Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/r6YMNoisjNaAt0khRnIlPi3mqBo.roa
File: r6YMNoisjNaAt0khRnIlPi3mqBo.roa (raw, json)
Hash identifier: 1yiN7DrtF+TnYfAySu5q44+/R1pfv1PSSR2+xY4S8yQ=
Subject key identifier: AF:A6:0C:36:88:AC:8C:D6:80:B7:49:21:46:72:25:3E:2D:E6:A8:1A
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0194E7BA18F37CDA7C6EA0039A14CCC035F2
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/r6YMNoisjNaAt0khRnIlPi3mqBo.roa
Signing time: Sat 08 Feb 2025 22:42:00 +0000
ROA not before: Sat 08 Feb 2025 22:42:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 45.43.92.0/24 maxlen: 24
94.177.4.0/24 maxlen: 24
113.20.156.0/24 maxlen: 24
113.20.159.0/24 maxlen: 24
155.254.35.0/24 maxlen: 24
198.105.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e7:ba:18:f3:7c:da:7c:6e:a0:03:9a:14:cc:c0:35:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Feb 8 22:42:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afa60c3688ac8cd680b749214672253e2de6a81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e2:21:8b:4b:62:44:04:b7:38:96:59:3b:16:
4b:c9:2f:e1:e8:f9:b1:37:05:65:78:a3:11:fd:c2:
0d:c3:35:8a:45:59:03:6d:70:95:eb:75:7e:28:11:
1e:67:5b:54:67:84:b1:fa:c2:69:d9:23:68:77:da:
c1:77:30:fe:df:1c:c7:a4:d8:86:64:5a:cb:b6:76:
6d:82:da:22:38:2d:99:ed:f9:41:5e:1f:46:33:6b:
e2:ae:e2:7d:78:bb:9f:02:e3:33:11:71:5e:e2:d6:
ee:ca:51:7a:d6:68:5b:46:50:1f:2b:bc:e9:fd:28:
ab:e9:30:f5:de:f4:b4:6c:7a:f4:b2:97:f6:e7:07:
39:4b:e2:4f:4a:6c:b1:4a:08:9f:ec:36:4c:b6:d5:
03:bf:bb:ce:b1:ed:a6:9e:27:c0:42:72:55:8d:98:
86:24:84:7e:0f:0a:9d:07:a9:2c:51:f9:d4:f4:e8:
19:9b:36:69:51:86:fd:fd:0c:91:d4:1e:70:6a:b8:
10:99:ef:9c:f6:8b:b8:d3:9c:68:c1:46:1f:b3:1a:
02:f8:74:13:d7:6c:be:52:d6:fa:98:36:67:31:0c:
41:b7:7c:27:71:47:97:17:d1:f5:f2:ff:2d:87:4d:
c7:19:09:72:95:9e:e7:90:98:18:c3:c5:53:26:ed:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:0C:36:88:AC:8C:D6:80:B7:49:21:46:72:25:3E:2D:E6:A8:1A
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/r6YMNoisjNaAt0khRnIlPi3mqBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.92.0/24
94.177.4.0/24
113.20.156.0/24
113.20.159.0/24
155.254.35.0/24
198.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
03:b7:61:4e:92:a0:01:d7:e1:19:83:a4:8e:c5:ea:1a:87:7e:
60:1a:b4:05:6b:48:b3:38:23:98:a2:6f:8c:2f:00:72:34:d8:
a7:ee:fe:9b:0e:8d:5a:d7:59:f6:8d:c9:76:df:d0:ce:02:04:
7f:2e:8e:b7:b6:00:77:c3:8b:8b:8c:7b:0c:a0:b2:49:44:af:
4c:ce:f8:55:6e:36:1c:41:e0:52:6d:07:0e:f7:0e:6c:fd:96:
0e:75:99:c2:8e:eb:3c:4f:6c:a4:48:d9:50:85:bd:7d:52:a0:
b3:3e:3d:f4:64:ac:e6:5a:df:68:12:1b:a7:93:64:69:80:53:
1a:de:9e:6e:4e:72:17:ad:f7:38:67:76:1b:94:c6:51:e6:35:
af:b9:46:b9:c7:c9:5e:a9:48:db:2d:42:e4:ef:5f:8f:4a:a6:
50:72:c0:59:38:d7:1e:8b:ab:07:1a:ed:3b:c5:70:6a:63:43:
a7:36:36:ac:5c:e9:64:73:f8:0a:f9:dd:90:11:69:13:f7:97:
bc:5f:53:bb:81:e4:cb:a2:4f:c0:36:b4:e6:ab:ec:8f:db:ba:
aa:26:ed:02:a2:dc:0a:0d:14:2e:76:63:8b:dd:a7:f6:39:7e:
08:01:ae:35:b5:49:0a:c1:a0:aa:b5:4e:b5:91:54:61:cd:6f:
9a:55:ed:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZTnuhjzfNp8bqADmhTMwDXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMjA4MjI0MjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE2MGMzNjg4YWM4Y2Q2ODBiNzQ5MjE0NjcyMjUzZTJkZTZhODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OIhi0tiRAS3OJZZOxZLyS/h6Pmx
NwVleKMR/cINwzWKRVkDbXCV63V+KBEeZ1tUZ4Sx+sJp2SNod9rBdzD+3xzHpNiG
ZFrLtnZtgtoiOC2Z7flBXh9GM2viruJ9eLufAuMzEXFe4tbuylF61mhbRlAfK7zp
/Sir6TD13vS0bHr0spf25wc5S+JPSmyxSgif7DZMttUDv7vOse2mnifAQnJVjZiG
JIR+DwqdB6ksUfnU9OgZmzZpUYb9/QyR1B5wargQme+c9ou405xowUYfsxoC+HQT
12y+Utb6mDZnMQxBt3wncUeXF9H18v8th03HGQlylZ7nkJgYw8VTJu2qvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK+mDDaIrIzWgLdJIUZyJT4t5qgaMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvcjZZTU5vaXNqTmFBdDBraFJuSWxQaTNtcUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALStcAwQA
XrEEAwQAcRScAwQAcRSfAwQAm/4jAwQAxml7MA0GCSqGSIb3DQEBCwUAA4IBAQAD
t2FOkqAB1+EZg6SOxeoah35gGrQFa0izOCOYom+MLwByNNin7v6bDo1a11n2jcl2
39DOAgR/Lo63tgB3w4uLjHsMoLJJRK9MzvhVbjYcQeBSbQcO9w5s/ZYOdZnCjus8
T2ykSNlQhb19UqCzPj30ZKzmWt9oEhunk2RpgFMa3p5uTnIXrfc4Z3YblMZR5jWv
uUa5x8leqUjbLULk71+PSqZQcsBZONcei6sHGu07xXBqY0OnNjasXOlkc/gK+d2Q
EWkT95e8X1O7geTLok/ANrTmq+yP27qqJu0CotwKDRQudmOL3af2OX4IAa41tUkK
waCqtU61kVRhzW+aVe3Q
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:24 2025 by rpki-client