Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ScwFXX2rYjT7naQciVMaotJ-UfM.roa
File: ScwFXX2rYjT7naQciVMaotJ-UfM.roa (raw, json)
Hash identifier: X8Vp96ZEvVObF+OkcOx9P04g9HBNU6my6Pc/b9LR72Y=
Subject key identifier: 49:CC:05:5D:7D:AB:62:34:FB:9D:A4:1C:89:53:1A:A2:D2:7E:51:F3
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 0194244580A8E13C41F16BB18B64E1D9D60E
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ScwFXX2rYjT7naQciVMaotJ-UfM.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 2.56.44.0/23 maxlen: 23
2.56.46.0/23 maxlen: 23
5.253.160.0/23 maxlen: 23
5.253.162.0/23 maxlen: 23
45.67.176.0/23 maxlen: 23
45.67.178.0/23 maxlen: 23
83.150.238.0/24 maxlen: 24
83.150.239.0/24 maxlen: 24
85.209.136.0/23 maxlen: 23
85.209.138.0/23 maxlen: 23
141.98.92.0/23 maxlen: 23
141.98.94.0/23 maxlen: 23
152.89.8.0/23 maxlen: 23
152.89.10.0/23 maxlen: 23
171.22.36.0/23 maxlen: 23
171.22.38.0/23 maxlen: 23
188.119.88.0/23 maxlen: 23
188.119.90.0/23 maxlen: 23
193.168.180.0/23 maxlen: 23
193.168.182.0/23 maxlen: 23
194.38.28.0/23 maxlen: 23
194.38.30.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:80:a8:e1:3c:41:f1:6b:b1:8b:64:e1:d9:d6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49cc055d7dab6234fb9da41c89531aa2d27e51f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e0:ef:cf:1a:10:a6:4c:87:24:0d:c3:75:69:
a1:12:52:36:58:f4:28:f5:11:a4:a5:2a:5e:13:63:
4b:28:ab:f1:1a:27:64:f8:3a:32:ca:a9:50:05:fa:
9b:26:b0:65:13:5f:27:47:ef:d5:e1:c6:99:1e:22:
a6:90:a1:4a:34:10:d5:85:94:15:ec:75:2d:2b:29:
ee:e6:bd:8e:4a:94:be:a6:57:b1:6f:97:ac:a9:55:
a6:a2:91:c2:86:8d:0a:43:cc:96:9c:bb:5a:b2:53:
11:9f:56:7f:84:4e:7f:94:e7:0e:67:7d:33:ea:31:
f0:24:d0:87:e5:66:82:3c:d3:26:0a:85:12:bc:9a:
a3:95:17:fb:05:e0:d5:54:9b:f6:d4:9d:54:50:c9:
25:0a:5d:16:ed:45:ba:b0:e2:45:96:7d:02:a4:93:
71:ab:0f:1c:f2:f3:8e:09:c8:45:37:71:39:e5:c3:
d1:49:2e:30:f9:17:3d:cb:77:3d:3e:5b:21:99:d3:
84:2d:20:fc:70:b5:a8:9b:86:bc:b1:8b:9f:a4:b3:
62:3e:93:88:1f:f8:12:1d:37:e1:6d:ca:42:0c:c9:
2f:35:58:5b:d2:12:09:7a:fc:88:6a:b9:15:ea:ed:
3b:d9:80:57:e3:81:42:8f:ef:11:4f:29:55:a9:7d:
d6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CC:05:5D:7D:AB:62:34:FB:9D:A4:1C:89:53:1A:A2:D2:7E:51:F3
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/ScwFXX2rYjT7naQciVMaotJ-UfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.44.0/22
5.253.160.0/22
45.67.176.0/22
83.150.238.0/23
85.209.136.0/22
141.98.92.0/22
152.89.8.0/22
171.22.36.0/22
188.119.88.0/22
193.168.180.0/22
194.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:e3:31:10:a3:13:33:bb:23:fb:27:11:59:cf:d7:7e:0f:45:
c8:66:ed:d7:15:fa:35:53:64:82:86:2f:d9:2d:13:41:62:3b:
4e:de:2a:b4:f1:b9:75:bb:0d:06:ae:56:e5:4b:8b:21:53:bb:
aa:99:42:10:b4:07:22:4a:22:c8:97:db:f4:18:52:eb:64:79:
f7:b3:c2:a1:11:f9:a7:e6:4d:b2:2b:96:15:23:6b:9e:1c:a5:
40:aa:5d:d2:6d:9b:59:f1:01:08:6b:8c:98:a5:f9:e6:a6:71:
85:cc:97:03:c9:11:33:a1:85:19:90:2f:a5:48:b1:7a:17:cd:
2e:4c:f8:8b:d8:1c:57:d6:03:58:a7:42:3d:38:35:57:21:ec:
c5:1d:71:ba:31:ee:d0:8b:7a:b4:59:29:cb:ee:49:3c:5e:64:
86:4c:cf:1c:84:5f:5d:0e:e5:1b:e2:fc:1a:a8:ce:3d:db:7d:
6e:af:2c:33:e6:eb:75:04:44:ed:ab:51:ae:05:da:f3:ba:84:
61:75:5e:ec:f8:fb:03:28:ca:7c:81:88:24:ae:73:0b:68:82:
41:03:7a:01:44:be:a7:1e:fa:4e:ec:71:b5:99:f6:ef:01:45:
47:57:ae:d9:dc:da:2e:55:7d:9b:2c:50:58:27:13:df:3c:17:
75:73:72:df
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQkRYCo4TxB8Wuxi2Th2dYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNjMDU1ZDdkYWI2MjM0ZmI5ZGE0MWM4OTUzMWFhMmQyN2U1MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArODvzxoQpkyHJA3DdWmhElI2WPQo
9RGkpSpeE2NLKKvxGidk+DoyyqlQBfqbJrBlE18nR+/V4caZHiKmkKFKNBDVhZQV
7HUtKynu5r2OSpS+plexb5esqVWmopHCho0KQ8yWnLtaslMRn1Z/hE5/lOcOZ30z
6jHwJNCH5WaCPNMmCoUSvJqjlRf7BeDVVJv21J1UUMklCl0W7UW6sOJFln0CpJNx
qw8c8vOOCchFN3E55cPRSS4w+Rc9y3c9PlshmdOELSD8cLWom4a8sYufpLNiPpOI
H/gSHTfhbcpCDMkvNVhb0hIJevyIarkV6u072YBX44FCj+8RTylVqX3WlwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEnMBV19q2I0+52kHIlTGqLSflHzMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvU2N3RlhYMnJZalQ3bmFRY2lWTWFvdEotVWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCAjgsAwQC
Bf2gAwQCLUOwAwQBU5buAwQCVdGIAwQCjWJcAwQCmFkIAwQCqxYkAwQCvHdYAwQC
wai0AwQCwiYcMA0GCSqGSIb3DQEBCwUAA4IBAQCf4zEQoxMzuyP7JxFZz9d+D0XI
Zu3XFfo1U2SChi/ZLRNBYjtO3iq08bl1uw0GrlblS4shU7uqmUIQtAciSiLIl9v0
GFLrZHn3s8KhEfmn5k2yK5YVI2ueHKVAql3SbZtZ8QEIa4yYpfnmpnGFzJcDyREz
oYUZkC+lSLF6F80uTPiL2BxX1gNYp0I9ODVXIezFHXG6Me7Qi3q0WSnL7kk8XmSG
TM8chF9dDuUb4vwaqM49231urywz5ut1BETtq1GuBdrzuoRhdV7s+PsDKMp8gYgk
rnMLaIJBA3oBRL6nHvpO7HG1mfbvAUVHV67Z3NouVX2bLFBYJxPfPBd1c3Lf
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:50:58 2025 by rpki-client