Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gD5fOrzn3y5J7UeT5zByzgB4R6Q.roa
File: gD5fOrzn3y5J7UeT5zByzgB4R6Q.roa (raw, json)
Hash identifier: Czl/8fopCVT4xtNYb6W+DLQQfnBhd9FXMln0Q4+TH+c=
Subject key identifier: 80:3E:5F:3A:BC:E7:DF:2E:49:ED:47:93:E7:30:72:CE:00:78:47:A4
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 019460FDC59A0E51C68B34F37F2023AD5AA7
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gD5fOrzn3y5J7UeT5zByzgB4R6Q.roa
Signing time: Mon 13 Jan 2025 18:47:11 +0000
ROA not before: Mon 13 Jan 2025 18:47:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 46.3.8.0/22 maxlen: 22
46.3.28.0/23 maxlen: 24
46.3.40.0/21 maxlen: 24
46.3.48.0/20 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.84.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.128.0/22 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.164.0/22 maxlen: 24
46.3.168.0/22 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.228.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.16.0/23 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:fd:c5:9a:0e:51:c6:8b:34:f3:7f:20:23:ad:5a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 13 18:47:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=803e5f3abce7df2e49ed4793e73072ce007847a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:16:78:f2:2a:bc:3e:66:d1:7f:5b:ae:c5:5c:
77:2e:8a:7b:c6:85:88:bf:13:5a:af:ea:33:75:26:
61:c2:68:68:39:52:76:1c:ee:9b:63:e2:bb:ab:89:
74:7b:83:41:4a:eb:44:43:8d:36:97:7a:3c:1e:79:
3a:3a:bf:db:bc:aa:b2:f3:11:b9:d4:9a:9b:77:64:
18:cc:8c:35:81:25:36:30:f1:d2:e1:79:bb:da:66:
50:f3:e9:fd:2f:f2:1f:8d:33:19:9e:a6:7e:4e:53:
2b:56:d9:54:8f:69:91:1d:1e:fd:50:89:4a:be:3c:
37:8a:37:0b:66:49:c3:02:2c:36:fe:cd:70:32:81:
fc:6e:09:04:dd:89:0b:23:a6:aa:4e:bf:2a:85:bc:
69:38:52:32:f5:f4:ff:ca:db:0e:cf:e6:f6:c3:3c:
b9:5d:94:e6:ae:1d:15:fc:70:d7:fe:e2:7e:79:c9:
c3:81:25:69:a1:68:d8:73:95:bd:5a:4a:f3:b5:7c:
1f:00:10:1a:b8:3e:a6:ae:59:02:6a:68:83:7b:46:
10:89:3d:1f:4a:14:6a:e5:0b:17:82:df:70:d5:4f:
53:13:e9:b0:37:c3:cd:3f:b7:39:d0:9b:40:b4:4a:
1f:74:64:36:e9:22:77:93:41:9f:55:40:49:99:f3:
43:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3E:5F:3A:BC:E7:DF:2E:49:ED:47:93:E7:30:72:CE:00:78:47:A4
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gD5fOrzn3y5J7UeT5zByzgB4R6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/22
46.3.28.0/23
46.3.40.0-46.3.63.255
46.3.77.0/24
46.3.84.0/24
46.3.89.0-46.3.91.255
46.3.120.0-46.3.131.255
46.3.134.0/23
46.3.156.0/23
46.3.160.0-46.3.171.255
46.3.184.0-46.3.188.255
46.3.205.0-46.3.215.255
46.3.228.0/23
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.3.248.0/24
46.3.251.0/24
46.3.253.0-46.3.255.255
46.232.0.0/22
46.232.16.0/22
46.232.64.0-46.232.66.255
46.232.68.0/24
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.196.0/24
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
Signature Algorithm: sha256WithRSAEncryption
26:e5:4c:22:eb:41:08:1f:ad:3f:92:f0:dd:1f:24:f2:b4:af:
fc:0a:13:0a:80:52:34:1f:bf:5c:4d:e7:e8:4d:d7:fc:f4:a4:
a4:ae:d0:9b:d7:c7:d2:50:28:0b:c6:32:58:d3:38:7b:d9:c6:
1b:35:2b:cc:3e:e1:af:ed:d4:0e:21:77:a0:31:59:60:cc:52:
2a:61:3f:c1:7f:37:19:57:6f:ae:8e:b2:1f:8e:96:1d:b4:dc:
06:0e:19:f1:98:5a:4c:30:f2:fd:e1:b2:07:bf:82:46:03:f0:
b0:06:68:69:bf:3e:63:1c:2a:74:31:46:92:d1:98:cd:eb:fd:
4d:ed:d2:7e:7d:93:a0:53:e2:a8:25:91:e3:18:98:67:79:54:
83:84:be:9a:f5:6c:63:93:ec:12:be:6b:a5:02:c6:88:de:54:
48:7b:5e:dd:c7:53:ae:21:59:0a:59:74:1f:77:e4:2d:30:44:
53:17:01:7e:fd:2b:03:3c:b7:fc:5e:f0:5a:63:f9:06:78:83:
5e:ec:c4:fa:48:d8:c3:6f:95:13:35:f0:d5:b6:8e:1b:08:ad:
17:c1:5e:bf:33:7d:40:97:ba:b4:76:b7:ab:bc:1b:53:7d:1f:
79:a9:7a:f5:47:a0:42:3e:70:e6:15:6e:c8:84:4e:c8:fc:51:
99:5a:69:13
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZRg/cWaDlHGizTzfyAjrVqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTEzMTg0NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNlNWYzYWJjZTdkZjJlNDllZDQ3OTNlNzMwNzJjZTAwNzg0N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xZ48iq8PmbRf1uuxVx3Lop7xoWI
vxNar+ozdSZhwmhoOVJ2HO6bY+K7q4l0e4NBSutEQ402l3o8Hnk6Or/bvKqy8xG5
1Jqbd2QYzIw1gSU2MPHS4Xm72mZQ8+n9L/IfjTMZnqZ+TlMrVtlUj2mRHR79UIlK
vjw3ijcLZknDAiw2/s1wMoH8bgkE3YkLI6aqTr8qhbxpOFIy9fT/ytsOz+b2wzy5
XZTmrh0V/HDX/uJ+ecnDgSVpoWjYc5W9WkrztXwfABAauD6mrlkCamiDe0YQiT0f
ShRq5QsXgt9w1U9TE+mwN8PNP7c50JtAtEofdGQ26SJ3k0GfVUBJmfNDMwIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFIA+Xzq8598uSe1Hk+cwcs4AeEekMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvZ0Q1Zk9yem4zeTVKN1VlVDV6Qnl6Z0I0UjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITCCAR0EAgABMIIB
FQMEAi4DCAMEAS4DHDAMAwQDLgMoAwQGLgMAAwQALgNNAwQALgNUMAwDBAAuA1kD
BAIuA1gwDAMEAy4DeAMEAi4DgAMEAS4DhgMEAS4DnDAMAwQFLgOgAwQCLgOoMAwD
BAMuA7gDBAAuA7wwDAMEAC4DzQMEAy4D0AMEAS4D5AMEAS4D7DAMAwQALgPzAwQA
LgP0AwQALgP2AwQALgP4AwQALgP7MAsDBAAuA/0DAwIuAAMEAi7oAAMEAi7oEDAM
AwQGLuhAAwQALuhCAwQALuhEAwQCLuh0AwQCLuh8AwQAlX7BAwQAlX7EAwQAlX7i
AwQAlX7kAwQAlX7nAwQAlX7yAwQBlX70MAwDBACVfvcDBACVfvowDQYJKoZIhvcN
AQELBQADggEBACblTCLrQQgfrT+S8N0fJPK0r/wKEwqAUjQfv1xN5+hN1/z0pKSu
0JvXx9JQKAvGMljTOHvZxhs1K8w+4a/t1A4hd6AxWWDMUiphP8F/NxlXb66Osh+O
lh203AYOGfGYWkww8v3hsge/gkYD8LAGaGm/PmMcKnQxRpLRmM3r/U3t0n59k6BT
4qglkeMYmGd5VIOEvpr1bGOT7BK+a6UCxojeVEh7Xt3HU64hWQpZdB935C0wRFMX
AX79KwM8t/xe8Fpj+QZ4g17sxPpI2MNvlRM18NW2jhsIrRfBXr8zfUCXurR2t6u8
G1N9H3mpevVHoEI+cOYVbsiETsj8UZlaaRM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:57 2025 by rpki-client