Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/AEVvsnRQYto226XFdaazjy3xWuo.roa
File: AEVvsnRQYto226XFdaazjy3xWuo.roa (raw, json)
Hash identifier: Txnd+U22SzgetuoksqRrs/2RHcGormwyvmHzfxiwQko=
Subject key identifier: 00:45:6F:B2:74:50:62:DA:36:DB:A5:C5:75:A6:B3:8F:2D:F1:5A:EA
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0194F9B9101FBA91781451A6D663DE1F0CD1
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/AEVvsnRQYto226XFdaazjy3xWuo.roa
Signing time: Wed 12 Feb 2025 10:34:02 +0000
ROA not before: Wed 12 Feb 2025 10:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.241.0/24 maxlen: 24
185.118.242.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.116.0/22 maxlen: 22
194.150.116.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
194.150.119.0/24 maxlen: 24
2a06:9680::/29 maxlen: 48
2a06:9680:1::/48 maxlen: 48
2a06:9680:2::/48 maxlen: 48
2a06:9680:3::/48 maxlen: 48
2a06:9680:4::/48 maxlen: 48
2a06:9680:5::/48 maxlen: 48
2a06:9680:6::/48 maxlen: 48
2a06:9680:7::/48 maxlen: 48
2a06:9680:8::/48 maxlen: 48
2a06:9680:9::/48 maxlen: 48
2a06:9680:a::/48 maxlen: 48
2a06:9680:b::/48 maxlen: 48
2a06:9680:c::/48 maxlen: 48
2a06:9680:d::/48 maxlen: 48
2a06:9680:e::/48 maxlen: 48
2a06:9680:f::/48 maxlen: 48
2a06:9680:10::/48 maxlen: 48
2a06:9680:11::/48 maxlen: 48
2a06:9680:12::/48 maxlen: 48
2a06:9680:13::/48 maxlen: 48
2a06:9680:14::/48 maxlen: 48
2a06:9680:15::/48 maxlen: 48
2a06:9680:16::/48 maxlen: 48
2a06:9680:17::/48 maxlen: 48
2a06:9680:18::/48 maxlen: 48
2a06:9680:19::/48 maxlen: 48
2a06:9680:1a::/48 maxlen: 48
2a06:9680:1b::/48 maxlen: 48
2a06:9680:1c::/48 maxlen: 48
2a06:9680:1d::/48 maxlen: 48
2a06:9680:1e::/48 maxlen: 48
2a06:9680:1f::/48 maxlen: 48
2a06:9680:20::/48 maxlen: 48
2a06:9680:21::/48 maxlen: 48
2a06:9680:22::/48 maxlen: 48
2a06:9680:23::/48 maxlen: 48
2a06:9680:24::/48 maxlen: 48
2a06:9680:25::/48 maxlen: 48
2a06:9680:26::/48 maxlen: 48
2a06:9680:27::/48 maxlen: 48
2a06:9680:28::/48 maxlen: 48
2a06:9680:29::/48 maxlen: 48
2a06:9680:2a::/48 maxlen: 48
2a06:9680:2b::/48 maxlen: 48
2a06:9680:2c::/48 maxlen: 48
2a06:9680:2d::/48 maxlen: 48
2a06:9680:2e::/48 maxlen: 48
2a06:9680:2f::/48 maxlen: 48
2a06:9680:30::/48 maxlen: 48
2a06:9680:31::/48 maxlen: 48
2a06:9680:32::/48 maxlen: 48
2a06:9680:33::/48 maxlen: 48
2a06:9680:34::/48 maxlen: 48
2a06:9680:35::/48 maxlen: 48
2a06:9680:36::/48 maxlen: 48
2a06:9680:37::/48 maxlen: 48
2a06:9680:38::/48 maxlen: 48
2a06:9680:39::/48 maxlen: 48
2a06:9680:3a::/48 maxlen: 48
2a06:9680:3b::/48 maxlen: 48
2a06:9680:3c::/48 maxlen: 48
2a06:9680:3d::/48 maxlen: 48
2a06:9680:3e::/48 maxlen: 48
2a06:9680:3f::/48 maxlen: 48
2a06:9680:40::/48 maxlen: 48
2a06:9680:41::/48 maxlen: 48
2a06:9680:42::/48 maxlen: 48
2a06:9680:43::/48 maxlen: 48
2a06:9682::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:b9:10:1f:ba:91:78:14:51:a6:d6:63:de:1f:0c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Feb 12 10:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00456fb2745062da36dba5c575a6b38f2df15aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:11:04:c9:31:14:d3:a1:b7:7a:98:11:61:10:
25:0b:cf:9c:21:c5:f4:f3:b1:cb:35:fa:34:39:1b:
65:99:84:99:4d:c7:59:03:df:78:fd:35:02:38:06:
8a:39:b0:a5:cc:1b:97:5e:57:d5:71:6a:dd:65:e7:
1b:00:f8:b0:d5:03:9a:c6:70:be:f2:f7:77:2d:3e:
66:cf:3b:7c:aa:3a:02:5f:d8:9d:c6:4f:96:26:24:
a0:16:76:09:da:7f:65:f8:3f:af:0e:fd:c6:2b:e7:
08:e2:fe:ff:c6:9a:fc:f8:a6:bd:67:7e:f7:ff:26:
3d:8a:43:0a:bb:ae:9d:65:9e:93:07:c7:df:19:8a:
59:33:dc:a5:11:81:86:d0:c4:d0:4e:c6:1f:3c:ac:
c4:e3:01:81:32:bd:00:36:35:41:e0:be:91:76:e9:
4d:81:7b:5f:04:d3:1f:df:8d:c4:8b:e2:47:0a:68:
fe:2f:7c:62:77:d3:94:97:38:57:ca:2f:58:2e:e5:
0d:5f:9e:d8:e0:af:41:e1:05:bf:ad:b7:7e:3d:c2:
83:c2:27:d7:fc:d7:90:78:89:45:f2:a8:c4:57:94:
2c:ca:0f:2c:72:2b:c5:18:45:d6:3c:e0:45:37:11:
3d:90:9e:29:e3:be:ef:8f:bf:01:7c:d6:ff:51:bb:
d3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:45:6F:B2:74:50:62:DA:36:DB:A5:C5:75:A6:B3:8F:2D:F1:5A:EA
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/AEVvsnRQYto226XFdaazjy3xWuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0-185.118.243.255
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
48:77:4b:43:63:2b:43:ab:53:6b:27:d4:47:1a:d1:02:aa:14:
d0:b0:41:9d:1f:f4:12:9f:f2:f3:3d:96:d2:41:ee:b4:50:ac:
b2:71:7a:4d:e3:3a:3d:e9:cf:a9:19:e0:2d:65:bc:99:b9:d4:
4b:41:f8:59:65:89:81:14:ab:c5:be:19:23:66:3c:fd:ac:a0:
62:3d:5b:02:9b:ab:67:8d:07:59:c5:6c:c8:e7:82:01:2c:e1:
91:37:32:a2:69:1f:b0:0c:ac:5b:ee:98:2b:1c:4d:d1:20:18:
c2:f7:01:f8:f8:0e:ff:f3:5c:bf:56:44:d3:8a:9a:cc:c7:68:
46:4f:2f:14:d5:77:fc:44:91:47:5a:ce:88:98:87:35:90:64:
66:76:5d:69:8a:64:b5:07:10:e4:ea:44:f6:97:7c:5e:cd:47:
bd:f6:fe:c0:9b:0c:5c:7d:17:0d:55:83:34:df:80:03:0a:24:
3b:8c:2f:f5:81:d8:91:09:23:ae:e4:d1:1b:3f:d8:7d:8b:79:
dc:45:f9:4a:24:24:ea:76:6b:ef:57:d8:e3:b3:16:ae:32:54:
56:77:6d:94:8b:e9:16:cd:72:7a:f1:b7:09:54:70:cb:e6:90:
39:0d:3b:16:50:ca:a1:fd:f9:1a:b8:37:13:b6:da:0e:76:87:
7a:95:56:ac
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZT5uRAfupF4FFGm1mPeHwzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjUwMjEyMTAzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ1NmZiMjc0NTA2MmRhMzZkYmE1YzU3NWE2YjM4ZjJkZjE1YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hEEyTEU06G3epgRYRAlC8+cIcX0
87HLNfo0ORtlmYSZTcdZA994/TUCOAaKObClzBuXXlfVcWrdZecbAPiw1QOaxnC+
8vd3LT5mzzt8qjoCX9idxk+WJiSgFnYJ2n9l+D+vDv3GK+cI4v7/xpr8+Ka9Z373
/yY9ikMKu66dZZ6TB8ffGYpZM9ylEYGG0MTQTsYfPKzE4wGBMr0ANjVB4L6RdulN
gXtfBNMf343Ei+JHCmj+L3xid9OUlzhXyi9YLuUNX57Y4K9B4QW/rbd+PcKDwifX
/NeQeIlF8qjEV5Qsyg8scivFGEXWPOBFNxE9kJ4p477vj78BfNb/UbvT/wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFABFb7J0UGLaNtulxXWms48t8VrqMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvQUVWdnNuUlFZdG8yMjZYRmRhYXpqeTN4V3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5dvED
BAK5dvADBALClnQwDQQCAAIwBwMFAyoGloAwDQYJKoZIhvcNAQELBQADggEBAEh3
S0NjK0OrU2sn1Eca0QKqFNCwQZ0f9BKf8vM9ltJB7rRQrLJxek3jOj3pz6kZ4C1l
vJm51EtB+FlliYEUq8W+GSNmPP2soGI9WwKbq2eNB1nFbMjnggEs4ZE3MqJpH7AM
rFvumCscTdEgGML3Afj4Dv/zXL9WRNOKmszHaEZPLxTVd/xEkUdazoiYhzWQZGZ2
XWmKZLUHEOTqRPaXfF7NR732/sCbDFx9Fw1VgzTfgAMKJDuML/WB2JEJI67k0Rs/
2H2LedxF+UokJOp2a+9X2OOzFq4yVFZ3bZSL6RbNcnrxtwlUcMvmkDkNOxZQyqH9
+Rq4NxO22g52h3qVVqw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:06:11 2025 by rpki-client