Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eHTVEocrFL3NQ0zGND4cVs9oUWY.roa
File: eHTVEocrFL3NQ0zGND4cVs9oUWY.roa (raw, json)
Hash identifier: 0gZO9sEZuFV7HbS/lBtHNURKPRkvRlnWLOuu5Ms3Jn4=
Subject key identifier: 78:74:D5:12:87:2B:14:BD:CD:43:4C:C6:34:3E:1C:56:CF:68:51:66
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019615D301B87495B5429A7F8B4B005469C1
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eHTVEocrFL3NQ0zGND4cVs9oUWY.roa
Signing time: Tue 08 Apr 2025 14:34:32 +0000
ROA not before: Tue 08 Apr 2025 14:34:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210110
IP address blocks: 31.25.88.0/23 maxlen: 24
37.123.192.0/21 maxlen: 24
82.115.30.0/23 maxlen: 24
185.148.12.0/22 maxlen: 24
185.212.60.0/22 maxlen: 24
185.217.108.0/22 maxlen: 24
185.218.4.0/22 maxlen: 24
212.107.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:d3:01:b8:74:95:b5:42:9a:7f:8b:4b:00:54:69:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 8 14:34:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7874d512872b14bdcd434cc6343e1c56cf685166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:88:9d:54:27:54:d7:5d:04:16:67:0b:5e:ba:
65:c7:40:fe:b5:06:1d:28:6b:3c:e5:61:5e:13:ca:
6b:85:78:e6:bb:47:39:95:8d:ae:38:52:e9:91:bb:
ce:5c:b9:18:f0:6a:c5:d2:67:28:91:6b:53:50:18:
e9:d5:5b:ac:76:56:13:eb:de:fa:8a:a2:d2:d3:bc:
55:7a:8c:23:a6:c4:34:be:98:02:1d:6f:53:4e:c5:
25:b6:87:1c:f2:d4:47:b0:38:76:42:bc:b6:ee:10:
ee:60:a7:03:bc:16:ab:a7:5f:ab:10:51:4d:04:a3:
17:bd:94:94:82:f8:8b:71:1c:0e:98:f7:df:c0:e0:
d2:07:ee:79:23:9c:a3:42:c7:2a:47:a7:29:25:e4:
ff:69:fc:48:7c:be:02:ad:6b:fb:84:a8:3b:48:a4:
8f:f2:b9:d4:b5:f9:50:40:d2:21:3f:b3:08:6c:94:
e6:d6:09:c0:9d:23:c7:f7:c9:c3:cc:a2:35:5a:84:
0d:c9:c5:db:2f:05:c5:ab:1f:56:ba:77:6f:c1:f0:
13:71:6f:9d:6a:e0:d2:92:9b:70:60:2b:a2:5b:96:
2c:27:4f:05:ea:12:53:d0:43:e4:83:c0:d4:b3:2b:
09:fb:24:79:fc:41:31:29:54:3a:7a:13:ef:30:47:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:74:D5:12:87:2B:14:BD:CD:43:4C:C6:34:3E:1C:56:CF:68:51:66
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/eHTVEocrFL3NQ0zGND4cVs9oUWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/23
37.123.192.0/21
82.115.30.0/23
185.148.12.0/22
185.212.60.0/22
185.217.108.0/22
185.218.4.0/22
212.107.28.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:ba:18:a1:ce:52:66:d5:9a:b8:8a:23:d8:2e:f9:5f:13:e4:
04:72:41:d0:98:a1:0d:24:9f:72:09:48:92:b5:43:9c:45:3f:
b6:b9:79:2a:49:a2:29:bc:b7:c6:a5:5d:51:1c:60:28:f1:c3:
d6:44:41:8f:ff:47:9f:18:61:52:67:c3:6b:b6:88:d8:96:9e:
06:47:c5:3f:59:25:80:5f:17:b1:dc:a6:4c:9a:de:5c:a5:d6:
17:67:08:2e:a3:24:2d:28:65:69:dd:1c:6e:b3:01:59:5a:8a:
04:6c:bc:31:f0:2f:1d:9f:4e:2d:ba:01:d0:f3:19:ce:72:22:
d4:68:7c:59:5a:27:84:cd:ec:3e:6c:ea:94:66:78:3e:c2:30:
ef:c4:f1:3e:cf:3c:a1:78:43:9e:4a:eb:e0:83:99:7e:be:35:
c6:02:c1:ba:be:77:db:27:08:87:1a:75:11:5b:c6:f3:05:05:
fd:86:6c:17:2c:e9:c4:33:cd:33:8f:79:68:8d:e1:99:84:6c:
94:96:74:1b:7c:6d:a9:df:cb:13:b5:0c:07:88:7b:53:a6:49:
06:9a:94:55:88:1a:48:5a:29:d5:c8:fd:73:b2:6a:cd:21:b0:
1d:a8:72:be:7b:17:6e:b4:a6:33:4d:c3:3a:f3:58:6e:b1:54:
f2:c4:e5:fa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZYV0wG4dJW1Qpp/i0sAVGnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDA4MTQzNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODc0ZDUxMjg3MmIxNGJkY2Q0MzRjYzYzNDNlMWM1NmNmNjg1MTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4idVCdU110EFmcLXrplx0D+tQYd
KGs85WFeE8prhXjmu0c5lY2uOFLpkbvOXLkY8GrF0mcokWtTUBjp1VusdlYT6976
iqLS07xVeowjpsQ0vpgCHW9TTsUltocc8tRHsDh2Qry27hDuYKcDvBarp1+rEFFN
BKMXvZSUgviLcRwOmPffwODSB+55I5yjQscqR6cpJeT/afxIfL4CrWv7hKg7SKSP
8rnUtflQQNIhP7MIbJTm1gnAnSPH98nDzKI1WoQNycXbLwXFqx9WundvwfATcW+d
auDSkptwYCuiW5YsJ08F6hJT0EPkg8DUsysJ+yR5/EExKVQ6ehPvMEfoPwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHh01RKHKxS9zUNMxjQ+HFbPaFFmMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZUhUVkVvY3JGTDNOUTB6R05ENGNWczlvVVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBHxlYAwQD
JXvAAwQBUnMeAwQCuZQMAwQCudQ8AwQCudlsAwQCudoEAwQC1GscMA0GCSqGSIb3
DQEBCwUAA4IBAQDRuhihzlJm1Zq4iiPYLvlfE+QEckHQmKENJJ9yCUiStUOcRT+2
uXkqSaIpvLfGpV1RHGAo8cPWREGP/0efGGFSZ8NrtojYlp4GR8U/WSWAXxex3KZM
mt5cpdYXZwguoyQtKGVp3RxuswFZWooEbLwx8C8dn04tugHQ8xnOciLUaHxZWieE
zew+bOqUZng+wjDvxPE+zzyheEOeSuvgg5l+vjXGAsG6vnfbJwiHGnURW8bzBQX9
hmwXLOnEM80zj3lojeGZhGyUlnQbfG2p38sTtQwHiHtTpkkGmpRViBpIWinVyP1z
smrNIbAdqHK+exdutKYzTcM681husVTyxOX6
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:04:06 2025 by rpki-client