Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/fyVTS8KnNLJLAvMPXFhguHqf8wg.roa
File: fyVTS8KnNLJLAvMPXFhguHqf8wg.roa (raw, json)
Hash identifier: rK8pnbIqXHxeMFgFBrhTIo/gwpafsDBMMFa/tGIcB3c=
Subject key identifier: 7F:25:53:4B:C2:A7:34:B2:4B:02:F3:0F:5C:58:60:B8:7A:9F:F3:08
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 01956CED357F2946B95C66160A138F484311
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/fyVTS8KnNLJLAvMPXFhguHqf8wg.roa
Signing time: Thu 06 Mar 2025 19:27:19 +0000
ROA not before: Thu 06 Mar 2025 19:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 46.244.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:ed:35:7f:29:46:b9:5c:66:16:0a:13:8f:48:43:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Mar 6 19:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f25534bc2a734b24b02f30f5c5860b87a9ff308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:aa:2d:4b:c9:56:57:4b:84:f1:55:4e:c9:8a:
ba:8e:8b:ea:0d:fc:3d:d6:75:f0:7e:4d:52:a6:95:
00:44:8d:a9:05:96:f6:65:ea:3a:7b:58:f8:34:e4:
72:03:b4:0f:b0:ea:cd:1b:b5:9e:e9:e3:59:4a:43:
be:e2:5b:6e:95:a0:53:7a:9b:1a:93:d2:36:a9:cb:
d5:c3:ca:9e:4f:22:e9:0c:ea:51:1d:fc:55:14:dd:
f3:41:73:26:6e:d4:d1:8a:39:fe:9d:45:30:d2:97:
85:a3:c0:92:b5:7f:0c:ff:ea:0d:94:3a:d6:18:22:
75:99:56:c7:a6:ec:31:38:1b:54:a2:31:de:82:d2:
38:a3:ba:b0:e6:3b:59:dd:36:cb:ec:b0:22:15:9f:
e3:ed:eb:e9:0d:22:a8:c8:88:dc:a0:2c:88:c8:4a:
cf:94:c2:32:1c:de:5c:ae:3f:aa:72:6f:8f:da:ea:
d7:71:c6:17:61:49:aa:91:80:89:9e:0a:c3:f9:01:
f4:ba:46:41:f9:22:ef:e9:83:87:1a:42:fb:49:71:
11:ac:5e:08:c5:2e:77:ad:72:fe:82:1a:a3:1e:9f:
06:00:21:45:32:5b:a7:7a:34:40:43:45:d9:3d:78:
66:73:20:6e:b5:cd:74:0a:18:e7:0e:9a:9d:46:36:
ba:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:25:53:4B:C2:A7:34:B2:4B:02:F3:0F:5C:58:60:B8:7A:9F:F3:08
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/fyVTS8KnNLJLAvMPXFhguHqf8wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.98.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:32:aa:36:82:23:f6:33:01:2f:48:c7:c7:6c:9b:46:cc:4e:
31:f2:bb:52:df:e2:c3:4a:e5:8e:90:34:41:e4:1e:87:fb:92:
7f:39:3f:f5:80:ca:8c:69:80:7e:cf:73:f2:7a:8d:41:67:91:
f0:f2:0b:32:82:34:51:bb:b0:36:39:26:5c:e4:21:14:bf:38:
56:9b:2f:87:f6:c4:c2:ad:9d:24:53:7a:1c:4a:bd:76:81:d8:
55:24:e7:18:18:fc:56:4e:07:7d:9c:bb:19:b1:7f:ea:15:c3:
6c:1d:4a:97:ec:d5:a4:db:c1:64:d2:4e:30:2d:20:8d:d5:05:
ac:ac:8b:41:88:25:cb:c0:57:48:0a:9a:f9:57:76:31:7a:a6:
77:81:58:0c:e5:17:f8:ac:2f:58:28:70:8d:b3:0a:6d:88:1e:
e0:fb:e6:c2:a3:f3:25:30:e1:5f:d2:5f:c3:19:e4:f1:45:cc:
48:fe:57:e8:04:2e:fa:1d:39:b4:30:22:1c:ff:88:38:4b:31:
6a:fa:7d:62:e1:7c:37:cb:03:a5:dd:5c:d5:59:dd:c3:04:47:
6b:32:79:71:56:6f:ee:69:18:90:16:d5:e4:3f:f8:fc:28:4c:
86:da:4b:d7:43:c7:6d:98:d8:b5:ce:d5:88:64:be:96:30:89:
c6:07:bf:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVs7TV/KUa5XGYWChOPSEMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjUwMzA2MTkyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI1NTM0YmMyYTczNGIyNGIwMmYzMGY1YzU4NjBiODdhOWZmMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qotS8lWV0uE8VVOyYq6jovqDfw9
1nXwfk1SppUARI2pBZb2Zeo6e1j4NORyA7QPsOrNG7We6eNZSkO+4ltulaBTepsa
k9I2qcvVw8qeTyLpDOpRHfxVFN3zQXMmbtTRijn+nUUw0peFo8CStX8M/+oNlDrW
GCJ1mVbHpuwxOBtUojHegtI4o7qw5jtZ3TbL7LAiFZ/j7evpDSKoyIjcoCyIyErP
lMIyHN5crj+qcm+P2urXccYXYUmqkYCJngrD+QH0ukZB+SLv6YOHGkL7SXERrF4I
xS53rXL+ghqjHp8GACFFMlunejRAQ0XZPXhmcyButc10ChjnDpqdRja6HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8lU0vCpzSySwLzD1xYYLh6n/MIMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvZnlWVFM4S25OTEpMQXZNUFhGaGd1SHFmOHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvRiMA0G
CSqGSIb3DQEBCwUAA4IBAQA6Mqo2giP2MwEvSMfHbJtGzE4x8rtS3+LDSuWOkDRB
5B6H+5J/OT/1gMqMaYB+z3Pyeo1BZ5Hw8gsygjRRu7A2OSZc5CEUvzhWmy+H9sTC
rZ0kU3ocSr12gdhVJOcYGPxWTgd9nLsZsX/qFcNsHUqX7NWk28Fk0k4wLSCN1QWs
rItBiCXLwFdICpr5V3YxeqZ3gVgM5Rf4rC9YKHCNswptiB7g++bCo/MlMOFf0l/D
GeTxRcxI/lfoBC76HTm0MCIc/4g4SzFq+n1i4Xw3ywOl3VzVWd3DBEdrMnlxVm/u
aRiQFtXkP/j8KEyG2kvXQ8dtmNi1ztWIZL6WMInGB79l
-----END CERTIFICATE-----
Generated at Sat Mar 15 05:42:05 2025 by rpki-client