Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/prPQPBCGBqBpkoabw_55gzUQ7HY.roa
File: prPQPBCGBqBpkoabw_55gzUQ7HY.roa (raw, json)
Hash identifier: yixWji3yzDQEZNnpPankPdWbD3OL+QTc7sxfow3xQl0=
Subject key identifier: A6:B3:D0:3C:10:86:06:A0:69:92:86:9B:C3:FE:79:83:35:10:EC:76
Certificate issuer: /CN=e5a6794b91b81406412a137870bfde3b170de094
Certificate serial: 0194236942AB043B2A9E772EF28170249D7D
Authority key identifier: E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/prPQPBCGBqBpkoabw_55gzUQ7HY.roa
Signing time: Wed 01 Jan 2025 19:48:08 +0000
ROA not before: Wed 01 Jan 2025 19:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199335
IP address blocks: 80.94.192.0/20 maxlen: 20
85.92.160.0/22 maxlen: 22
85.92.164.0/22 maxlen: 22
85.92.168.0/22 maxlen: 22
85.92.172.0/22 maxlen: 22
85.92.176.0/22 maxlen: 22
85.92.180.0/22 maxlen: 22
85.92.184.0/22 maxlen: 22
85.92.188.0/22 maxlen: 22
176.126.224.0/21 maxlen: 21
185.5.64.0/22 maxlen: 22
185.99.21.0/24 maxlen: 24
185.113.60.0/22 maxlen: 22
188.241.40.0/21 maxlen: 21
2a02:77c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:42:ab:04:3b:2a:9e:77:2e:f2:81:70:24:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a6794b91b81406412a137870bfde3b170de094
Validity
Not Before: Jan 1 19:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6b3d03c108606a06992869bc3fe79833510ec76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:32:ae:d3:69:f9:52:6c:31:05:58:3e:fe:42:
b0:9e:6b:de:c9:e9:e7:44:13:68:77:21:a4:d2:52:
7a:6a:fa:5e:76:80:45:7c:b9:74:71:87:61:f6:8c:
da:e0:20:b0:5c:9c:47:9b:bd:e5:60:43:6c:53:68:
75:a9:12:f5:fc:b9:13:6a:9b:1d:1a:8e:9b:61:69:
27:73:94:8c:09:22:47:60:1a:ab:f6:9e:ac:aa:c1:
bd:f8:0c:2d:8a:6a:3d:e8:43:64:93:a3:c1:24:7a:
77:54:23:17:59:e6:fc:86:45:2d:a9:58:ed:ff:4b:
2a:93:65:fc:a4:dc:b2:de:e6:1f:0b:ac:26:0b:9d:
f8:99:0e:61:ed:5c:12:7e:0f:be:e5:1d:af:ee:b3:
cc:cb:18:01:9d:b9:20:b4:50:0d:23:62:25:aa:78:
04:1c:cf:fc:d9:ea:72:6f:a4:89:18:9f:36:5b:e5:
3f:5f:75:a9:f2:52:7c:e3:0d:b2:ce:3a:1b:8b:84:
d2:16:1f:0c:46:f8:38:d5:ab:07:3c:fd:ab:bd:27:
fc:64:4f:3a:f1:27:84:51:8f:6b:0c:c6:1a:79:0f:
df:a6:29:f0:eb:87:8b:c2:7b:77:74:59:0c:65:a3:
39:f9:7b:8d:a3:4e:89:bb:28:84:7b:1e:b9:58:e0:
72:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B3:D0:3C:10:86:06:A0:69:92:86:9B:C3:FE:79:83:35:10:EC:76
X509v3 Authority Key Identifier:
keyid:E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/prPQPBCGBqBpkoabw_55gzUQ7HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.192.0/20
85.92.160.0/19
176.126.224.0/21
185.5.64.0/22
185.99.21.0/24
185.113.60.0/22
188.241.40.0/21
IPv6:
2a02:77c0::/32
Signature Algorithm: sha256WithRSAEncryption
62:f7:f5:20:ef:ac:a1:bd:7b:8c:13:51:e5:43:e2:5b:98:8e:
40:8c:63:e2:e1:02:fb:8f:87:77:a3:cb:93:90:88:97:50:ff:
fd:3d:02:0f:e5:c3:fa:91:79:ee:68:26:f7:7c:3f:fb:40:a1:
f1:7d:35:cd:07:94:b9:fc:29:10:d2:e7:dd:3d:82:d2:67:6e:
69:c7:84:f7:f4:ae:c2:7a:da:38:38:88:9e:79:58:39:69:f2:
c9:5f:7f:bf:a7:8f:61:76:62:5d:81:7f:9a:97:7e:ba:89:c9:
2d:a2:ff:7a:6d:24:67:66:63:26:c7:04:78:f3:2f:87:4a:5f:
aa:fd:72:ae:2c:7f:8b:76:0d:15:c9:1e:44:fc:56:6c:16:b5:
c0:d3:ef:79:f7:6d:72:a8:87:36:0e:5b:51:0c:c5:65:b5:4a:
8f:11:36:34:30:a7:18:c7:35:0e:b3:94:39:27:c0:24:1e:e2:
67:a4:3c:98:e2:2c:11:72:33:72:02:b5:0e:d3:a8:83:32:8d:
45:db:53:f2:f6:13:7a:ef:a0:c2:50:21:d7:0a:34:ae:60:42:
63:6a:9b:29:99:38:49:d6:bb:c3:bd:66:89:6d:04:3f:b1:7e:
6f:26:f1:c5:67:f8:79:39:d7:7c:44:57:86:c3:70:dd:a2:2b:
60:74:44:b2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQjaUKrBDsqnncu8oFwJJ19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTY3OTRiOTFiODE0MDY0MTJhMTM3ODcwYmZkZTNiMTcw
ZGUwOTQwHhcNMjUwMTAxMTk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmIzZDAzYzEwODYwNmEwNjk5Mjg2OWJjM2ZlNzk4MzM1MTBlYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDKu02n5UmwxBVg+/kKwnmveyenn
RBNodyGk0lJ6avpedoBFfLl0cYdh9oza4CCwXJxHm73lYENsU2h1qRL1/LkTapsd
Go6bYWknc5SMCSJHYBqr9p6sqsG9+Awtimo96ENkk6PBJHp3VCMXWeb8hkUtqVjt
/0sqk2X8pNyy3uYfC6wmC534mQ5h7VwSfg++5R2v7rPMyxgBnbkgtFANI2IlqngE
HM/82epyb6SJGJ82W+U/X3Wp8lJ84w2yzjobi4TSFh8MRvg41asHPP2rvSf8ZE86
8SeEUY9rDMYaeQ/fpinw64eLwnt3dFkMZaM5+XuNo06JuyiEex65WOByqwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKaz0DwQhgagaZKGm8P+eYM1EOx2MB8GA1UdIwQY
MBaAFOWmeUuRuBQGQSoTeHC/3jsXDeCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjIt
NTg3MjEwOWI2N2E4LzEvcHJQUVBCQ0dCcUJwa29hYndfNTVnelVRN0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjItNTg3MjEwOWI2N2E4
LzEvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEUF7AAwQF
VVygAwQDsH7gAwQCuQVAAwQAuWMVAwQCuXE8AwQDvPEoMA0EAgACMAcDBQAqAnfA
MA0GCSqGSIb3DQEBCwUAA4IBAQBi9/Ug76yhvXuME1HlQ+JbmI5AjGPi4QL7j4d3
o8uTkIiXUP/9PQIP5cP6kXnuaCb3fD/7QKHxfTXNB5S5/CkQ0ufdPYLSZ25px4T3
9K7Ceto4OIieeVg5afLJX3+/p49hdmJdgX+al366icktov96bSRnZmMmxwR48y+H
Sl+q/XKuLH+Ldg0VyR5E/FZsFrXA0+95921yqIc2DltRDMVltUqPETY0MKcYxzUO
s5Q5J8AkHuJnpDyY4iwRcjNyArUO06iDMo1F21Py9hN676DCUCHXCjSuYEJjapsp
mThJ1rvDvWaJbQQ/sX5vJvHFZ/h5Odd8RFeGw3DdoitgdESy
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:35:02 2025 by rpki-client