Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/kc5iSTCS2Wj8DpgYXFD3Z8kI0-w.roa
File: kc5iSTCS2Wj8DpgYXFD3Z8kI0-w.roa (raw, json)
Hash identifier: uGP+3hnsQtTfTdEoExGqurh/AYLhmRguK0+ycdKSTRo=
Subject key identifier: 91:CE:62:49:30:92:D9:68:FC:0E:98:18:5C:50:F7:67:C9:08:D3:EC
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 01941FFA9F4AC7A6DC8B4160295B3FF5EFAB
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/kc5iSTCS2Wj8DpgYXFD3Z8kI0-w.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 46.29.234.0/24 maxlen: 24
46.29.235.0/24 maxlen: 24
46.29.238.0/24 maxlen: 24
85.159.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9f:4a:c7:a6:dc:8b:41:60:29:5b:3f:f5:ef:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91ce62493092d968fc0e98185c50f767c908d3ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:14:ce:7b:11:a6:aa:9b:6b:67:62:cb:05:b0:
b0:c7:71:b6:7f:b1:05:79:ea:4d:02:c1:63:4e:0c:
13:ea:e8:98:a5:02:62:7f:8b:92:98:01:ba:ef:32:
21:e5:f8:f9:66:01:b9:1a:3f:f6:39:eb:75:aa:42:
a5:0c:cf:fd:3b:3d:78:f2:48:3f:cd:9e:8b:f2:d6:
5c:8c:dc:fc:3f:f2:fd:49:e7:41:fc:7a:46:8f:b7:
1d:97:9e:4a:00:e5:a8:aa:72:40:af:d8:4c:b4:3e:
61:86:e4:fc:cc:ee:f6:b7:24:9f:c6:33:f8:72:a2:
89:5c:a4:7b:fa:b8:be:0f:70:8f:fd:6b:b0:d2:77:
80:b6:3f:6e:6c:f4:94:4a:24:53:03:da:35:d0:88:
f8:7f:5e:af:9e:42:bc:9b:0f:fb:23:67:07:9e:77:
e4:f2:8a:75:52:7a:3c:2c:e2:8e:f0:6a:fa:f7:20:
25:6f:35:3f:79:e2:0d:05:e8:cb:5b:9d:14:a2:67:
1f:22:46:9d:c2:50:aa:2b:03:ef:ac:25:92:0b:60:
e4:fb:64:8f:d9:42:51:ce:96:43:f6:27:44:0b:3b:
43:ab:e3:a1:0e:7e:99:ee:06:dc:33:96:a8:e4:e7:
1a:5a:87:ee:c2:ce:69:d2:fa:7c:54:09:42:78:a0:
62:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:62:49:30:92:D9:68:FC:0E:98:18:5C:50:F7:67:C9:08:D3:EC
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/kc5iSTCS2Wj8DpgYXFD3Z8kI0-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.234.0/23
46.29.238.0/24
85.159.228.0/24
Signature Algorithm: sha256WithRSAEncryption
36:cc:a0:80:a5:11:1e:3d:8e:5a:29:cf:4b:16:2b:07:4b:e7:
df:b4:35:6b:79:4f:ac:c8:15:63:6b:c9:7d:f5:4c:58:7f:33:
bd:cc:63:5d:af:e8:26:96:87:fe:9b:8b:2a:2b:21:c1:73:83:
2c:f4:70:af:49:f0:1c:b3:b5:95:a9:df:9b:d8:1c:97:63:bb:
4e:12:0e:14:94:64:b1:d3:b8:7c:be:48:d6:67:34:71:7a:96:
2f:10:6d:8b:5f:9d:e6:c6:2e:4f:ab:43:ab:e3:be:c8:01:16:
e4:88:8d:56:6d:f4:df:31:ad:1b:5d:11:29:8f:fc:be:ab:9b:
bf:38:1b:42:f3:8f:51:7e:e0:25:ab:85:7a:85:80:b3:90:49:
5d:60:4b:ae:ff:e6:b7:c8:e4:3e:b4:8a:53:ac:e1:04:fb:2c:
cc:42:d0:39:e1:e3:6b:26:a0:f2:4a:23:f3:b5:fd:67:79:c4:
a2:3c:65:13:38:7b:69:b2:71:b1:b8:25:d1:91:c1:01:ea:99:
ae:e5:22:3f:fc:45:65:24:2b:61:af:c7:88:1d:2d:55:bd:e8:
1c:8c:33:b1:9b:01:41:72:70:89:ca:13:a9:92:cd:7e:1c:94:
28:7e:34:e1:36:7e:b3:bf:07:f3:40:a4:0d:f0:1b:1f:48:f9:
da:8e:5c:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+p9Kx6bci0FgKVs/9e+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNlNjI0OTMwOTJkOTY4ZmMwZTk4MTg1YzUwZjc2N2M5MDhkM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxTOexGmqptrZ2LLBbCwx3G2f7EF
eepNAsFjTgwT6uiYpQJif4uSmAG67zIh5fj5ZgG5Gj/2Oet1qkKlDM/9Oz148kg/
zZ6L8tZcjNz8P/L9SedB/HpGj7cdl55KAOWoqnJAr9hMtD5hhuT8zO72tySfxjP4
cqKJXKR7+ri+D3CP/Wuw0neAtj9ubPSUSiRTA9o10Ij4f16vnkK8mw/7I2cHnnfk
8op1Uno8LOKO8Gr69yAlbzU/eeINBejLW50UomcfIkadwlCqKwPvrCWSC2Dk+2SP
2UJRzpZD9idECztDq+OhDn6Z7gbcM5ao5OcaWofuws5p0vp8VAlCeKBiawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHOYkkwktlo/A6YGFxQ92fJCNPsMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEva2M1aVNUQ1MyV2o4RHBnWVhGRDNaOGtJMC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLh3qAwQA
Lh3uAwQAVZ/kMA0GCSqGSIb3DQEBCwUAA4IBAQA2zKCApREePY5aKc9LFisHS+ff
tDVreU+syBVja8l99UxYfzO9zGNdr+gmlof+m4sqKyHBc4Ms9HCvSfAcs7WVqd+b
2ByXY7tOEg4UlGSx07h8vkjWZzRxepYvEG2LX53mxi5Pq0Or477IARbkiI1WbfTf
Ma0bXREpj/y+q5u/OBtC849RfuAlq4V6hYCzkEldYEuu/+a3yOQ+tIpTrOEE+yzM
QtA54eNrJqDySiPztf1necSiPGUTOHtpsnGxuCXRkcEB6pmu5SI//EVlJCthr8eI
HS1VvegcjDOxmwFBcnCJyhOpks1+HJQofjThNn6zvwfzQKQN8BsfSPnajlw2
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:28:28 2025 by rpki-client