Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/EVOvB7sDScf41BENRNWFN92qCOc.roa
File: EVOvB7sDScf41BENRNWFN92qCOc.roa (raw, json)
Hash identifier: v9rFJdO6bVhF4g/DVUTlP2lnOU6R9fjrxCCGGRzmhBo=
Subject key identifier: 11:53:AF:07:BB:03:49:C7:F8:D4:11:0D:44:D5:85:37:DD:AA:08:E7
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 0194FED29B333971074DB799B8DBCB60CA56
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/EVOvB7sDScf41BENRNWFN92qCOc.roa
Signing time: Thu 13 Feb 2025 10:20:02 +0000
ROA not before: Thu 13 Feb 2025 10:20:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
131.237.0.0/24 maxlen: 24
131.237.1.0/24 maxlen: 24
131.237.8.0/24 maxlen: 24
131.237.32.0/24 maxlen: 24
131.237.40.0/24 maxlen: 24
131.237.41.0/24 maxlen: 24
131.237.42.0/24 maxlen: 24
131.237.43.0/24 maxlen: 24
131.237.70.0/24 maxlen: 24
131.237.71.0/24 maxlen: 24
131.237.72.0/24 maxlen: 24
131.237.73.0/24 maxlen: 24
131.237.74.0/24 maxlen: 24
131.237.77.0/24 maxlen: 24
131.237.78.0/24 maxlen: 24
131.237.83.0/24 maxlen: 24
131.237.84.0/24 maxlen: 24
131.237.96.0/24 maxlen: 24
131.237.120.0/24 maxlen: 24
131.237.121.0/24 maxlen: 24
131.237.163.0/24 maxlen: 24
145.31.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
145.45.0.0/24 maxlen: 24
145.45.48.0/24 maxlen: 24
145.45.110.0/24 maxlen: 24
145.50.0.0/16 maxlen: 24
145.50.37.0/24 maxlen: 24
145.50.39.0/24 maxlen: 24
145.50.105.0/24 maxlen: 24
145.50.233.0/24 maxlen: 24
194.104.116.0/22 maxlen: 24
194.104.116.0/24 maxlen: 24
194.104.117.0/24 maxlen: 24
194.104.118.0/24 maxlen: 24
194.104.119.0/24 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:d2:9b:33:39:71:07:4d:b7:99:b8:db:cb:60:ca:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Feb 13 10:20:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1153af07bb0349c7f8d4110d44d58537ddaa08e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6b:36:40:d8:e9:83:e7:25:36:6c:b7:55:70:
4a:bc:1b:1a:a6:fc:7c:2a:a7:25:22:11:e4:8b:66:
5e:be:d8:18:cd:dd:0b:d1:32:ef:d4:3b:2f:95:98:
4b:b3:62:10:4b:d9:e2:e2:0b:49:9c:ad:b9:f1:0e:
3d:19:8f:b4:0b:a9:81:9b:7b:3b:0e:11:b6:7c:59:
62:db:72:91:be:c3:20:7a:cf:9d:14:c6:78:cf:a2:
9f:15:bb:6d:69:5d:25:cd:b1:31:07:a6:5e:fa:58:
41:75:15:83:a8:f0:65:6b:09:ea:01:22:79:f1:fb:
3c:41:13:79:74:2c:21:8e:fc:36:7f:70:f6:37:af:
0b:73:f8:c1:0b:4d:bd:58:c0:57:75:1f:6e:97:51:
35:c9:7f:0e:fb:3d:b3:db:59:6d:ad:d1:41:fd:b0:
fd:72:b2:ce:76:e3:2a:36:20:e6:b3:ee:5f:c2:81:
2b:bd:96:5c:24:60:2c:54:d0:43:af:a4:07:c8:e3:
6c:5b:9c:4a:76:80:90:c5:1a:87:cd:85:8f:ad:c6:
52:99:03:9b:8f:07:45:0a:85:b9:3e:06:d9:d5:cc:
0f:7e:b6:e7:e5:20:23:d5:8b:aa:07:29:81:4c:92:
99:b7:43:d6:25:05:2f:96:62:5b:79:72:ba:a5:2f:
eb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:53:AF:07:BB:03:49:C7:F8:D4:11:0D:44:D5:85:37:DD:AA:08:E7
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/EVOvB7sDScf41BENRNWFN92qCOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
7f:9d:57:fa:b5:e8:f2:55:3e:d5:9e:76:4c:43:6f:ce:2f:87:
2b:37:4e:53:ac:2d:c7:a2:fe:50:1b:2a:c4:d6:6d:00:12:09:
31:c6:aa:84:e0:0a:d9:77:12:ca:b2:c8:d0:36:21:39:f6:57:
23:24:21:42:54:67:2f:30:69:dc:af:c7:bb:93:06:50:b5:59:
90:9e:61:8f:6f:b4:f4:ff:77:55:a2:76:98:80:58:9c:3b:e3:
c6:57:52:ac:37:c8:d3:d3:ad:c8:26:7a:94:87:66:f7:5f:f3:
a0:54:c3:63:b3:fe:79:d0:48:6d:d7:77:ca:d0:21:c0:ed:57:
bd:99:fa:c1:85:d4:70:f1:28:5b:66:85:e0:1a:1e:8b:46:bf:
04:5f:5d:52:ca:4b:30:b4:cc:61:2a:64:f2:cb:b8:57:ed:b5:
17:82:a9:c6:26:ac:3b:10:d6:34:1b:94:c8:97:c2:d4:65:ca:
64:34:7c:4b:1e:f0:94:cf:d4:2f:1c:83:a3:ce:6c:07:55:83:
88:da:04:f3:99:2f:04:0b:23:94:f2:ab:a3:e4:fe:9d:9e:00:
56:5c:b3:96:a6:20:9d:b6:50:c3:f3:f5:d9:d5:f1:25:b0:48:
2b:ed:29:ad:b2:7a:a3:b2:2b:53:7b:61:86:45:e5:5e:44:a6:
a5:61:9f:61
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZT+0pszOXEHTbeZuNvLYMpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMjEzMTAyMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTUzYWYwN2JiMDM0OWM3ZjhkNDExMGQ0NGQ1ODUzN2RkYWEwOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGs2QNjpg+clNmy3VXBKvBsapvx8
KqclIhHki2ZevtgYzd0L0TLv1DsvlZhLs2IQS9ni4gtJnK258Q49GY+0C6mBm3s7
DhG2fFli23KRvsMges+dFMZ4z6KfFbttaV0lzbExB6Ze+lhBdRWDqPBlawnqASJ5
8fs8QRN5dCwhjvw2f3D2N68Lc/jBC029WMBXdR9ul1E1yX8O+z2z21ltrdFB/bD9
crLOduMqNiDms+5fwoErvZZcJGAsVNBDr6QHyONsW5xKdoCQxRqHzYWPrcZSmQOb
jwdFCoW5PgbZ1cwPfrbn5SAj1YuqBymBTJKZt0PWJQUvlmJbeXK6pS/rDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBFTrwe7A0nH+NQRDUTVhTfdqgjnMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvRVZPdkI3c0RTY2Y0MUJFTlJOV0ZOOTJxQ09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQB/nVf6tejyVT7VnnZMQ2/OL4crN05TrC3Hov5QGyrE1m0AEgkxxqqE4ArZ
dxLKssjQNiE59lcjJCFCVGcvMGncr8e7kwZQtVmQnmGPb7T0/3dVonaYgFicO+PG
V1KsN8jT063IJnqUh2b3X/OgVMNjs/550Eht13fK0CHA7Ve9mfrBhdRw8ShbZoXg
Gh6LRr8EX11SykswtMxhKmTyy7hX7bUXgqnGJqw7ENY0G5TIl8LUZcpkNHxLHvCU
z9QvHIOjzmwHVYOI2gTzmS8ECyOU8quj5P6dngBWXLOWpiCdtlDD8/XZ1fElsEgr
7SmtsnqjsitTe2GGReVeRKalYZ9h
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:11:55 2025 by rpki-client