Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rZWoVR8go-ETzcAh50MLSM8Nmkw.roa
File: rZWoVR8go-ETzcAh50MLSM8Nmkw.roa (raw, json)
Hash identifier: cgavxAlOshWtjoy57HjDWJFVrT3Fp0YJu3pSKWnrDaQ=
Subject key identifier: AD:95:A8:55:1F:20:A3:E1:13:CD:C0:21:E7:43:0B:48:CF:0D:9A:4C
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 01941FFA9DD9AA053A263F41430DD1C45447
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rZWoVR8go-ETzcAh50MLSM8Nmkw.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 46.29.236.0/24 maxlen: 24
46.29.237.0/24 maxlen: 24
46.29.239.0/24 maxlen: 24
85.159.226.0/24 maxlen: 24
85.159.229.0/24 maxlen: 24
85.159.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9d:d9:aa:05:3a:26:3f:41:43:0d:d1:c4:54:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad95a8551f20a3e113cdc021e7430b48cf0d9a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b3:61:37:8d:52:f3:b9:10:c4:aa:a7:73:01:
4d:25:90:d7:de:42:c4:a7:53:c3:45:2c:d6:cf:04:
cd:dc:69:50:be:e8:66:21:61:96:6f:75:b5:81:49:
08:7f:68:bd:a9:7c:2b:fc:f7:4d:9c:0d:e6:90:ba:
47:4b:0e:f0:9e:6d:70:d0:39:73:5c:5d:07:37:98:
d8:c3:9b:6c:cf:ba:82:2b:65:70:f8:b9:32:46:08:
ce:bd:7d:84:1c:a9:c7:c6:74:e3:c6:b4:8f:17:b1:
40:14:62:bf:e1:10:c8:52:9e:b2:84:6e:6a:69:e4:
a4:f3:12:c4:12:b0:a0:dd:58:fc:98:fd:07:c1:d8:
b7:98:d4:a5:a2:bf:17:74:c8:42:fb:8e:d8:d7:0b:
ca:f4:62:74:6c:a9:5c:a8:bb:19:a7:77:79:53:f4:
02:bb:27:b6:84:62:7c:19:eb:26:16:ed:d9:9c:04:
13:99:e8:bf:b1:af:7b:00:fb:68:f1:83:17:34:83:
55:b3:0a:55:34:eb:0e:35:a0:32:48:c2:c5:86:a2:
c0:ef:bf:45:e8:30:f4:92:ee:30:b6:5c:8c:7d:63:
37:6a:34:ce:e9:e3:30:a4:9d:50:af:7c:a3:8c:da:
11:6c:86:1d:0e:82:f6:af:b4:83:c6:f2:a1:56:65:
11:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:95:A8:55:1F:20:A3:E1:13:CD:C0:21:E7:43:0B:48:CF:0D:9A:4C
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rZWoVR8go-ETzcAh50MLSM8Nmkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.236.0/23
46.29.239.0/24
85.159.226.0/24
85.159.229.0-85.159.230.255
Signature Algorithm: sha256WithRSAEncryption
ac:31:d3:1a:b4:c1:ba:59:f6:02:19:8a:f7:33:d0:1d:14:00:
7a:73:1f:ed:e4:af:79:62:97:d0:f5:5c:9d:bb:29:0c:f2:de:
a3:de:00:f2:e9:07:47:22:f7:2e:67:ce:39:b8:41:ea:77:bc:
a5:02:b3:52:49:f8:3c:5a:0d:90:72:13:88:f0:3e:ec:89:94:
fc:fb:1f:58:5d:6a:80:7c:1b:0b:a5:9d:4b:e6:54:68:05:be:
71:cf:4d:c0:91:ef:74:0f:bd:dc:74:d9:6a:ab:73:be:07:49:
d2:a1:9d:c3:98:57:21:34:68:a4:68:fa:bb:6c:2d:5c:31:82:
b7:f6:69:ea:43:54:b1:1f:cd:58:76:49:f8:91:80:99:2c:02:
8c:d5:46:63:f0:f4:83:f5:86:13:1f:f9:ef:14:de:09:aa:46:
90:44:bb:b6:66:a7:fd:a7:dc:5e:04:ad:06:49:2e:8d:75:e1:
a3:d1:95:75:eb:f9:e4:fe:34:02:0a:30:cf:c3:66:df:44:94:
09:c6:44:08:3d:c1:ff:73:bd:d5:d7:00:35:e2:3c:0f:52:29:
2e:9f:db:db:a6:47:45:ed:e5:fa:d7:52:74:d1:5b:ed:f1:db:
3e:a6:9f:0b:03:51:84:c0:b9:ff:34:39:ad:66:ea:5a:3e:11:
e3:2f:ca:79
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQf+p3ZqgU6Jj9BQw3RxFRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk1YTg1NTFmMjBhM2UxMTNjZGMwMjFlNzQzMGI0OGNmMGQ5YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLNhN41S87kQxKqncwFNJZDX3kLE
p1PDRSzWzwTN3GlQvuhmIWGWb3W1gUkIf2i9qXwr/PdNnA3mkLpHSw7wnm1w0Dlz
XF0HN5jYw5tsz7qCK2Vw+LkyRgjOvX2EHKnHxnTjxrSPF7FAFGK/4RDIUp6yhG5q
aeSk8xLEErCg3Vj8mP0Hwdi3mNSlor8XdMhC+47Y1wvK9GJ0bKlcqLsZp3d5U/QC
uye2hGJ8GesmFu3ZnAQTmei/sa97APto8YMXNINVswpVNOsONaAySMLFhqLA779F
6DD0ku4wtlyMfWM3ajTO6eMwpJ1Qr3yjjNoRbIYdDoL2r7SDxvKhVmURvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK2VqFUfIKPhE83AIedDC0jPDZpMMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvclpXb1ZSOGdvLUVUemNBaDUwTUxTTThObWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLh3sAwQA
Lh3vAwQAVZ/iMAwDBABVn+UDBABVn+YwDQYJKoZIhvcNAQELBQADggEBAKwx0xq0
wbpZ9gIZivcz0B0UAHpzH+3kr3lil9D1XJ27KQzy3qPeAPLpB0ci9y5nzjm4Qep3
vKUCs1JJ+DxaDZByE4jwPuyJlPz7H1hdaoB8GwulnUvmVGgFvnHPTcCR73QPvdx0
2Wqrc74HSdKhncOYVyE0aKRo+rtsLVwxgrf2aepDVLEfzVh2SfiRgJksAozVRmPw
9IP1hhMf+e8U3gmqRpBEu7Zmp/2n3F4ErQZJLo114aPRlXXr+eT+NAIKMM/DZt9E
lAnGRAg9wf9zvdXXADXiPA9SKS6f29umR0Xt5frXUnTRW+3x2z6mnwsDUYTAuf80
Oa1m6lo+EeMvynk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:33:53 2025 by rpki-client