Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/IlEGs3swTEykFsR9k5C7RdaE6C0.roa
File: IlEGs3swTEykFsR9k5C7RdaE6C0.roa (raw, json)
Hash identifier: zQZ2kqcVA7iLm2FpONrymzqVeMVyWeuFsep/95FwbMQ=
Subject key identifier: 22:51:06:B3:7B:30:4C:4C:A4:16:C4:7D:93:90:BB:45:D6:84:E8:2D
Certificate issuer: /CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Certificate serial: 019428259E7579EE9F2616123770D266A004
Authority key identifier: 04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/IlEGs3swTEykFsR9k5C7RdaE6C0.roa
Signing time: Thu 02 Jan 2025 17:52:21 +0000
ROA not before: Thu 02 Jan 2025 17:52:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8529
IP address blocks: 82.178.32.0/24 maxlen: 24
82.178.33.0/24 maxlen: 24
82.178.158.0/23 maxlen: 23
82.178.158.0/24 maxlen: 24
82.178.159.0/24 maxlen: 24
134.0.216.0/22 maxlen: 24
134.0.220.0/22 maxlen: 24
151.248.96.0/20 maxlen: 24
185.200.124.0/24 maxlen: 24
185.200.125.0/24 maxlen: 24
185.201.192.0/22 maxlen: 24
213.202.0.0/21 maxlen: 24
2a02:f040::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:9e:75:79:ee:9f:26:16:12:37:70:d2:66:a0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Validity
Not Before: Jan 2 17:52:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=225106b37b304c4ca416c47d9390bb45d684e82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:7d:3b:8f:7c:54:d5:b9:43:da:56:63:69:
6d:cd:8e:2d:0c:7f:39:56:60:1f:55:52:6d:ff:6d:
9a:2d:de:f7:9c:40:a5:91:1b:06:9e:5a:0f:a1:93:
31:eb:88:87:8f:67:d2:18:c1:30:41:49:1f:61:06:
64:46:57:0e:b4:ae:3e:74:fc:dc:23:5e:ff:40:da:
4b:da:bd:dc:39:21:ef:9d:e7:cb:8e:f9:50:ee:c0:
65:ec:76:d6:ac:4c:8a:83:f8:78:20:a1:8d:bd:03:
46:f7:f1:d1:4f:66:2e:d1:f9:9c:bb:dc:01:2a:02:
62:58:d1:74:e1:6a:44:63:1d:5a:dc:cb:df:71:4c:
b1:8b:33:5f:1c:db:27:4e:6d:36:4e:4a:c8:98:fc:
6c:91:88:ab:dc:de:43:5d:5b:9e:28:80:de:dd:9f:
06:f3:19:1c:38:14:23:61:72:99:69:6e:60:66:e3:
d4:01:22:1f:62:57:d0:c9:4f:95:e2:8f:7a:e0:2f:
53:af:f7:1e:9d:81:6c:2a:08:fd:3b:8d:6f:2e:65:
b3:7d:77:cb:ff:a1:4a:5c:bc:78:af:bb:35:ed:72:
c5:8e:de:92:2f:b3:6e:3e:fa:10:cb:16:12:0a:bc:
78:11:56:97:1d:7f:bb:65:af:5f:33:cb:2e:55:6c:
86:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:51:06:B3:7B:30:4C:4C:A4:16:C4:7D:93:90:BB:45:D6:84:E8:2D
X509v3 Authority Key Identifier:
keyid:04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/IlEGs3swTEykFsR9k5C7RdaE6C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.32.0/23
82.178.158.0/23
134.0.216.0/21
151.248.96.0/20
185.200.124.0/23
185.201.192.0/22
213.202.0.0/21
IPv6:
2a02:f040::/29
Signature Algorithm: sha256WithRSAEncryption
69:73:d2:62:36:99:84:e0:a2:95:e5:ba:20:31:9e:c6:b9:a9:
78:18:80:5d:43:43:65:2b:db:e7:b1:32:26:5b:47:3c:9e:6c:
cd:8a:dd:04:e9:85:8d:bf:b5:a9:b6:c7:14:f4:12:0f:c7:bc:
82:35:a2:92:cf:47:f1:5f:7e:5f:37:ac:42:64:b4:66:36:73:
ae:f9:dc:bd:97:71:b9:39:10:b7:b9:d8:aa:7b:f7:24:24:98:
0e:40:94:2d:0a:d9:7b:0e:1d:93:c0:e9:a5:39:1c:10:1f:95:
ff:5e:e0:9c:a9:1e:2f:fc:fa:0e:46:5d:4e:b9:1b:8c:29:4f:
6c:fa:03:1a:07:02:8b:d9:10:a2:99:07:da:82:3c:43:5c:41:
ce:d3:34:dd:50:c4:87:ad:5a:3d:b9:98:00:8a:73:c6:a9:a2:
9c:0c:5d:53:16:c2:42:c3:72:0c:bb:1c:51:f5:51:27:9a:7d:
8e:32:6b:e4:5b:37:ec:30:b0:48:99:26:dd:d5:c9:d1:30:5b:
d4:28:7e:02:82:5b:9c:8e:2d:b8:58:39:4d:37:df:06:35:b2:
75:28:6b:4f:cd:3f:31:78:a6:33:6b:40:24:66:07:3b:cc:6b:
75:a3:f1:54:5a:38:24:68:37:35:8e:4e:27:18:6a:91:95:ba:
57:24:7b:c2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQoJZ51ee6fJhYSN3DSZqAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmQ5ZjRkNmFmZjM4M2M1OWU5ZGU3ODAyZGJlZTAyNGVl
ODg3ZGMwHhcNMjUwMTAyMTc1MjIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjUxMDZiMzdiMzA0YzRjYTQxNmM0N2Q5MzkwYmI0NWQ2ODRlODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAd9O498VNW5Q9pWY2ltzY4tDH85
VmAfVVJt/22aLd73nEClkRsGnloPoZMx64iHj2fSGMEwQUkfYQZkRlcOtK4+dPzc
I17/QNpL2r3cOSHvnefLjvlQ7sBl7HbWrEyKg/h4IKGNvQNG9/HRT2Yu0fmcu9wB
KgJiWNF04WpEYx1a3MvfcUyxizNfHNsnTm02TkrImPxskYir3N5DXVueKIDe3Z8G
8xkcOBQjYXKZaW5gZuPUASIfYlfQyU+V4o964C9Tr/cenYFsKgj9O41vLmWzfXfL
/6FKXLx4r7s17XLFjt6SL7NuPvoQyxYSCrx4EVaXHX+7Za9fM8suVWyGPQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCJRBrN7MExMpBbEfZOQu0XWhOgtMB8GA1UdIwQY
MBaAFAQtn01q/zg8WeneeALb7gJO6IfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEt
YWFlMTQ0NzYwM2MwLzEvSWxFR3Mzc3dURXlrRnNSOWs1QzdSZGFFNkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEtYWFlMTQ0NzYwM2Mw
LzEvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBUrIgAwQB
UrKeAwQDhgDYAwQEl/hgAwQBuch8AwQCucnAAwQD1coAMA0EAgACMAcDBQMqAvBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpc9JiNpmE4KKV5bogMZ7Gual4GIBdQ0NlK9vn
sTImW0c8nmzNit0E6YWNv7WptscU9BIPx7yCNaKSz0fxX35fN6xCZLRmNnOu+dy9
l3G5ORC3udiqe/ckJJgOQJQtCtl7Dh2TwOmlORwQH5X/XuCcqR4v/PoORl1OuRuM
KU9s+gMaBwKL2RCimQfagjxDXEHO0zTdUMSHrVo9uZgAinPGqaKcDF1TFsJCw3IM
uxxR9VEnmn2OMmvkWzfsMLBImSbd1cnRMFvUKH4Cglucji24WDlNN98GNbJ1KGtP
zT8xeKYza0AkZgc7zGt1o/FUWjgkaDc1jk4nGGqRlbpXJHvC
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:08:09 2025 by rpki-client