Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/v0pTyq5NhBmrkfLDSEkrI_6ukxU.roa
File: v0pTyq5NhBmrkfLDSEkrI_6ukxU.roa (raw, json)
Hash identifier: gC2xNi7O3BlngfgJOgySQ6+ynKh+OD3XYOoBjDPagfM=
Subject key identifier: BF:4A:53:CA:AE:4D:84:19:AB:91:F2:C3:48:49:2B:23:FE:AE:93:15
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0196D49890F550C2FC55255883228E332607
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/v0pTyq5NhBmrkfLDSEkrI_6ukxU.roa
Signing time: Thu 15 May 2025 15:38:10 +0000
ROA not before: Thu 15 May 2025 15:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 05:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:98:90:f5:50:c2:fc:55:25:58:83:22:8e:33:26:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 15 15:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf4a53caae4d8419ab91f2c348492b23feae9315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:50:58:19:fe:10:23:36:c0:00:b6:1b:ce:7d:
3e:5c:12:63:51:9d:f2:1c:42:96:45:99:cb:3f:1a:
b8:71:76:09:ce:e2:77:4c:67:07:23:83:b4:eb:2e:
6c:60:88:18:ff:9e:2c:bf:2d:36:6b:c7:b8:dc:c9:
a6:f7:d1:f4:1c:1e:2e:6a:3d:cc:b8:39:62:2e:b5:
63:18:9e:ba:8d:10:45:50:bc:57:55:91:09:6f:ba:
b9:f8:9f:ad:e2:6f:9c:ab:3a:e1:9c:eb:48:c8:11:
08:fb:d5:ee:ef:35:78:5e:f8:f1:3c:40:30:8d:07:
a8:fb:8d:d7:43:c7:b2:81:d5:0e:18:73:14:ca:9e:
14:79:8f:50:df:e1:cd:eb:de:22:e6:ac:9c:b6:2a:
dc:b2:86:8f:8b:a9:a8:7e:4b:ac:4a:ea:40:22:c8:
16:2c:54:2c:96:6d:37:83:7c:c0:3a:9f:29:67:b9:
bb:f0:e0:e4:ad:c3:0f:31:df:04:61:25:cf:fb:bd:
d1:4a:ed:d5:9e:ed:fc:e9:68:60:74:5a:0e:bb:80:
ce:30:ba:d2:c9:69:52:ac:ef:c8:51:d1:4e:46:bf:
d8:64:a6:df:09:b7:5c:2f:63:6a:01:e4:4a:ae:47:
27:ed:e5:7d:98:94:8d:88:28:ce:0b:d4:05:21:4c:
a0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4A:53:CA:AE:4D:84:19:AB:91:F2:C3:48:49:2B:23:FE:AE:93:15
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/v0pTyq5NhBmrkfLDSEkrI_6ukxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
92:0d:be:52:34:58:f8:b9:ee:6c:d4:9a:4a:5b:fc:31:e1:3d:
73:7c:ba:48:1b:e9:b3:ae:3e:a8:68:93:12:1e:db:34:45:7a:
fe:e3:4f:f6:d9:fa:0e:6b:25:70:2c:da:69:48:80:9f:7f:cb:
ec:32:e4:f9:e1:a2:31:4e:4e:b2:34:c3:1e:5a:b9:4e:a0:09:
4a:d9:04:de:e6:15:35:98:b2:d8:56:46:77:e4:b0:43:fe:4c:
46:0b:a1:7b:c9:c9:0d:dd:95:b8:87:b7:5e:3e:8a:92:c0:5a:
3f:b4:6a:bb:e5:f5:2d:a4:0c:0a:45:c0:a2:79:5a:b3:2d:0a:
da:7b:e9:ad:bb:2e:32:53:97:2b:8b:54:47:0d:62:ae:27:e9:
2c:83:d1:c2:cb:36:53:32:35:76:c8:cf:33:43:60:a7:1f:8f:
63:26:2f:35:c3:41:31:2c:48:f9:6d:f6:bf:03:3a:71:6a:0b:
0f:a1:71:9f:72:43:53:c5:27:94:e0:c4:7e:ce:e8:90:59:93:
6a:b9:3b:d5:9c:72:de:8b:5f:2f:3c:d5:e7:a5:8d:79:88:93:
7c:5b:05:1c:e0:b1:f8:5d:4a:3a:31:99:af:94:95:60:51:c8:
00:d5:3f:64:60:aa:86:58:71:79:4f:62:ab:c9:80:bf:b7:91:
93:61:9c:69
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZbUmJD1UML8VSVYgyKOMyYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNTE1MTUzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRhNTNjYWFlNGQ4NDE5YWI5MWYyYzM0ODQ5MmIyM2ZlYWU5MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlBYGf4QIzbAALYbzn0+XBJjUZ3y
HEKWRZnLPxq4cXYJzuJ3TGcHI4O06y5sYIgY/54svy02a8e43Mmm99H0HB4uaj3M
uDliLrVjGJ66jRBFULxXVZEJb7q5+J+t4m+cqzrhnOtIyBEI+9Xu7zV4XvjxPEAw
jQeo+43XQ8eygdUOGHMUyp4UeY9Q3+HN694i5qyctircsoaPi6mofkusSupAIsgW
LFQslm03g3zAOp8pZ7m78ODkrcMPMd8EYSXP+73RSu3Vnu386WhgdFoOu4DOMLrS
yWlSrO/IUdFORr/YZKbfCbdcL2NqAeRKrkcn7eV9mJSNiCjOC9QFIUygLQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL9KU8quTYQZq5Hyw0hJKyP+rpMVMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdjBwVHlxNU5oQm1ya2ZMRFNFa3JJXzZ1a3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLX/4AwQA
Z0c9AwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQCwl0EMA0EAgACMAcDBQMqCR6A
MA0GCSqGSIb3DQEBCwUAA4IBAQCSDb5SNFj4ue5s1JpKW/wx4T1zfLpIG+mzrj6o
aJMSHts0RXr+40/22foOayVwLNppSICff8vsMuT54aIxTk6yNMMeWrlOoAlK2QTe
5hU1mLLYVkZ35LBD/kxGC6F7yckN3ZW4h7dePoqSwFo/tGq75fUtpAwKRcCieVqz
LQrae+mtuy4yU5cri1RHDWKuJ+ksg9HCyzZTMjV2yM8zQ2CnH49jJi81w0ExLEj5
bfa/AzpxagsPoXGfckNTxSeU4MR+zuiQWZNquTvVnHLei18vPNXnpY15iJN8WwUc
4LH4XUo6MZmvlJVgUcgA1T9kYKqGWHF5T2KryYC/t5GTYZxp
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:14:59 2025 by rpki-client