Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/_mea20OFuYFsi2iTbTW6kjzayQ8.roa
File: _mea20OFuYFsi2iTbTW6kjzayQ8.roa (raw, json)
Hash identifier: 15vxvAMXVj8o1NZa+nAjbC1U25nrqGTHLYeckcnvDkE=
Subject key identifier: FE:67:9A:DB:43:85:B9:81:6C:8B:68:93:6D:35:BA:92:3C:DA:C9:0F
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01967133511FC274B17686848980339EC8A0
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/_mea20OFuYFsi2iTbTW6kjzayQ8.roa
Signing time: Sat 26 Apr 2025 08:25:10 +0000
ROA not before: Sat 26 Apr 2025 08:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60148
IP address blocks: 2.180.254.0/24 maxlen: 24
2.180.255.0/24 maxlen: 24
2.181.222.0/24 maxlen: 24
2.181.223.0/24 maxlen: 24
2.182.254.0/24 maxlen: 24
2.182.255.0/24 maxlen: 24
2.183.254.0/24 maxlen: 24
2.183.255.0/24 maxlen: 24
2.184.254.0/24 maxlen: 24
2.184.255.0/24 maxlen: 24
2.185.254.0/24 maxlen: 24
2.185.255.0/24 maxlen: 24
2.187.253.0/24 maxlen: 24
2.187.254.0/24 maxlen: 24
2.187.255.0/24 maxlen: 24
78.38.237.0/24 maxlen: 24
78.38.238.0/24 maxlen: 24
78.38.239.0/24 maxlen: 24
78.39.152.0/24 maxlen: 24
78.39.157.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
195.146.37.0/24 maxlen: 24
195.146.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:71:33:51:1f:c2:74:b1:76:86:84:89:80:33:9e:c8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 26 08:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe679adb4385b9816c8b68936d35ba923cdac90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2e:1f:70:d7:87:df:df:9d:8b:00:de:b1:42:
ba:7f:0f:e1:20:bb:6c:bd:8e:91:a1:80:c7:6c:b4:
4e:55:0b:90:fd:1e:ba:11:03:85:20:30:34:f4:7f:
9f:42:21:ed:cc:bc:c2:d0:51:ae:63:43:c3:c2:e9:
4c:43:9d:b4:ce:28:25:07:c0:0e:e4:10:11:96:26:
2f:4d:3c:48:be:8e:1f:41:ef:f0:11:df:25:f7:f6:
c1:7c:f6:7d:aa:31:4d:cc:05:a1:80:7d:85:63:50:
05:76:aa:b9:81:52:73:d3:60:e4:1d:7c:0d:a7:0f:
69:ed:b5:d3:3f:ef:b0:01:99:fd:3e:36:de:8d:6a:
40:a3:1c:f5:55:ab:5c:e1:56:7f:19:ef:f7:f4:8d:
d8:22:e5:ce:d9:d5:76:8a:d3:b9:92:04:d3:e6:c0:
9a:a0:d2:41:21:f8:88:12:1e:1b:52:2a:10:6c:35:
e9:8d:57:ad:91:de:bf:62:81:e3:51:e5:8c:d3:a9:
03:72:51:4c:6f:31:10:ee:90:41:23:e7:c7:69:d8:
58:3f:ad:16:1f:bf:d9:55:5e:b1:b0:8b:58:8c:03:
13:85:cb:9e:32:37:59:5e:27:80:94:fa:50:b9:59:
f9:3d:aa:2d:da:af:8d:ba:75:b0:64:8d:0e:87:29:
5c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:67:9A:DB:43:85:B9:81:6C:8B:68:93:6D:35:BA:92:3C:DA:C9:0F
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/_mea20OFuYFsi2iTbTW6kjzayQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.180.254.0/23
2.181.222.0/23
2.182.254.0/23
2.183.254.0/23
2.184.254.0/23
2.185.254.0/23
2.187.253.0-2.187.255.255
78.38.237.0-78.38.239.255
78.39.152.0/24
78.39.157.0/24
80.191.56.0/24
195.146.37.0/24
195.146.59.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ad:bb:b7:c7:50:1c:bf:9c:01:0e:15:28:2f:d4:0b:06:87:
74:7d:2a:00:f4:b3:cf:4e:43:81:1a:5f:f6:2e:88:aa:73:71:
c4:d0:90:ec:19:6b:f1:e0:7d:5d:69:3f:2b:c7:f5:25:1a:a4:
1e:b8:7e:6c:64:20:3f:3e:7b:04:11:20:df:57:b2:30:74:f2:
af:46:0c:98:e0:cd:93:a8:8c:be:88:fa:a8:62:20:61:d5:68:
48:e5:21:a9:0f:92:40:82:c6:78:42:40:05:4c:a8:84:46:c4:
be:a3:52:ec:a6:61:08:53:19:6a:73:85:8b:75:8f:69:74:45:
f7:ad:43:a3:9d:aa:39:28:d3:c0:9d:27:91:71:5d:29:10:e2:
ff:24:07:03:bc:66:46:1a:5d:22:b8:a7:19:4e:b9:be:75:3a:
85:cc:d2:36:1b:fc:54:03:6f:94:5d:0c:74:d9:63:74:c5:96:
f8:54:aa:ea:9d:ad:af:29:60:9e:a4:c1:20:d4:18:49:bd:33:
be:bc:41:99:b9:de:ac:cd:b7:08:11:7f:b2:e0:f3:8b:c5:7f:
ee:f5:d7:d0:1f:1f:9c:9a:fb:9f:2d:0d:b0:0d:a6:14:88:14:
ef:b6:23:cc:91:cf:9f:22:68:13:3d:55:28:3d:3c:fa:1f:11:
a6:ce:f0:db
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZZxM1EfwnSxdoaEiYAznsigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwNDI2MDgyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY3OWFkYjQzODViOTgxNmM4YjY4OTM2ZDM1YmE5MjNjZGFjOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC4fcNeH39+diwDesUK6fw/hILts
vY6RoYDHbLROVQuQ/R66EQOFIDA09H+fQiHtzLzC0FGuY0PDwulMQ520ziglB8AO
5BARliYvTTxIvo4fQe/wEd8l9/bBfPZ9qjFNzAWhgH2FY1AFdqq5gVJz02DkHXwN
pw9p7bXTP++wAZn9PjbejWpAoxz1Vatc4VZ/Ge/39I3YIuXO2dV2itO5kgTT5sCa
oNJBIfiIEh4bUioQbDXpjVetkd6/YoHjUeWM06kDclFMbzEQ7pBBI+fHadhYP60W
H7/ZVV6xsItYjAMThcueMjdZXieAlPpQuVn5Paot2q+NunWwZI0OhylctwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFP5nmttDhbmBbItok201upI82skPMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvX21lYTIwT0Z1WUZzaTJpVGJUVzZranpheVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdAwQBArT+AwQB
ArXeAwQBArb+AwQBArf+AwQBArj+AwQBArn+MAsDBAACu/0DAwICuDAMAwQATibt
AwQETibgAwQATieYAwQATiedAwQAUL84AwQAw5IlAwQAw5I7MA0GCSqGSIb3DQEB
CwUAA4IBAQCGrbu3x1Acv5wBDhUoL9QLBod0fSoA9LPPTkOBGl/2Loiqc3HE0JDs
GWvx4H1daT8rx/UlGqQeuH5sZCA/PnsEESDfV7IwdPKvRgyY4M2TqIy+iPqoYiBh
1WhI5SGpD5JAgsZ4QkAFTKiERsS+o1LspmEIUxlqc4WLdY9pdEX3rUOjnao5KNPA
nSeRcV0pEOL/JAcDvGZGGl0iuKcZTrm+dTqFzNI2G/xUA2+UXQx02WN0xZb4VKrq
na2vKWCepMEg1BhJvTO+vEGZud6szbcIEX+y4POLxX/u9dfQHx+cmvufLQ2wDaYU
iBTvtiPMkc+fImgTPVUoPTz6HxGmzvDb
-----END CERTIFICATE-----
Generated at Thu May 1 11:11:59 2025 by rpki-client