LYFk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:44:59 2025 by rpki-client