Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/i4JEgOxnRoqaTKxtE1Iv6EmYD78.roa
File: i4JEgOxnRoqaTKxtE1Iv6EmYD78.roa (raw, json)
Hash identifier: xuJpp3VLpZwhnL2DUKnX5GKiSYzPxkTXs6DVuM4WoBc=
Subject key identifier: 8B:82:44:80:EC:67:46:8A:9A:4C:AC:6D:13:52:2F:E8:49:98:0F:BF
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E5F11F866D415B244DB202013977
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/i4JEgOxnRoqaTKxtE1Iv6EmYD78.roa
Signing time: Wed 01 Jan 2025 19:48:50 +0000
ROA not before: Wed 01 Jan 2025 19:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 46.3.86.0/23 maxlen: 23
46.232.20.0/22 maxlen: 22
46.232.72.0/21 maxlen: 21
149.126.196.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e5:f1:1f:86:6d:41:5b:24:4d:b2:02:01:39:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b824480ec67468a9a4cac6d13522fe849980fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d8:2e:9a:ad:01:ff:ce:ab:18:23:55:29:ab:
7c:a2:65:0a:77:35:3d:7a:a9:86:69:36:76:29:7a:
35:28:d2:eb:be:37:a9:86:84:cb:d4:e0:a5:d3:cb:
a4:2a:a2:9a:75:12:23:3d:64:49:7b:40:3e:bd:08:
42:57:0b:6d:90:57:ce:95:d0:b3:d4:cf:5a:33:06:
ed:5a:f8:6e:17:6a:16:9c:53:d2:5c:50:17:74:d4:
31:16:47:6d:c6:9e:22:13:ca:02:3c:ff:f9:44:b2:
06:0b:91:d6:45:a4:0d:ea:eb:49:f0:5d:9b:41:7f:
16:76:1a:d6:00:a3:01:6d:3d:18:7a:e3:d3:94:f6:
28:69:85:1d:a6:e7:dc:ca:37:c6:fc:ef:70:87:6a:
c4:29:ff:eb:37:6d:2b:48:63:49:b4:4c:18:f3:25:
5d:85:bb:50:96:41:c8:80:02:d6:af:7f:52:a2:f2:
ac:7c:f1:90:62:fc:b1:ff:78:4d:d5:63:dd:82:ac:
a0:2a:30:00:28:fb:d6:c1:26:4c:3a:af:58:8b:8a:
c6:67:de:20:90:ae:44:85:88:60:2d:e4:49:72:2d:
fd:47:83:ea:53:5c:dc:35:38:5d:6f:d2:6c:25:45:
a8:9b:39:f1:30:68:dd:c3:05:f8:b8:42:ce:13:a9:
c3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:82:44:80:EC:67:46:8A:9A:4C:AC:6D:13:52:2F:E8:49:98:0F:BF
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/i4JEgOxnRoqaTKxtE1Iv6EmYD78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.232.20.0/22
46.232.72.0/21
149.126.196.0/24
149.126.206.0/24
149.126.224.0/24
Signature Algorithm: sha256WithRSAEncryption
63:fa:e9:b9:b0:9f:31:e0:6c:f0:72:c2:19:a9:d6:6a:31:0d:
11:32:52:f8:0b:6c:9a:ea:61:73:54:99:4e:27:fb:88:81:8b:
26:71:b4:b6:c7:71:fc:98:5f:6c:4a:a5:c3:b6:c7:39:6a:3b:
3f:4c:f3:cc:53:88:4c:bf:56:7b:41:a3:bb:71:21:ec:2b:67:
1e:a6:29:f9:06:ea:3d:36:53:54:50:92:05:e6:0d:a3:e9:19:
38:12:08:5f:78:5e:ae:2b:4e:44:36:f2:7d:ed:0f:6a:1a:b4:
89:6f:dd:38:e9:bd:11:d5:16:23:a0:ce:63:b7:06:3c:1d:80:
d6:51:e0:4a:01:6f:63:81:f5:6e:59:08:42:bb:44:37:33:64:
a2:ef:4e:24:a8:02:b5:d3:f4:1e:97:4a:c4:69:1e:08:bb:95:
e0:8f:b5:a1:f5:44:38:56:2c:b2:6d:dc:e4:35:e0:b7:fe:8c:
4f:9e:be:f8:b0:66:a7:42:70:5f:07:9c:c6:71:7c:d6:62:47:
c0:7a:ca:45:c2:9c:25:43:92:56:e4:e2:a4:23:9f:e1:bf:6b:
8a:7d:e8:cd:1d:c6:68:1a:94:b4:5f:2a:93:7e:46:d9:09:ba:
1e:7f:55:a3:f4:14:54:c7:bd:45:95:e9:0d:33:e5:2d:3a:95:
9e:9e:c9:54
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQjaeXxH4ZtQVskTbICATl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgyNDQ4MGVjNjc0NjhhOWE0Y2FjNmQxMzUyMmZlODQ5OTgwZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitgumq0B/86rGCNVKat8omUKdzU9
eqmGaTZ2KXo1KNLrvjephoTL1OCl08ukKqKadRIjPWRJe0A+vQhCVwttkFfOldCz
1M9aMwbtWvhuF2oWnFPSXFAXdNQxFkdtxp4iE8oCPP/5RLIGC5HWRaQN6utJ8F2b
QX8WdhrWAKMBbT0YeuPTlPYoaYUdpufcyjfG/O9wh2rEKf/rN20rSGNJtEwY8yVd
hbtQlkHIgALWr39SovKsfPGQYvyx/3hN1WPdgqygKjAAKPvWwSZMOq9Yi4rGZ94g
kK5EhYhgLeRJci39R4PqU1zcNThdb9JsJUWomznxMGjdwwX4uELOE6nD4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIuCRIDsZ0aKmkysbRNSL+hJmA+/MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvaTRKRWdPeG5Sb3FhVEt4dEUxSXY2RW1ZRDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLgNWAwQC
LugUAwQDLuhIAwQAlX7EAwQAlX7OAwQAlX7gMA0GCSqGSIb3DQEBCwUAA4IBAQBj
+um5sJ8x4GzwcsIZqdZqMQ0RMlL4C2ya6mFzVJlOJ/uIgYsmcbS2x3H8mF9sSqXD
tsc5ajs/TPPMU4hMv1Z7QaO7cSHsK2cepin5Buo9NlNUUJIF5g2j6Rk4EghfeF6u
K05ENvJ97Q9qGrSJb9046b0R1RYjoM5jtwY8HYDWUeBKAW9jgfVuWQhCu0Q3M2Si
704kqAK10/Qel0rEaR4Iu5Xgj7Wh9UQ4ViyybdzkNeC3/oxPnr74sGanQnBfB5zG
cXzWYkfAespFwpwlQ5JW5OKkI5/hv2uKfejNHcZoGpS0XyqTfkbZCboef1Wj9BRU
x71FlekNM+UtOpWenslU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:23 2025 by rpki-client