Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/9rnqD1RU0JdMjSu8BzguZaGfvTA.roa
File: 9rnqD1RU0JdMjSu8BzguZaGfvTA.roa (raw, json)
Hash identifier: GMQdSU1ONVtRLJ/ahFPu6uQVjVVqJu2bd95QqZUAXII=
Subject key identifier: F6:B9:EA:0F:54:54:D0:97:4C:8D:2B:BC:07:38:2E:65:A1:9F:BD:30
Certificate issuer: /CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
Certificate serial: 01942747BD5CCF90FDFBE538B1BF672E7D5A
Authority key identifier: C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/9rnqD1RU0JdMjSu8BzguZaGfvTA.roa
Signing time: Thu 02 Jan 2025 13:50:00 +0000
ROA not before: Thu 02 Jan 2025 13:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21246
IP address blocks: 46.99.0.0/16 maxlen: 16
46.99.0.0/18 maxlen: 18
46.99.32.0/19 maxlen: 19
46.99.64.0/18 maxlen: 18
46.99.64.0/19 maxlen: 19
46.99.128.0/24 maxlen: 24
46.99.129.0/24 maxlen: 24
46.99.130.0/24 maxlen: 24
46.99.131.0/24 maxlen: 24
46.99.132.0/24 maxlen: 24
46.99.133.0/24 maxlen: 24
46.99.134.0/24 maxlen: 24
46.99.135.0/24 maxlen: 24
46.99.136.0/24 maxlen: 24
46.99.137.0/24 maxlen: 24
46.99.138.0/24 maxlen: 24
46.99.139.0/24 maxlen: 24
46.99.140.0/24 maxlen: 24
46.99.141.0/24 maxlen: 24
46.99.142.0/24 maxlen: 24
46.99.143.0/24 maxlen: 24
46.99.144.0/24 maxlen: 24
46.99.145.0/24 maxlen: 24
46.99.146.0/24 maxlen: 24
46.99.147.0/24 maxlen: 24
46.99.148.0/24 maxlen: 24
46.99.149.0/24 maxlen: 24
46.99.150.0/24 maxlen: 24
46.99.151.0/24 maxlen: 24
46.99.152.0/22 maxlen: 22
46.99.156.0/23 maxlen: 23
46.99.158.0/24 maxlen: 24
46.99.159.0/24 maxlen: 24
46.99.160.0/24 maxlen: 24
46.99.161.0/24 maxlen: 24
46.99.162.0/24 maxlen: 24
46.99.163.0/24 maxlen: 24
46.99.164.0/24 maxlen: 24
46.99.165.0/24 maxlen: 24
46.99.166.0/24 maxlen: 24
46.99.167.0/24 maxlen: 24
46.99.168.0/24 maxlen: 24
46.99.169.0/24 maxlen: 24
46.99.170.0/24 maxlen: 24
46.99.171.0/24 maxlen: 24
46.99.173.0/24 maxlen: 24
46.99.174.0/24 maxlen: 24
46.99.175.0/24 maxlen: 24
46.99.176.0/24 maxlen: 24
46.99.177.0/24 maxlen: 24
46.99.178.0/24 maxlen: 24
46.99.179.0/24 maxlen: 24
46.99.180.0/24 maxlen: 24
46.99.181.0/24 maxlen: 24
46.99.182.0/24 maxlen: 24
46.99.183.0/24 maxlen: 24
46.99.184.0/24 maxlen: 24
46.99.185.0/24 maxlen: 24
46.99.186.0/24 maxlen: 24
46.99.187.0/24 maxlen: 24
46.99.188.0/24 maxlen: 24
46.99.189.0/24 maxlen: 24
46.99.190.0/24 maxlen: 24
46.99.192.0/24 maxlen: 24
46.99.196.0/24 maxlen: 24
46.99.199.0/24 maxlen: 24
46.99.202.0/23 maxlen: 23
46.99.202.0/24 maxlen: 24
46.99.203.0/24 maxlen: 24
46.99.224.0/20 maxlen: 20
46.99.239.0/24 maxlen: 24
46.99.249.0/24 maxlen: 24
46.99.250.0/24 maxlen: 24
46.99.251.0/24 maxlen: 24
46.99.252.0/23 maxlen: 23
46.99.254.0/23 maxlen: 23
80.80.160.0/20 maxlen: 20
80.80.160.0/24 maxlen: 24
80.80.161.0/24 maxlen: 24
80.80.162.0/24 maxlen: 24
80.80.163.0/24 maxlen: 24
80.80.164.0/23 maxlen: 23
80.80.166.0/24 maxlen: 24
80.80.167.0/24 maxlen: 24
80.80.168.0/24 maxlen: 24
80.80.169.0/24 maxlen: 24
80.80.170.0/24 maxlen: 24
80.80.171.0/24 maxlen: 24
80.80.172.0/24 maxlen: 24
80.80.173.0/24 maxlen: 24
80.80.174.0/24 maxlen: 24
80.80.175.0/24 maxlen: 24
91.187.96.0/19 maxlen: 19
91.187.96.0/24 maxlen: 24
91.187.97.0/24 maxlen: 24
91.187.98.0/24 maxlen: 24
91.187.99.0/24 maxlen: 24
91.187.100.0/24 maxlen: 24
91.187.101.0/24 maxlen: 24
91.187.102.0/24 maxlen: 24
91.187.103.0/24 maxlen: 24
91.187.104.0/23 maxlen: 23
91.187.104.0/24 maxlen: 24
91.187.106.0/24 maxlen: 24
91.187.107.0/24 maxlen: 24
91.187.108.0/24 maxlen: 24
91.187.109.0/24 maxlen: 24
91.187.110.0/24 maxlen: 24
91.187.111.0/24 maxlen: 24
91.187.112.0/24 maxlen: 24
91.187.113.0/24 maxlen: 24
91.187.114.0/24 maxlen: 24
91.187.115.0/24 maxlen: 24
91.187.116.0/24 maxlen: 24
91.187.117.0/24 maxlen: 24
91.187.118.0/24 maxlen: 24
91.187.119.0/24 maxlen: 24
91.187.120.0/24 maxlen: 24
91.187.121.0/24 maxlen: 24
91.187.122.0/24 maxlen: 24
91.187.123.0/24 maxlen: 24
91.187.124.0/24 maxlen: 24
91.187.125.0/24 maxlen: 24
91.187.126.0/24 maxlen: 24
91.187.127.0/24 maxlen: 24
185.78.224.0/22 maxlen: 22
2a03:4b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:bd:5c:cf:90:fd:fb:e5:38:b1:bf:67:2e:7d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
Validity
Not Before: Jan 2 13:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6b9ea0f5454d0974c8d2bbc07382e65a19fbd30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:95:59:9e:c1:bc:bf:a5:88:80:f8:cf:5c:
b5:00:41:9f:a9:7c:2a:1b:45:26:7e:34:74:10:44:
7c:a0:5d:03:01:12:37:e0:4b:79:ec:4c:38:33:91:
58:2c:91:1c:77:d3:03:72:0d:b8:bc:2c:65:b5:44:
ab:69:a2:59:bd:c5:7c:7e:89:10:06:ac:14:e8:f1:
ff:c0:61:c4:fa:64:e3:7b:91:42:41:7e:56:a6:10:
73:ff:ba:d0:92:40:d1:46:7a:a7:cd:2f:fc:f4:24:
72:81:a3:f6:3b:6a:0b:dc:34:39:ab:a0:01:ea:29:
22:bd:17:12:47:28:27:78:fa:db:d5:c8:5b:cc:c8:
6d:f8:c1:47:30:0c:7c:e0:eb:af:89:67:91:5c:d0:
22:13:43:cf:b1:77:a2:3a:86:b3:b5:d4:8a:8a:95:
0c:ee:8b:dd:68:49:22:90:59:dd:e8:3d:fc:ab:ae:
c3:98:32:cd:78:63:f3:0f:f0:3a:fc:59:66:b4:be:
0d:32:c4:c0:f9:a8:11:a6:a8:5e:66:27:a0:a0:b7:
ca:56:1a:e9:c2:a4:12:15:14:56:57:9a:f9:ad:ea:
9d:f8:28:cf:6c:63:5f:ef:3d:9e:a0:cd:75:32:a0:
42:4c:e9:1c:d5:6c:11:de:94:cb:59:16:b2:4a:0d:
d7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B9:EA:0F:54:54:D0:97:4C:8D:2B:BC:07:38:2E:65:A1:9F:BD:30
X509v3 Authority Key Identifier:
keyid:C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/9rnqD1RU0JdMjSu8BzguZaGfvTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.99.0.0/16
80.80.160.0/20
91.187.96.0/19
185.78.224.0/22
IPv6:
2a03:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
b7:8a:30:3a:a7:c0:df:bf:aa:7f:28:56:21:77:a2:26:c6:84:
25:28:82:2f:bf:21:61:3f:ea:63:2e:0f:d8:63:45:b2:0f:11:
40:40:14:47:14:e5:3b:9d:e2:32:95:a2:61:20:46:f8:aa:3f:
88:90:07:46:c5:c0:69:7a:b8:2d:36:cf:5c:e7:8f:56:99:85:
30:26:6f:7c:8c:44:58:37:03:c9:aa:02:ad:43:5d:81:13:d2:
11:7d:86:88:5e:15:10:ff:03:ac:a8:63:77:ac:d5:17:1a:83:
22:56:27:1f:7d:e2:b8:e4:d2:7c:12:1d:10:a0:29:1f:73:e7:
40:36:ae:67:e0:b6:64:10:16:1b:e5:de:8d:86:1e:3a:c6:0d:
2f:e4:55:e3:ed:46:1c:e2:5b:18:46:93:f9:4d:5b:64:cf:d5:
1e:15:1a:ae:9d:b9:86:45:e7:45:83:60:93:72:e4:48:1e:bc:
66:2a:5f:f7:64:7c:19:b9:d6:ef:a2:98:e3:45:1a:a2:07:ef:
f7:16:16:3e:b6:26:35:87:8c:1e:95:a1:ff:ce:8f:70:07:6d:
d4:c7:6e:a9:ec:d0:9d:3d:66:f3:04:99:f5:57:b2:0d:d9:6e:
b7:8b:ca:77:31:41:40:ef:78:c8:d7:ed:8a:47:b3:da:f0:f6:
ab:ee:b4:86
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQnR71cz5D9++U4sb9nLn1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDFjNWJjMDkxNWEyZjdjYjE2NWIwYjdkNzEzMjEyZmE1
NzMzMmQwHhcNMjUwMTAyMTM1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmI5ZWEwZjU0NTRkMDk3NGM4ZDJiYmMwNzM4MmU2NWExOWZiZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNqVWZ7BvL+liID4z1y1AEGfqXwq
G0UmfjR0EER8oF0DARI34Et57Ew4M5FYLJEcd9MDcg24vCxltUSraaJZvcV8fokQ
BqwU6PH/wGHE+mTje5FCQX5WphBz/7rQkkDRRnqnzS/89CRygaP2O2oL3DQ5q6AB
6ikivRcSRygnePrb1chbzMht+MFHMAx84OuviWeRXNAiE0PPsXeiOoaztdSKipUM
7ovdaEkikFnd6D38q67DmDLNeGPzD/A6/FlmtL4NMsTA+agRpqheZiegoLfKVhrp
wqQSFRRWV5r5reqd+CjPbGNf7z2eoM11MqBCTOkc1WwR3pTLWRaySg3XPwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPa56g9UVNCXTI0rvAc4LmWhn70wMB8GA1UdIwQY
MBaAFMEBxbwJFaL3yxZbC31xMhL6VzMtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4Zjct
OTI4ZDkxNzkxOTA3LzEvOXJucUQxUlUwSmRNalN1OEJ6Z3VaYUdmdlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4ZjctOTI4ZDkxNzkxOTA3
LzEvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMALmMDBARQ
UKADBAVbu2ADBAK5TuAwDQQCAAIwBwMFACoDS4AwDQYJKoZIhvcNAQELBQADggEB
ALeKMDqnwN+/qn8oViF3oibGhCUogi+/IWE/6mMuD9hjRbIPEUBAFEcU5Tud4jKV
omEgRviqP4iQB0bFwGl6uC02z1znj1aZhTAmb3yMRFg3A8mqAq1DXYET0hF9hohe
FRD/A6yoY3es1RcagyJWJx994rjk0nwSHRCgKR9z50A2rmfgtmQQFhvl3o2GHjrG
DS/kVePtRhziWxhGk/lNW2TP1R4VGq6duYZF50WDYJNy5EgevGYqX/dkfBm51u+i
mONFGqIH7/cWFj62JjWHjB6Vof/Oj3AHbdTHbqns0J09ZvMEmfVXsg3ZbreLyncx
QUDveMjX7YpHs9rw9qvutIY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:18:01 2025 by rpki-client