Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/eh6k6EDW67F1BaMz22DQsW1dFis.roa
File: eh6k6EDW67F1BaMz22DQsW1dFis.roa (raw, json)
Hash identifier: IQTOzLLAJV1/nAGCPNSZ0w+xeltOMYm8kA0XXPxhjRU=
Subject key identifier: 7A:1E:A4:E8:40:D6:EB:B1:75:05:A3:33:DB:60:D0:B1:6D:5D:16:2B
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 0194236988AFD2D359304DFD418499EC564C
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/eh6k6EDW67F1BaMz22DQsW1dFis.roa
Signing time: Wed 01 Jan 2025 19:48:26 +0000
ROA not before: Wed 01 Jan 2025 19:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 37.8.0.0/17 maxlen: 17
82.102.192.0/18 maxlen: 24
82.205.0.0/17 maxlen: 17
85.113.96.0/19 maxlen: 19
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
89.239.32.0/20 maxlen: 20
94.26.112.0/20 maxlen: 20
109.232.162.0/23 maxlen: 23
147.189.176.0/20 maxlen: 20
176.65.12.0/22 maxlen: 22
185.40.192.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
185.138.132.0/22 maxlen: 22
185.171.132.0/22 maxlen: 22
188.209.208.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
194.169.121.0/24 maxlen: 24
194.169.122.0/23 maxlen: 23
194.169.122.0/24 maxlen: 24
194.169.123.0/24 maxlen: 24
199.204.215.0/24 maxlen: 24
199.250.128.0/19 maxlen: 19
212.33.96.0/19 maxlen: 19
212.106.64.0/19 maxlen: 19
217.21.0.0/20 maxlen: 20
217.66.224.0/19 maxlen: 19
217.78.48.0/20 maxlen: 20
217.78.48.0/21 maxlen: 21
217.78.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:88:af:d2:d3:59:30:4d:fd:41:84:99:ec:56:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 1 19:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a1ea4e840d6ebb17505a333db60d0b16d5d162b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:d0:d4:f2:7d:c1:de:c9:fa:bc:c3:a1:b4:
01:08:a0:ee:89:8b:76:6a:54:de:5d:ea:95:8c:82:
5d:23:86:c5:cb:61:a1:9b:85:d4:42:7b:4a:1c:fe:
2e:f0:7c:bb:5b:84:ef:f2:72:e1:c3:7f:85:8a:c3:
b4:fd:a7:d7:54:88:3e:b0:00:23:61:e6:4e:49:fe:
52:21:ac:9e:62:05:c1:75:07:e4:ef:c5:53:5b:6b:
d0:41:a2:04:14:08:f2:80:79:bc:9f:23:09:78:c3:
5e:4e:b1:c1:05:9a:be:97:f6:97:77:cc:bc:e0:7d:
2e:01:fc:2a:83:21:8f:31:d7:8e:9d:57:8a:7c:89:
2c:ac:b7:05:d0:22:10:a9:dd:98:99:63:66:47:34:
47:ca:0f:d6:38:e6:27:19:75:f5:ef:6b:87:43:c7:
bd:ca:57:db:90:93:a8:bb:60:28:21:d3:50:7c:21:
7c:da:5e:9e:81:e9:75:97:17:a1:98:f2:55:9a:85:
5d:19:70:3c:3b:07:b9:53:22:c6:b8:3e:54:77:17:
09:91:6f:92:dc:6d:0a:6c:89:0d:a0:d8:fc:8c:71:
ec:db:7e:e7:51:99:5d:5f:c7:51:47:24:e3:fa:2a:
fc:ce:fe:78:90:fb:ec:fb:d8:18:4c:fe:cb:92:79:
0c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:1E:A4:E8:40:D6:EB:B1:75:05:A3:33:DB:60:D0:B1:6D:5D:16:2B
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/eh6k6EDW67F1BaMz22DQsW1dFis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:93:b1:16:fa:50:1c:c6:33:31:b8:31:6e:89:6c:29:bf:30:
32:95:cf:44:03:fa:8b:cb:8c:e2:34:68:4a:10:38:1b:40:93:
59:89:66:44:ed:45:cb:63:5c:ce:a6:99:a4:ca:31:05:84:50:
a3:f4:16:7c:43:56:99:93:cc:58:eb:98:2e:4d:17:55:e6:17:
68:04:75:76:73:d1:59:cb:35:96:3c:e2:ad:9f:e7:d3:ef:a0:
95:cd:7f:61:9b:60:0b:d9:bf:d7:89:65:21:62:8d:6b:97:0e:
8c:ea:3a:00:4a:7f:a4:75:ec:d9:9e:b9:48:92:2c:07:fe:85:
9c:39:77:df:52:4f:55:32:36:e6:cb:46:92:4c:2a:89:82:83:
fb:36:01:7c:0f:08:07:af:cd:55:84:90:1e:0c:1b:61:b3:96:
4f:6f:5b:ce:64:a2:7e:6f:ca:1a:f4:8a:ba:06:68:01:f0:0c:
3e:5f:54:a7:9a:5a:fb:f2:f4:ac:f3:02:71:1d:a8:35:7d:6e:
b8:bd:06:66:98:bd:3b:62:76:b2:de:7b:87:d9:87:72:a8:63:
08:63:3e:07:17:d4:ab:dc:88:74:27:ae:f0:10:d3:33:11:88:
f6:b7:d5:94:ad:58:b9:76:dd:d5:ba:d1:88:83:ba:4c:95:08:
eb:68:df:0d
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQjaYiv0tNZME39QYSZ7FZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjUwMTAxMTk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFlYTRlODQwZDZlYmIxNzUwNWEzMzNkYjYwZDBiMTZkNWQxNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn7Q1PJ9wd7J+rzDobQBCKDuiYt2
alTeXeqVjIJdI4bFy2Ghm4XUQntKHP4u8Hy7W4Tv8nLhw3+FisO0/afXVIg+sAAj
YeZOSf5SIayeYgXBdQfk78VTW2vQQaIEFAjygHm8nyMJeMNeTrHBBZq+l/aXd8y8
4H0uAfwqgyGPMdeOnVeKfIksrLcF0CIQqd2YmWNmRzRHyg/WOOYnGXX172uHQ8e9
ylfbkJOou2AoIdNQfCF82l6egel1lxehmPJVmoVdGXA8Owe5UyLGuD5UdxcJkW+S
3G0KbIkNoNj8jHHs237nUZldX8dRRyTj+ir8zv54kPvs+9gYTP7LknkMRwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFHoepOhA1uuxdQWjM9tg0LFtXRYrMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvZWg2azZFRFc2N0YxQmFNejIyRFFzVzFkRmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBARZ7yADBAReGnADBAFt
6KIDBASTvbADBAKwQQwDBAK5KMADBAC5WvIDBAK5ioQDBAK5q4QDBAK80dADBAK8
12QwDAMEAMKpeQMEAsKpeAMEAMfM1wMEBcf6gAMEBdQhYAMEBdRqQAMEBNkVAAME
BdlC4AMEBNlOMDANBgkqhkiG9w0BAQsFAAOCAQEADJOxFvpQHMYzMbgxbolsKb8w
MpXPRAP6i8uM4jRoShA4G0CTWYlmRO1Fy2NczqaZpMoxBYRQo/QWfENWmZPMWOuY
Lk0XVeYXaAR1dnPRWcs1ljzirZ/n0++glc1/YZtgC9m/14llIWKNa5cOjOo6AEp/
pHXs2Z65SJIsB/6FnDl331JPVTI25stGkkwqiYKD+zYBfA8IB6/NVYSQHgwbYbOW
T29bzmSifm/KGvSKugZoAfAMPl9Up5pa+/L0rPMCcR2oNX1uuL0GZpi9O2J2st57
h9mHcqhjCGM+BxfUq9yIdCeu8BDTMxGI9rfVlK1YuXbd1brRiIO6TJUI62jfDQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:20:02 2025 by rpki-client