Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/EEaNcgsaMR5H4thhS3cGx36KL_o.roa
File: EEaNcgsaMR5H4thhS3cGx36KL_o.roa (raw, json)
Hash identifier: vkGJSlE6cWd0O4qs1ZUPczrNu5F/ToV9OcI6aqWoEJI=
Subject key identifier: 10:46:8D:72:0B:1A:31:1E:47:E2:D8:61:4B:77:06:C7:7E:8A:2F:FA
Certificate issuer: /CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Certificate serial: 0196B46AA7AC523921DD296021BFD87D5161
Authority key identifier: C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/EEaNcgsaMR5H4thhS3cGx36KL_o.roa
Signing time: Fri 09 May 2025 09:40:10 +0000
ROA not before: Fri 09 May 2025 09:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57069
IP address blocks: 89.22.64.0/19 maxlen: 19
89.22.64.0/24 maxlen: 24
89.22.66.0/23 maxlen: 23
89.22.68.0/22 maxlen: 22
89.22.72.0/21 maxlen: 21
89.22.82.0/24 maxlen: 24
89.22.83.0/24 maxlen: 24
89.22.84.0/22 maxlen: 22
89.22.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 18:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:6a:a7:ac:52:39:21:dd:29:60:21:bf:d8:7d:51:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Validity
Not Before: May 9 09:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10468d720b1a311e47e2d8614b7706c77e8a2ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ac:a9:87:42:34:93:18:f4:d0:3b:93:e3:22:
3a:3c:c8:82:18:51:9d:a0:6a:51:9e:c5:cf:d2:26:
b5:65:60:b9:cf:c5:04:e6:28:b1:ae:34:e4:c1:87:
2d:d9:30:e5:6d:a6:c6:5d:67:fb:b4:6c:60:64:ad:
56:33:21:06:a7:05:53:19:e8:af:ec:e9:66:6b:0f:
20:1b:76:85:5a:25:c1:6d:ee:93:05:01:7a:c7:d1:
74:81:15:ea:81:9f:49:94:91:09:94:c9:4e:dc:65:
22:23:bb:b9:8c:24:8e:34:a9:84:ab:72:f6:46:f5:
77:f2:2d:08:03:68:a2:95:6b:76:cd:53:40:f8:2d:
6e:60:98:95:bc:4f:d7:e8:39:f7:bc:bc:60:3b:cc:
c7:99:ce:95:3e:a9:ec:19:f7:08:9b:50:aa:2d:59:
9c:be:44:fd:66:17:bc:9b:3a:93:34:88:89:05:d0:
15:5c:76:d3:04:a0:74:36:69:e7:a9:5b:44:9d:66:
91:c1:69:7f:a3:ff:2c:c9:cd:11:41:ca:06:58:a1:
08:57:ed:38:ef:6e:45:d0:fd:e6:99:50:34:a9:49:
3f:ac:29:0f:1a:f4:43:c9:c7:2c:00:74:ca:b5:f3:
a9:46:3c:e5:65:31:13:10:55:db:f5:8a:63:29:0f:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:46:8D:72:0B:1A:31:1E:47:E2:D8:61:4B:77:06:C7:7E:8A:2F:FA
X509v3 Authority Key Identifier:
keyid:C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/EEaNcgsaMR5H4thhS3cGx36KL_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.64.0/19
Signature Algorithm: sha256WithRSAEncryption
36:37:65:ab:62:a4:49:80:c5:88:6e:d1:90:d9:a1:03:67:fb:
ca:11:c4:ad:e2:df:95:28:63:c2:d1:37:78:1f:9e:b8:24:be:
41:2c:f5:17:32:a0:6e:8d:fd:41:3b:23:20:25:d6:33:49:d2:
99:e2:a0:ad:22:91:ba:4d:51:7f:63:74:7f:ca:9d:cc:ac:0a:
4d:75:85:12:cb:5d:15:f1:14:28:7e:52:9c:38:32:ba:51:17:
44:be:3b:c1:4e:de:3f:59:90:5f:50:91:0d:60:8c:91:29:ca:
7a:ad:8b:e8:5a:df:28:cf:69:84:78:10:8e:5d:f0:be:5c:eb:
b5:93:86:f0:f9:3b:c7:1b:7e:01:73:f1:b1:3d:a1:5d:5c:ea:
42:f8:90:f4:41:25:ef:f2:bc:f1:20:76:42:ca:df:47:17:5f:
de:ac:ce:f1:40:15:87:c4:43:11:db:22:90:4b:91:fc:e6:a1:
80:4b:e5:0f:81:37:e6:bf:5d:33:2a:44:20:6b:ff:53:a8:89:
6f:94:04:13:ee:84:df:af:c7:7d:fb:a4:98:f5:3e:0e:3c:8e:
d1:6e:a7:4a:19:9b:2b:e3:68:b1:63:55:08:b9:e8:df:25:fd:
6a:24:37:5b:92:88:7c:b2:ce:60:b9:b0:16:3b:99:e0:37:02:
d8:c5:bc:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZa0aqesUjkh3SlgIb/YfVFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Y2MwMmY4ZmE3NGNmMGRhODFlOGNlMjk0M2VhN2Y5ZWQy
YTg1ZjQwHhcNMjUwNTA5MDk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDQ2OGQ3MjBiMWEzMTFlNDdlMmQ4NjE0Yjc3MDZjNzdlOGEyZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKyph0I0kxj00DuT4yI6PMiCGFGd
oGpRnsXP0ia1ZWC5z8UE5iixrjTkwYct2TDlbabGXWf7tGxgZK1WMyEGpwVTGeiv
7Olmaw8gG3aFWiXBbe6TBQF6x9F0gRXqgZ9JlJEJlMlO3GUiI7u5jCSONKmEq3L2
RvV38i0IA2iilWt2zVNA+C1uYJiVvE/X6Dn3vLxgO8zHmc6VPqnsGfcIm1CqLVmc
vkT9Zhe8mzqTNIiJBdAVXHbTBKB0NmnnqVtEnWaRwWl/o/8syc0RQcoGWKEIV+04
725F0P3mmVA0qUk/rCkPGvRDyccsAHTKtfOpRjzlZTETEFXb9YpjKQ+btQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBGjXILGjEeR+LYYUt3Bsd+ii/6MB8GA1UdIwQY
MBaAFMTMAvj6dM8NqB6M4pQ+p/ntKoX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTIt
MjE5ZTc5ZDg0ZTQzLzEvRUVhTmNnc2FNUjVINHRoaFMzY0d4MzZLTF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTItMjE5ZTc5ZDg0ZTQz
LzEveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWRZAMA0G
CSqGSIb3DQEBCwUAA4IBAQA2N2WrYqRJgMWIbtGQ2aEDZ/vKEcSt4t+VKGPC0Td4
H564JL5BLPUXMqBujf1BOyMgJdYzSdKZ4qCtIpG6TVF/Y3R/yp3MrApNdYUSy10V
8RQoflKcODK6URdEvjvBTt4/WZBfUJENYIyRKcp6rYvoWt8oz2mEeBCOXfC+XOu1
k4bw+TvHG34Bc/GxPaFdXOpC+JD0QSXv8rzxIHZCyt9HF1/erM7xQBWHxEMR2yKQ
S5H85qGAS+UPgTfmv10zKkQga/9TqIlvlAQT7oTfr8d9+6SY9T4OPI7RbqdKGZsr
42ixY1UIuejfJf1qJDdbkoh8ss5gubAWO5ngNwLYxbwE
-----END CERTIFICATE-----
Generated at Sat May 10 04:55:38 2025 by rpki-client