Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa
File: 1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa (raw, json)
Hash identifier: htWKauGvhiwmC3uhHI9F9baGTADLWNpjXIog5aUAkzA=
Subject key identifier: D4:8C:B1:07:5E:3F:42:42:EC:BE:62:D1:C7:78:FE:DD:AE:99:8E:4E
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0194282555CE728311F5A01422314FDE3952
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa
Signing time: Thu 02 Jan 2025 17:52:02 +0000
ROA not before: Thu 02 Jan 2025 17:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1273
IP address blocks: 46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
46.190.137.0/24 maxlen: 24
46.190.254.0/24 maxlen: 24
62.213.128.0/23 maxlen: 24
62.213.156.0/22 maxlen: 24
85.205.0.0/16 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:55:ce:72:83:11:f5:a0:14:22:31:4f:de:39:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 17:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d48cb1075e3f4242ecbe62d1c778feddae998e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1e:ca:db:b6:28:d3:98:04:c9:62:32:64:2d:
54:44:45:7d:d2:ae:e7:3c:bc:c8:4a:c1:f0:31:48:
8b:ba:f4:e5:f9:02:24:04:a5:83:5a:a9:21:13:67:
8d:d9:d3:7b:10:3c:78:e3:f8:a7:9b:d5:6e:ab:d8:
66:60:ef:5d:b3:6c:d2:2a:85:6e:f6:25:94:c2:66:
66:32:07:b9:ff:d0:4d:3e:55:b7:98:33:b8:ef:69:
f3:5e:43:c4:78:56:0e:ab:fb:82:50:40:e0:0b:e8:
e3:01:36:4f:32:a0:a3:52:b5:65:02:63:e2:0c:82:
0e:d3:91:39:6f:30:c6:e1:0e:b6:e2:a3:ae:b1:9e:
af:58:ae:65:24:80:73:dc:91:39:d0:c8:da:fe:a1:
47:9c:cb:26:68:32:c0:02:1c:7c:c4:62:3b:2b:3c:
14:0b:7f:e3:32:d2:bd:c4:f9:85:f8:c3:bd:2a:b8:
78:02:54:69:35:00:84:7e:74:42:2b:19:bd:cf:e5:
92:13:35:25:c7:20:38:57:e9:c9:88:97:2f:a9:c5:
68:87:d9:4d:fb:18:15:99:0c:37:39:ac:cd:39:8a:
a6:bc:e5:a5:7f:97:de:10:9e:cb:a3:d6:a9:fe:a8:
f2:a8:ae:6f:33:be:f9:6f:23:98:6e:5e:2a:bd:1c:
89:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8C:B1:07:5E:3F:42:42:EC:BE:62:D1:C7:78:FE:DD:AE:99:8E:4E
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1IyxB14_QkLsvmLRx3j-3a6Zjk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.108.0.0/16
46.190.128.0/17
62.213.128.0/23
62.213.156.0/22
85.205.0.0/16
139.47.192.0/18
195.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:7a:55:d1:30:33:37:b1:f6:68:d8:63:a1:ca:00:2c:a8:25:
60:5b:d6:26:a0:f0:62:58:9b:8d:c8:2c:ba:9c:bd:9b:e9:1f:
2c:75:e5:d3:30:1e:e9:98:17:fe:32:43:32:cf:bb:e1:13:59:
27:9d:6d:4c:94:79:a0:a9:a1:01:7b:f6:10:d1:e3:3d:f6:58:
4c:74:29:bd:b5:b0:70:08:83:4b:58:45:72:d2:b9:d9:06:5d:
59:e0:dc:50:33:48:55:d3:a0:d2:3b:8b:9d:71:c3:ac:53:29:
63:94:af:e3:22:f5:cd:55:48:31:35:10:c9:f9:77:94:9c:57:
a3:0a:51:9f:e3:bf:a8:1d:b1:f6:71:2a:6a:4d:d8:26:54:1f:
6a:1a:c9:77:c2:07:b8:b1:0c:72:0a:d1:07:33:76:c3:f1:b8:
c9:58:15:86:c6:1b:08:8b:02:13:9c:3d:49:bc:93:0e:3d:36:
ad:ae:9b:1c:39:c2:59:64:26:04:c1:eb:7b:b0:3c:c2:eb:fc:
17:89:96:ad:ed:32:d6:b6:e3:03:2f:b4:e7:c0:0c:c2:ef:6a:
fd:71:c8:f7:ac:d8:ee:62:b2:28:32:a8:8d:61:15:c3:3d:48:
9f:7a:32:a1:89:88:f3:4b:ff:34:d7:87:a5:f0:60:37:c9:1e:
0c:44:8e:02
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoJVXOcoMR9aAUIjFP3jlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTAyMTc1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhjYjEwNzVlM2Y0MjQyZWNiZTYyZDFjNzc4ZmVkZGFlOTk4ZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB7K27Yo05gEyWIyZC1UREV90q7n
PLzISsHwMUiLuvTl+QIkBKWDWqkhE2eN2dN7EDx44/inm9Vuq9hmYO9ds2zSKoVu
9iWUwmZmMge5/9BNPlW3mDO472nzXkPEeFYOq/uCUEDgC+jjATZPMqCjUrVlAmPi
DIIO05E5bzDG4Q624qOusZ6vWK5lJIBz3JE50Mja/qFHnMsmaDLAAhx8xGI7KzwU
C3/jMtK9xPmF+MO9Krh4AlRpNQCEfnRCKxm9z+WSEzUlxyA4V+nJiJcvqcVoh9lN
+xgVmQw3OazNOYqmvOWlf5feEJ7Lo9ap/qjyqK5vM775byOYbl4qvRyJlwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNSMsQdeP0JC7L5i0cd4/t2umY5OMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvMUl5eEIxNF9Ra0xzdm1MUngzai0zYTZaams0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMALmwDBAcu
voADBAE+1YADBAI+1ZwDAwBVzQMEBosvwAMDAMPpMA0GCSqGSIb3DQEBCwUAA4IB
AQAnelXRMDM3sfZo2GOhygAsqCVgW9YmoPBiWJuNyCy6nL2b6R8sdeXTMB7pmBf+
MkMyz7vhE1knnW1MlHmgqaEBe/YQ0eM99lhMdCm9tbBwCINLWEVy0rnZBl1Z4NxQ
M0hV06DSO4udccOsUyljlK/jIvXNVUgxNRDJ+XeUnFejClGf47+oHbH2cSpqTdgm
VB9qGsl3wge4sQxyCtEHM3bD8bjJWBWGxhsIiwITnD1JvJMOPTatrpscOcJZZCYE
wet7sDzC6/wXiZat7TLWtuMDL7TnwAzC72r9ccj3rNjuYrIoMqiNYRXDPUifejKh
iYjzS/8014el8GA3yR4MRI4C
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:16:16 2025 by rpki-client