Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/AwXuQoOBDpLkL6JkvNNI78Almh8.roa
File: AwXuQoOBDpLkL6JkvNNI78Almh8.roa (raw, json)
Hash identifier: rgsGgbJMkxlD2Xt53P3qCIDlwFDG3I1YNJZMV8rGCso=
Subject key identifier: 03:05:EE:42:83:81:0E:92:E4:2F:A2:64:BC:D3:48:EF:C0:25:9A:1F
Certificate issuer: /CN=ac6e3e13111439147f65d337d5f0b1bc2ed79434
Certificate serial: 0194244532BEAEA4B25062EA276CC1DAAA0D
Authority key identifier: AC:6E:3E:13:11:14:39:14:7F:65:D3:37:D5:F0:B1:BC:2E:D7:94:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rG4-ExEUORR_ZdM31fCxvC7XlDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/AwXuQoOBDpLkL6JkvNNI78Almh8.roa
Signing time: Wed 01 Jan 2025 23:48:22 +0000
ROA not before: Wed 01 Jan 2025 23:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60068
IP address blocks: 89.187.160.0/23 maxlen: 23
89.187.162.0/23 maxlen: 23
89.187.164.0/24 maxlen: 24
89.187.165.0/24 maxlen: 24
89.187.166.0/23 maxlen: 23
89.187.168.0/24 maxlen: 24
89.187.169.0/24 maxlen: 24
89.187.170.0/23 maxlen: 23
89.187.172.0/23 maxlen: 23
89.187.174.0/24 maxlen: 24
89.187.175.0/24 maxlen: 24
89.187.176.0/22 maxlen: 22
89.187.180.0/22 maxlen: 22
89.187.184.0/22 maxlen: 22
89.187.188.0/22 maxlen: 22
185.93.0.0/24 maxlen: 24
185.93.1.0/24 maxlen: 24
185.93.2.0/24 maxlen: 24
185.93.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/rG4-ExEUORR_ZdM31fCxvC7XlDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/rG4-ExEUORR_ZdM31fCxvC7XlDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rG4-ExEUORR_ZdM31fCxvC7XlDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:32:be:ae:a4:b2:50:62:ea:27:6c:c1:da:aa:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac6e3e13111439147f65d337d5f0b1bc2ed79434
Validity
Not Before: Jan 1 23:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0305ee4283810e92e42fa264bcd348efc0259a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6c:6c:04:8d:da:3e:73:98:da:13:9e:a8:8d:
37:36:be:10:7d:73:6f:46:24:59:47:99:c9:f6:c3:
78:83:cd:02:b1:fa:7e:c5:00:91:a0:26:84:46:f2:
c8:db:b2:05:f3:ba:6e:1d:6e:50:5e:ff:9b:aa:73:
17:e3:f3:5a:6f:ed:f7:48:db:35:f4:31:2e:9a:01:
4f:28:73:14:ee:4e:0d:f1:ca:5f:3a:3b:de:23:bf:
57:4d:f1:02:29:05:9b:b7:c9:ae:17:88:97:06:72:
ce:aa:af:51:5a:82:62:47:a2:a1:08:d9:ce:12:5a:
06:8c:8d:f5:1a:b1:47:82:4d:d8:de:13:af:2c:c2:
7b:c0:40:84:7e:3c:cb:dc:28:3e:7f:d6:dd:18:2a:
f0:10:07:2e:90:be:d5:3e:da:5d:b6:3c:cb:55:14:
d6:a1:eb:af:55:08:8c:0f:8e:95:9d:dc:34:89:9e:
9d:44:29:8d:6b:2e:c5:67:d8:95:0e:96:6a:0a:13:
5d:1c:8f:49:43:5b:26:4e:21:f9:4f:24:4c:67:67:
57:8f:05:9c:dc:e5:cd:1d:9f:8a:0a:37:f0:ed:10:
15:76:cf:ad:95:33:46:e2:4d:85:7b:06:44:54:da:
82:28:9a:ca:c8:bd:f2:5d:29:42:f1:19:f9:81:36:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:05:EE:42:83:81:0E:92:E4:2F:A2:64:BC:D3:48:EF:C0:25:9A:1F
X509v3 Authority Key Identifier:
keyid:AC:6E:3E:13:11:14:39:14:7F:65:D3:37:D5:F0:B1:BC:2E:D7:94:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rG4-ExEUORR_ZdM31fCxvC7XlDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/AwXuQoOBDpLkL6JkvNNI78Almh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/12ba2a-0cca-437a-985d-fefe857fea80/1/rG4-ExEUORR_ZdM31fCxvC7XlDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.160.0/19
185.93.0.0/22
Signature Algorithm: sha256WithRSAEncryption
10:ed:84:4f:3b:dd:39:26:71:55:76:f2:50:c5:ae:5c:94:b5:
df:eb:5c:22:bf:38:70:a8:3e:de:40:9e:64:49:3c:36:e5:16:
ad:34:f3:ec:05:c5:d3:e8:d7:ee:18:ba:ad:78:d8:a9:ea:70:
87:bc:90:17:b8:b9:3d:9e:19:ac:1d:ef:a2:09:0f:90:bd:94:
af:42:b7:26:ca:fc:62:86:7c:8b:b0:76:6b:1d:27:4f:68:df:
0c:c7:00:bf:1e:2c:b1:5f:6c:ce:58:f9:58:36:fa:c3:04:d3:
bd:7c:49:5c:b4:d7:e6:a7:73:b5:38:f7:96:f8:a5:23:07:10:
e1:75:b3:fe:27:f9:b5:67:fb:94:1a:64:64:87:16:2e:89:12:
ea:da:0e:2c:7b:df:d0:f4:04:36:15:b1:e1:42:92:c3:db:70:
5e:15:5c:d8:bc:d6:af:80:9c:7a:8f:54:99:53:cb:58:b5:56:
63:80:b2:9f:0f:e0:63:1e:6c:f8:93:ed:56:33:d8:23:ea:cc:
ab:83:2e:f5:6b:c0:18:2f:6a:7e:f9:f8:4a:7b:f2:94:fd:ca:
5f:d4:da:d9:77:2c:3c:25:ed:93:e6:4d:02:e8:b9:9c:89:da:
9f:7c:41:81:b0:bc:fe:ae:74:2d:c4:fb:21:7e:4a:5a:c0:94:
a9:1a:ab:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRTK+rqSyUGLqJ2zB2qoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNmUzZTEzMTExNDM5MTQ3ZjY1ZDMzN2Q1ZjBiMWJjMmVk
Nzk0MzQwHhcNMjUwMTAxMjM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA1ZWU0MjgzODEwZTkyZTQyZmEyNjRiY2QzNDhlZmMwMjU5YTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mxsBI3aPnOY2hOeqI03Nr4QfXNv
RiRZR5nJ9sN4g80Csfp+xQCRoCaERvLI27IF87puHW5QXv+bqnMX4/Nab+33SNs1
9DEumgFPKHMU7k4N8cpfOjveI79XTfECKQWbt8muF4iXBnLOqq9RWoJiR6KhCNnO
EloGjI31GrFHgk3Y3hOvLMJ7wECEfjzL3Cg+f9bdGCrwEAcukL7VPtpdtjzLVRTW
oeuvVQiMD46Vndw0iZ6dRCmNay7FZ9iVDpZqChNdHI9JQ1smTiH5TyRMZ2dXjwWc
3OXNHZ+KCjfw7RAVds+tlTNG4k2FewZEVNqCKJrKyL3yXSlC8Rn5gTaoFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAMF7kKDgQ6S5C+iZLzTSO/AJZofMB8GA1UdIwQY
MBaAFKxuPhMRFDkUf2XTN9Xwsbwu15Q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckc0LUV4RVVPUlJfWmRNMzFmQ3h2QzdYbERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xMmJhMmEtMGNjYS00MzdhLTk4NWQt
ZmVmZTg1N2ZlYTgwLzEvQXdYdVFvT0JEcExrTDZKa3ZOTkk3OEFsbWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xMmJhMmEtMGNjYS00MzdhLTk4NWQtZmVmZTg1N2ZlYTgw
LzEvckc0LUV4RVVPUlJfWmRNMzFmQ3h2QzdYbERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFWbugAwQC
uV0AMA0GCSqGSIb3DQEBCwUAA4IBAQAQ7YRPO905JnFVdvJQxa5clLXf61wivzhw
qD7eQJ5kSTw25RatNPPsBcXT6NfuGLqteNip6nCHvJAXuLk9nhmsHe+iCQ+QvZSv
QrcmyvxihnyLsHZrHSdPaN8MxwC/HiyxX2zOWPlYNvrDBNO9fElctNfmp3O1OPeW
+KUjBxDhdbP+J/m1Z/uUGmRkhxYuiRLq2g4se9/Q9AQ2FbHhQpLD23BeFVzYvNav
gJx6j1SZU8tYtVZjgLKfD+BjHmz4k+1WM9gj6syrgy71a8AYL2p++fhKe/KU/cpf
1NrZdyw8Je2T5k0C6LmcidqffEGBsLz+rnQtxPshfkpawJSpGqul
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:25 2025 by rpki-client