Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/5DtkwQgyAqy1i2Qc_Y1X6SbYy2Y.roa
File: 5DtkwQgyAqy1i2Qc_Y1X6SbYy2Y.roa (raw, json)
Hash identifier: rmAqjVwSsQ07Byp/jgBOJHNn3wKeafJHoFrHTy1U2ug=
Subject key identifier: E4:3B:64:C1:08:32:02:AC:B5:8B:64:1C:FD:8D:57:E9:26:D8:CB:66
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369F7645DDECBF4C9E7B31A5C628C2A
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/5DtkwQgyAqy1i2Qc_Y1X6SbYy2Y.roa
Signing time: Wed 01 Jan 2025 19:48:54 +0000
ROA not before: Wed 01 Jan 2025 19:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393427
IP address blocks: 46.3.190.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f7:64:5d:de:cb:f4:c9:e7:b3:1a:5c:62:8c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e43b64c1083202acb58b641cfd8d57e926d8cb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:90:db:ec:29:9f:ee:df:d9:a2:e4:af:be:
2a:e1:41:59:75:d4:ae:45:cf:5c:90:bb:44:cc:33:
b1:a5:74:e5:85:ec:18:dd:35:06:6f:63:04:06:bd:
6b:33:2f:57:2b:1c:2c:2f:40:75:f9:21:7f:98:8a:
bd:ec:08:9c:9c:92:08:80:11:2c:47:09:87:20:1e:
38:6f:08:c3:cd:ef:2a:e1:02:dd:33:45:1d:e4:5f:
a2:01:71:7b:99:d0:34:b8:42:94:2d:3a:46:5c:80:
70:f2:c5:d0:ad:f8:e4:f8:bc:f6:7c:bc:93:39:68:
68:56:8f:f7:75:e3:f7:98:93:87:e1:9e:3e:7f:82:
b1:f3:b9:af:99:a6:5d:80:22:8a:cb:ea:35:07:05:
ff:63:14:de:6e:c6:2e:55:dc:4e:3a:7f:7e:9f:24:
4d:ca:37:5c:48:87:43:7c:0e:10:67:e0:21:34:5b:
9e:2a:69:c5:d0:6e:69:4d:a0:d7:28:e6:c5:25:3f:
a7:81:d5:74:13:1e:f6:e4:06:a9:80:a1:79:68:6c:
77:d1:e4:d5:bc:54:d8:12:2a:a7:7e:b0:b3:fe:15:
52:3d:ec:b4:45:a6:e3:8b:3d:44:7f:19:40:17:fc:
3a:d3:93:d8:b6:76:45:a8:b5:57:7a:66:7a:b7:03:
f8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3B:64:C1:08:32:02:AC:B5:8B:64:1C:FD:8D:57:E9:26:D8:CB:66
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/5DtkwQgyAqy1i2Qc_Y1X6SbYy2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.190.0/24
46.3.252.0/24
46.232.69.0/24
46.232.71.0/24
Signature Algorithm: sha256WithRSAEncryption
57:6e:fa:1f:d2:56:b1:1c:18:48:07:2f:5f:81:18:d6:2a:88:
fa:07:9c:11:1c:25:dd:a1:c1:c5:32:fd:d8:c9:e5:bf:df:69:
50:20:64:7b:c4:a3:8b:c5:fb:3b:61:2c:33:27:d0:af:00:c2:
0c:ef:d4:8a:23:da:43:70:9d:1e:01:11:e7:62:07:54:2c:84:
68:f9:e3:b0:e1:5d:88:d9:30:24:0c:e0:e2:8a:97:c2:cd:4f:
c0:55:7c:f6:9b:70:5f:74:9c:a4:ea:c3:08:11:21:47:92:fa:
a5:fb:ff:97:53:dd:0c:e6:48:72:b0:86:97:2d:b0:93:eb:88:
d5:43:69:55:1e:01:0d:78:4b:74:a9:3f:c4:fa:f1:c5:11:87:
92:6d:4b:06:cc:31:a4:72:2e:ea:63:ca:71:ce:89:e8:41:09:
84:98:ad:25:f2:b7:49:ea:f4:31:e4:95:f5:cc:4d:1e:1b:20:
d5:fe:82:ae:0f:2a:91:f1:52:77:70:8e:a2:e4:b7:fd:3b:a6:
39:3c:91:4c:f0:2c:5a:be:89:dc:43:c0:29:f4:e3:43:66:f9:
8c:c8:ad:46:b7:bb:db:5a:60:7e:46:8b:b5:2a:5b:3c:0e:3e:
98:16:63:77:90:bc:1e:e6:57:a9:98:45:24:0a:bf:61:cf:50:
74:67:a2:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjafdkXd7L9MnnsxpcYowqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNiNjRjMTA4MzIwMmFjYjU4YjY0MWNmZDhkNTdlOTI2ZDhjYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVqQ2+wpn+7f2aLkr74q4UFZddSu
Rc9ckLtEzDOxpXTlhewY3TUGb2MEBr1rMy9XKxwsL0B1+SF/mIq97AicnJIIgBEs
RwmHIB44bwjDze8q4QLdM0Ud5F+iAXF7mdA0uEKULTpGXIBw8sXQrfjk+Lz2fLyT
OWhoVo/3deP3mJOH4Z4+f4Kx87mvmaZdgCKKy+o1BwX/YxTebsYuVdxOOn9+nyRN
yjdcSIdDfA4QZ+AhNFueKmnF0G5pTaDXKObFJT+ngdV0Ex725AapgKF5aGx30eTV
vFTYEiqnfrCz/hVSPey0Rabjiz1EfxlAF/w605PYtnZFqLVXemZ6twP4BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQ7ZMEIMgKstYtkHP2NV+km2MtmMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvNUR0a3dRZ3lBcXkxaTJRY19ZMVg2U2JZeTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALgO+AwQA
LgP8AwQALuhFAwQALuhHMA0GCSqGSIb3DQEBCwUAA4IBAQBXbvof0laxHBhIBy9f
gRjWKoj6B5wRHCXdocHFMv3YyeW/32lQIGR7xKOLxfs7YSwzJ9CvAMIM79SKI9pD
cJ0eARHnYgdULIRo+eOw4V2I2TAkDODiipfCzU/AVXz2m3BfdJyk6sMIESFHkvql
+/+XU90M5khysIaXLbCT64jVQ2lVHgENeEt0qT/E+vHFEYeSbUsGzDGkci7qY8px
zonoQQmEmK0l8rdJ6vQx5JX1zE0eGyDV/oKuDyqR8VJ3cI6i5Lf9O6Y5PJFM8Cxa
voncQ8Ap9ONDZvmMyK1Gt7vbWmB+Rou1Kls8Dj6YFmN3kLwe5lepmEUkCr9hz1B0
Z6Lm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:33 2025 by rpki-client