Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/dbK-R91ZSUb0vmB9yu9XwDJ_RDw.roa
File: dbK-R91ZSUb0vmB9yu9XwDJ_RDw.roa (raw, json)
Hash identifier: YNxHBvfEGT+DFTrI9P9oVpm7y0mnqXQpEkbudzfn+nA=
Subject key identifier: 75:B2:BE:47:DD:59:49:46:F4:BE:60:7D:CA:EF:57:C0:32:7F:44:3C
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0194228DA0EFE905DAA193C36F60B7232375
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/dbK-R91ZSUb0vmB9yu9XwDJ_RDw.roa
Signing time: Wed 01 Jan 2025 15:48:14 +0000
ROA not before: Wed 01 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211057
IP address blocks: 46.253.88.0/23 maxlen: 23
46.253.88.0/24 maxlen: 24
46.253.91.0/24 maxlen: 24
46.253.92.0/24 maxlen: 24
185.21.120.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.71.140.0/22 maxlen: 22
185.71.140.0/23 maxlen: 23
185.71.140.0/24 maxlen: 24
185.71.140.0/25 maxlen: 25
185.71.140.128/25 maxlen: 25
185.71.141.0/24 maxlen: 24
185.71.141.0/25 maxlen: 25
185.71.141.128/25 maxlen: 25
185.71.142.0/24 maxlen: 24
185.71.142.0/25 maxlen: 25
185.71.142.128/25 maxlen: 25
185.71.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:a0:ef:e9:05:da:a1:93:c3:6f:60:b7:23:23:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jan 1 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75b2be47dd594946f4be607dcaef57c0327f443c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:98:54:c5:71:17:24:1a:81:fc:bf:45:de:72:
39:72:93:98:36:a7:a5:90:6c:c4:a2:3b:7c:d7:c6:
67:88:73:44:fc:de:b6:8e:65:be:30:39:d4:94:36:
f1:90:67:2e:64:10:19:9f:3d:b8:a4:52:52:fa:e1:
8f:29:35:5d:8f:42:fd:fd:4d:7c:5b:d1:50:e2:da:
bc:78:e3:aa:43:cc:b3:f0:0c:c2:09:e2:77:84:58:
f0:a2:a7:54:c7:8d:4f:ca:7f:f6:81:7c:f6:8a:bc:
58:57:db:6d:e7:5f:86:09:9d:b5:fd:03:0c:d5:df:
1d:25:67:97:0d:42:53:ce:e1:23:0d:45:28:8b:fd:
c0:b7:75:a2:21:0b:86:7a:4f:41:ee:4d:8d:b1:28:
c1:f0:38:51:db:14:c8:32:b2:27:f9:b5:92:b8:56:
87:77:c9:cb:95:35:15:b8:0f:fc:2f:8c:7c:ef:d6:
2b:ab:9b:cc:a9:49:bd:f0:7e:e0:5e:65:14:9d:ff:
86:0e:e2:b1:41:d3:00:77:ae:fe:ef:a2:28:88:f3:
9d:6f:c1:0f:a8:dd:8f:e8:d3:95:97:00:55:6c:c6:
86:d5:72:8a:e7:cc:e4:44:00:d1:bd:a2:bc:f5:61:
b1:d3:3c:d7:0e:d6:14:02:ca:df:c4:cc:98:a4:1d:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B2:BE:47:DD:59:49:46:F4:BE:60:7D:CA:EF:57:C0:32:7F:44:3C
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/dbK-R91ZSUb0vmB9yu9XwDJ_RDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.88.0/23
46.253.91.0-46.253.92.255
185.21.120.0/22
185.71.140.0/22
Signature Algorithm: sha256WithRSAEncryption
50:32:0e:51:0d:38:6d:d6:e7:e5:1f:ad:a9:b6:77:96:1c:2f:
e8:ba:98:d9:69:f1:6a:c7:9b:7e:e2:c8:48:ce:5c:4f:99:77:
b5:f9:6c:00:de:00:fe:9a:89:ac:02:dd:3f:6e:12:99:da:cf:
2b:57:8e:79:c6:ad:23:6f:1b:4b:7f:a2:01:de:5b:5a:42:7f:
ad:ad:89:c0:27:b6:32:3f:75:ac:3b:50:a1:1d:0e:ec:b9:24:
15:7b:5e:97:40:d1:ac:14:f7:f4:73:dd:8f:4c:cf:d0:6b:ed:
ff:d0:9b:53:1d:c8:6f:ba:38:47:05:33:81:fa:e1:90:2f:4b:
d5:02:cb:e7:97:5a:be:2e:98:ec:67:bb:85:6e:b3:82:8c:e8:
47:4f:d6:7c:16:95:71:75:df:aa:19:c7:8b:62:48:8b:7b:73:
d5:e5:7c:ba:3f:44:dc:96:bf:6f:98:57:fd:6e:41:cd:b1:f3:
b7:7e:e1:15:91:55:a6:23:34:f8:4d:9e:d3:18:3d:48:c7:88:
9c:8b:a9:ce:ba:48:b1:83:2b:81:f8:f3:8e:1b:03:34:f4:a7:
9d:5a:d1:c9:32:2a:70:1e:fb:25:f0:1e:a9:73:7c:e4:83:0f:
d2:93:98:27:01:9f:15:0d:bc:5c:47:8c:78:cc:f3:39:12:5d:
4e:c0:ce:9f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQijaDv6QXaoZPDb2C3IyN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjUwMTAxMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIyYmU0N2RkNTk0OTQ2ZjRiZTYwN2RjYWVmNTdjMDMyN2Y0NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5hUxXEXJBqB/L9F3nI5cpOYNqel
kGzEojt818ZniHNE/N62jmW+MDnUlDbxkGcuZBAZnz24pFJS+uGPKTVdj0L9/U18
W9FQ4tq8eOOqQ8yz8AzCCeJ3hFjwoqdUx41Pyn/2gXz2irxYV9tt51+GCZ21/QMM
1d8dJWeXDUJTzuEjDUUoi/3At3WiIQuGek9B7k2NsSjB8DhR2xTIMrIn+bWSuFaH
d8nLlTUVuA/8L4x879Yrq5vMqUm98H7gXmUUnf+GDuKxQdMAd67+76IoiPOdb8EP
qN2P6NOVlwBVbMaG1XKK58zkRADRvaK89WGx0zzXDtYUAsrfxMyYpB3wcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHWyvkfdWUlG9L5gfcrvV8Ayf0Q8MB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvZGJLLVI5MVpTVWIwdm1COXl1OVh3REpfUkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLv1YMAwD
BAAu/VsDBAAu/VwDBAK5FXgDBAK5R4wwDQYJKoZIhvcNAQELBQADggEBAFAyDlEN
OG3W5+Ufram2d5YcL+i6mNlp8WrHm37iyEjOXE+Zd7X5bADeAP6aiawC3T9uEpna
zytXjnnGrSNvG0t/ogHeW1pCf62ticAntjI/daw7UKEdDuy5JBV7XpdA0awU9/Rz
3Y9Mz9Br7f/Qm1MdyG+6OEcFM4H64ZAvS9UCy+eXWr4umOxnu4Vus4KM6EdP1nwW
lXF136oZx4tiSIt7c9XlfLo/RNyWv2+YV/1uQc2x87d+4RWRVaYjNPhNntMYPUjH
iJyLqc66SLGDK4H4844bAzT0p51a0ckyKnAe+yXwHqlzfOSDD9KTmCcBnxUNvFxH
jHjM8zkSXU7Azp8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:25 2025 by rpki-client