Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0eAd7MtsJUVsUKgmYUamJnVBL_U.roa
File: 0eAd7MtsJUVsUKgmYUamJnVBL_U.roa (raw, json)
Hash identifier: pqhMukg3sJQ21+3eA2uinW3UnB59us7KKDzQ6VfWDFk=
Subject key identifier: D1:E0:1D:EC:CB:6C:25:45:6C:50:A8:26:61:46:A6:26:75:41:2F:F5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01965C285A475EBF812557FEDD0FA3445022
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0eAd7MtsJUVsUKgmYUamJnVBL_U.roa
Signing time: Tue 22 Apr 2025 06:21:10 +0000
ROA not before: Tue 22 Apr 2025 06:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205544
IP address blocks: 193.8.94.0/24 maxlen: 24
193.8.231.0/24 maxlen: 24
2a09:17c0:b19a::/48 maxlen: 48
2a09:17c7:fc3a::/48 maxlen: 48
2a0f:1200:d9::/48 maxlen: 48
2a0f:e1c0:3::/48 maxlen: 48
2a0f:e1c0:37a::/48 maxlen: 48
2a0f:e200:5::/48 maxlen: 48
2a0f:e200:25f::/48 maxlen: 48
2a0f:e207:fd38::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:e6c0:11c::/48 maxlen: 48
2a0f:e6c0:3af::/48 maxlen: 48
2a0f:e6c6:99::/48 maxlen: 48
2a0f:e7c7:fcd8::/48 maxlen: 48
2a0f:ea40:8::/48 maxlen: 48
2a0f:ea47:fc1d::/48 maxlen: 48
2a0f:ea47:ff49::/48 maxlen: 48
2a12:ecc0:3::/48 maxlen: 48
2a12:ecc0:4::/48 maxlen: 48
2a12:ecc0:66::/48 maxlen: 48
2a12:ecc0:188::/48 maxlen: 48
2a12:ecc0:316::/48 maxlen: 48
2a12:ecc0:34a::/48 maxlen: 48
2a13:18c6:44::/48 maxlen: 48
2a13:18c6:99::/48 maxlen: 48
2a13:8c82:2::/48 maxlen: 48
2a13:8c86:100::/48 maxlen: 48
2a13:8c86:140::/48 maxlen: 48
2a13:c900:22::/48 maxlen: 48
2a13:c900:66::/48 maxlen: 48
2a13:c900:110::/48 maxlen: 48
2a13:e102:2::/48 maxlen: 48
2a13:e107:29b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:28:5a:47:5e:bf:81:25:57:fe:dd:0f:a3:44:50:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 22 06:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1e01deccb6c25456c50a8266146a62675412ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:42:d3:1c:ed:5c:80:34:28:87:26:18:06:92:
46:67:d7:03:77:05:66:59:70:95:e2:c0:9e:eb:d4:
8e:27:2a:b9:2c:a3:9a:07:38:51:fd:0f:66:c0:42:
80:33:80:2f:98:6c:ee:94:df:74:96:ba:df:06:41:
33:a5:db:0c:5f:55:5b:64:c7:cd:4f:e9:f3:34:af:
77:0a:a4:eb:2c:97:99:3d:5d:38:bb:46:37:b2:e0:
76:83:c4:02:7b:89:ba:a7:a3:05:2b:36:98:b0:94:
c9:a6:20:6b:38:f5:83:16:ba:c0:de:13:cd:0e:43:
c5:02:69:e2:f6:19:07:41:36:58:bf:39:ee:d3:31:
30:ce:7d:b6:76:57:42:c8:c9:d5:79:c1:ff:61:aa:
6c:13:c5:e1:47:58:5d:40:e9:35:1a:44:f2:34:43:
43:45:ff:c6:80:b8:36:34:e3:cf:d4:b6:5e:5e:76:
7e:35:5d:64:a7:fe:46:99:71:1f:da:82:0d:5f:f7:
85:d3:a5:d0:07:e5:4d:6e:87:90:a2:34:20:34:a9:
08:60:8a:2e:9c:c7:5c:6a:0e:8c:ae:a0:4b:ea:57:
08:fa:9a:fa:f5:4d:68:8e:41:2b:72:b2:9a:e4:ae:
10:f3:2d:3c:cb:61:f0:59:8c:30:87:b9:20:e8:3f:
3f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E0:1D:EC:CB:6C:25:45:6C:50:A8:26:61:46:A6:26:75:41:2F:F5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0eAd7MtsJUVsUKgmYUamJnVBL_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.94.0/24
193.8.231.0/24
IPv6:
2a09:17c0:b19a::/48
2a09:17c7:fc3a::/48
2a0f:1200:d9::/48
2a0f:e1c0:3::/48
2a0f:e1c0:37a::/48
2a0f:e200:5::/48
2a0f:e200:25f::/48
2a0f:e207:fd38::/48
2a0f:e440::/29
2a0f:e6c0:11c::/48
2a0f:e6c0:3af::/48
2a0f:e6c6:99::/48
2a0f:e7c7:fcd8::/48
2a0f:ea40:8::/48
2a0f:ea47:fc1d::/48
2a0f:ea47:ff49::/48
2a12:ecc0:3::-2a12:ecc0:4:ffff:ffff:ffff:ffff:ffff
2a12:ecc0:66::/48
2a12:ecc0:188::/48
2a12:ecc0:316::/48
2a12:ecc0:34a::/48
2a13:18c6:44::/48
2a13:18c6:99::/48
2a13:8c82:2::/48
2a13:8c86:100::/48
2a13:8c86:140::/48
2a13:c900:22::/48
2a13:c900:66::/48
2a13:c900:110::/48
2a13:e102:2::/48
2a13:e107:29b::/48
Signature Algorithm: sha256WithRSAEncryption
15:d4:a6:8d:d6:11:e0:8a:2c:4c:98:a2:b4:4a:f8:4a:20:ff:
2c:49:e7:5b:cf:24:71:22:a4:62:c4:3d:9d:f8:7c:ce:0d:88:
27:48:81:c5:65:a5:68:9a:53:46:3c:37:e4:80:a9:91:50:6d:
31:14:1a:10:7f:39:07:0d:83:d2:5f:d9:a1:1a:d6:74:47:b5:
43:86:9b:00:39:57:98:ed:b2:c1:3f:3f:d0:6f:26:6a:34:2d:
08:24:3c:b6:d8:f5:d5:69:45:62:20:3c:7d:fe:b9:21:d8:23:
26:95:7f:cc:4c:f5:88:de:65:84:c9:3e:56:da:65:8e:23:f8:
10:db:5b:ca:91:62:68:8b:66:7c:2a:37:2c:14:b6:93:7d:59:
6f:4c:3a:81:27:11:fe:4c:0f:d8:b6:7f:d2:5b:5d:fe:96:de:
70:11:92:15:d6:d9:7a:27:ec:81:5e:a3:7a:7b:59:34:2d:f2:
30:ac:26:c3:95:5f:ee:d5:5a:94:d0:76:97:3e:76:e5:b0:bd:
77:02:bd:5a:c8:0a:16:21:48:05:11:00:45:55:29:c8:bf:63:
c0:5c:4e:c1:e1:d1:aa:d5:9d:29:58:c9:90:3e:11:5d:9f:99:
81:c7:ea:e2:d0:b6:c9:9e:96:61:e4:67:2c:f9:0f:1a:5b:d3:
51:02:49:b0
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAZZcKFpHXr+BJVf+3Q+jRFAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDIyMDYyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWUwMWRlY2NiNmMyNTQ1NmM1MGE4MjY2MTQ2YTYyNjc1NDEyZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvULTHO1cgDQohyYYBpJGZ9cDdwVm
WXCV4sCe69SOJyq5LKOaBzhR/Q9mwEKAM4AvmGzulN90lrrfBkEzpdsMX1VbZMfN
T+nzNK93CqTrLJeZPV04u0Y3suB2g8QCe4m6p6MFKzaYsJTJpiBrOPWDFrrA3hPN
DkPFAmni9hkHQTZYvznu0zEwzn22dldCyMnVecH/YapsE8XhR1hdQOk1GkTyNEND
Rf/GgLg2NOPP1LZeXnZ+NV1kp/5GmXEf2oINX/eF06XQB+VNboeQojQgNKkIYIou
nMdcag6MrqBL6lcI+pr69U1ojkErcrKa5K4Q8y08y2HwWYwwh7kg6D8/ewIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFNHgHezLbCVFbFCoJmFGpiZ1QS/1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMGVBZDdNdHNKVVZzVUtnbVlVYW1KblZCTF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDASBAIAATAMAwQA
wQheAwQAwQjnMIIBKAQCAAIwggEgAwcAKgkXwLGaAwcAKgkXx/w6AwcAKg8SAADZ
AwcAKg/hwAADAwcAKg/hwAN6AwcAKg/iAAAFAwcAKg/iAAJfAwcAKg/iB/04AwUD
Kg/kQAMHACoP5sABHAMHACoP5sADrwMHACoP5sYAmQMHACoP58f82AMHACoP6kAA
CAMHACoP6kf8HQMHACoP6kf/STASAwcAKhLswAADAwcAKhLswAAEAwcAKhLswABm
AwcAKhLswAGIAwcAKhLswAMWAwcAKhLswANKAwcAKhMYxgBEAwcAKhMYxgCZAwcA
KhOMggACAwcAKhOMhgEAAwcAKhOMhgFAAwcAKhPJAAAiAwcAKhPJAABmAwcAKhPJ
AAEQAwcAKhPhAgACAwcAKhPhBwKbMA0GCSqGSIb3DQEBCwUAA4IBAQAV1KaN1hHg
iixMmKK0SvhKIP8sSedbzyRxIqRixD2d+HzODYgnSIHFZaVomlNGPDfkgKmRUG0x
FBoQfzkHDYPSX9mhGtZ0R7VDhpsAOVeY7bLBPz/QbyZqNC0IJDy22PXVaUViIDx9
/rkh2CMmlX/MTPWI3mWEyT5W2mWOI/gQ21vKkWJoi2Z8KjcsFLaTfVlvTDqBJxH+
TA/Ytn/SW13+lt5wEZIV1tl6J+yBXqN6e1k0LfIwrCbDlV/u1VqU0HaXPnblsL13
Ar1ayAoWIUgFEQBFVSnIv2PAXE7B4dGq1Z0pWMmQPhFdn5mBx+ri0LbJnpZh5Gcs
+Q8aW9NRAkmw
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:20:14 2025 by rpki-client