Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/0CDV0RjmUsiuw8pvI7wmiGNk7p0.roa
File: 0CDV0RjmUsiuw8pvI7wmiGNk7p0.roa (raw, json)
Hash identifier: L4LGgtMwB4uI8/E0GTKs3yD+nqIz1O35c8UDrzGzjqQ=
Subject key identifier: D0:20:D5:D1:18:E6:52:C8:AE:C3:CA:6F:23:BC:26:88:63:64:EE:9D
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369F1ADE87DFBBA187C6053E1EACEE7
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/0CDV0RjmUsiuw8pvI7wmiGNk7p0.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 46.3.152.0/24 maxlen: 24
46.3.153.0/24 maxlen: 24
46.3.154.0/24 maxlen: 24
46.3.155.0/24 maxlen: 24
46.3.238.0/24 maxlen: 24
46.3.239.0/24 maxlen: 24
149.126.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f1:ad:e8:7d:fb:ba:18:7c:60:53:e1:ea:ce:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d020d5d118e652c8aec3ca6f23bc26886364ee9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:68:8c:5e:28:ce:f1:87:e7:a5:ff:e6:e8:03:
c5:f0:ac:fb:27:dd:28:aa:46:f3:36:3f:ed:47:78:
a1:40:fa:5a:c6:6d:3a:1f:7c:22:65:3f:63:68:27:
1e:fd:01:55:e2:9a:53:cb:6e:b1:5e:e2:e5:a7:a4:
5e:e4:45:b5:ac:df:59:ce:fb:3a:cb:c3:0d:43:2e:
73:1b:93:ca:01:fc:77:29:9d:d9:a9:c0:86:9d:10:
2a:5d:17:af:f9:cf:af:3c:e3:df:0a:b7:8e:cb:fa:
7e:b7:b7:e5:92:99:d1:b2:79:b7:b9:11:27:a0:54:
76:75:61:40:0c:5d:6d:c5:71:48:3b:b9:d7:eb:bd:
4f:c3:99:c7:72:ce:dd:ef:34:8f:96:82:a4:d9:e2:
88:ed:05:b5:12:82:62:89:20:8a:d8:2b:44:7d:57:
25:e8:d4:fa:63:6b:cf:17:67:09:d7:93:9d:65:f4:
5b:d9:50:06:78:81:56:2e:33:06:29:69:44:5f:19:
29:1d:0f:d1:bc:c3:25:7c:eb:71:85:a3:36:a2:ea:
55:cb:4c:5c:ee:a8:e4:a6:e4:4e:1c:f8:1b:e3:02:
bf:d6:ea:46:e3:e2:55:74:00:5a:cd:82:b9:f9:4e:
07:9b:64:37:ec:b2:f4:ff:5e:e3:42:1a:99:5d:f8:
19:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:20:D5:D1:18:E6:52:C8:AE:C3:CA:6F:23:BC:26:88:63:64:EE:9D
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/0CDV0RjmUsiuw8pvI7wmiGNk7p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.152.0/22
46.3.238.0/23
149.126.203.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4d:e7:2a:b0:ef:12:da:b3:72:d9:3f:cb:b0:64:cb:31:40:
ad:f0:fd:37:03:8a:99:e6:3b:8f:39:03:31:4b:dc:f8:f9:e3:
3a:01:4a:66:dd:db:dd:73:a3:11:c4:85:f8:c1:34:74:db:a2:
78:cb:d7:88:3c:be:23:44:62:42:d6:4e:cc:8f:d5:0b:97:a7:
d4:5c:7a:aa:aa:53:94:5c:01:33:2d:1b:a8:09:84:b1:79:c2:
53:7e:9f:8e:d6:1c:ad:35:8d:6b:b0:86:72:73:1f:1b:03:75:
65:8b:c4:0d:d9:34:26:57:5d:71:65:c8:87:c9:b3:2a:56:e1:
dc:8a:0b:fa:ac:83:a4:6b:39:9d:ee:a8:31:70:fd:56:8e:22:
32:cf:72:6f:8b:1c:be:74:ba:1b:44:f1:94:d6:c7:09:1e:f8:
98:2f:1b:c3:73:ed:47:7b:50:ef:29:c6:9f:b8:36:7b:fa:59:
98:9c:92:89:61:80:b9:b3:03:2f:12:2d:24:39:f3:21:bd:4d:
e0:24:38:b9:19:73:8b:f3:fd:c4:80:59:46:85:a4:58:bb:93:
ce:37:2f:60:78:a0:68:42:52:11:20:7b:df:6c:8d:33:39:56:
25:27:69:59:17:1b:4c:f7:a8:ca:9f:69:f5:cc:9d:ef:72:d9:
da:27:84:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjafGt6H37uhh8YFPh6s7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDIwZDVkMTE4ZTY1MmM4YWVjM2NhNmYyM2JjMjY4ODYzNjRlZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2iMXijO8Yfnpf/m6APF8Kz7J90o
qkbzNj/tR3ihQPpaxm06H3wiZT9jaCce/QFV4ppTy26xXuLlp6Re5EW1rN9Zzvs6
y8MNQy5zG5PKAfx3KZ3ZqcCGnRAqXRev+c+vPOPfCreOy/p+t7flkpnRsnm3uREn
oFR2dWFADF1txXFIO7nX671Pw5nHcs7d7zSPloKk2eKI7QW1EoJiiSCK2CtEfVcl
6NT6Y2vPF2cJ15OdZfRb2VAGeIFWLjMGKWlEXxkpHQ/RvMMlfOtxhaM2oupVy0xc
7qjkpuROHPgb4wK/1upG4+JVdABazYK5+U4Hm2Q37LL0/17jQhqZXfgZwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNAg1dEY5lLIrsPKbyO8JohjZO6dMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvMENEVjBSam1Vc2l1dzhwdkk3d21pR05rN3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLgOYAwQB
LgPuAwQAlX7LMA0GCSqGSIb3DQEBCwUAA4IBAQCITecqsO8S2rNy2T/LsGTLMUCt
8P03A4qZ5juPOQMxS9z4+eM6AUpm3dvdc6MRxIX4wTR026J4y9eIPL4jRGJC1k7M
j9ULl6fUXHqqqlOUXAEzLRuoCYSxecJTfp+O1hytNY1rsIZycx8bA3Vli8QN2TQm
V11xZciHybMqVuHcigv6rIOkazmd7qgxcP1WjiIyz3Jvixy+dLobRPGU1scJHviY
LxvDc+1He1DvKcafuDZ7+lmYnJKJYYC5swMvEi0kOfMhvU3gJDi5GXOL8/3EgFlG
haRYu5PONy9geKBoQlIRIHvfbI0zOVYlJ2lZFxtM96jKn2n1zJ3vctnaJ4Q5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:20 2025 by rpki-client