Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/mXX0pAjU5w8oM8Kw23jhrgx4Wvk.roa
File: mXX0pAjU5w8oM8Kw23jhrgx4Wvk.roa (raw, json)
Hash identifier: sc8dapOFwgxs0Xrg6eWIDXxwfzY184TsGMxeq92yyGI=
Subject key identifier: 99:75:F4:A4:08:D4:E7:0F:28:33:C2:B0:DB:78:E1:AE:0C:78:5A:F9
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 019428258A565DAEEF5ED54E977429674DE4
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/mXX0pAjU5w8oM8Kw23jhrgx4Wvk.roa
Signing time: Thu 02 Jan 2025 17:52:16 +0000
ROA not before: Thu 02 Jan 2025 17:52:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 46.244.18.0/23 maxlen: 24
46.244.18.0/24 maxlen: 24
46.244.19.0/24 maxlen: 24
46.244.97.0/24 maxlen: 24
46.244.108.0/23 maxlen: 24
46.244.108.0/24 maxlen: 24
46.244.109.0/24 maxlen: 24
46.244.110.0/24 maxlen: 24
46.244.111.0/24 maxlen: 24
46.244.114.0/23 maxlen: 24
46.244.114.0/24 maxlen: 24
46.244.115.0/24 maxlen: 24
92.240.144.0/22 maxlen: 24
92.240.149.0/24 maxlen: 24
92.240.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:8a:56:5d:ae:ef:5e:d5:4e:97:74:29:67:4d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 17:52:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9975f4a408d4e70f2833c2b0db78e1ae0c785af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:98:0b:d0:4c:c9:68:43:d8:8a:51:60:4c:
1a:f7:bc:6c:1d:24:58:29:b8:ff:83:91:4b:3f:46:
ff:fb:21:ed:f3:e1:c7:92:90:18:b7:d5:5d:2b:63:
95:c0:fb:be:12:df:df:43:e9:6e:b7:ca:e7:de:df:
99:7a:e3:bf:5c:cb:dd:70:60:58:d5:4f:fa:9e:cf:
0f:6e:2b:08:37:d5:d1:21:5a:f5:7a:42:c5:5c:b8:
18:51:05:1e:00:b9:20:98:86:74:62:33:4d:03:d6:
7e:93:aa:78:36:be:1c:33:27:04:47:29:29:ef:45:
f0:23:7d:f3:5e:b8:6c:b0:d5:2e:71:c2:aa:a1:44:
02:14:69:5a:70:52:ed:db:39:7b:f4:fc:78:26:a4:
97:1d:7b:c3:c5:d1:b7:8f:e8:95:41:87:f9:71:fe:
4b:0c:76:2d:5a:0e:29:da:14:85:57:a7:07:df:f2:
9c:48:fa:67:f5:2d:c9:38:25:93:75:84:af:aa:9c:
8b:0d:76:63:37:96:c5:a7:cf:09:4c:6e:4d:6e:e9:
9c:d0:8b:e8:d4:e6:e3:fb:7f:79:1a:a1:c7:0e:8a:
71:52:5a:83:06:3e:fc:2f:32:d7:5a:d4:83:df:52:
48:c1:9a:0b:3f:79:ec:7f:20:9b:e1:17:d7:4d:fd:
63:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:75:F4:A4:08:D4:E7:0F:28:33:C2:B0:DB:78:E1:AE:0C:78:5A:F9
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/mXX0pAjU5w8oM8Kw23jhrgx4Wvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.18.0/23
46.244.97.0/24
46.244.108.0/22
46.244.114.0/23
92.240.144.0/22
92.240.149.0/24
92.240.151.0/24
Signature Algorithm: sha256WithRSAEncryption
89:63:ab:2f:f6:b8:71:e6:8c:f5:df:17:ce:53:6e:a5:c2:86:
d5:24:83:18:25:a1:db:7a:2f:50:3b:6d:b0:7e:ee:63:d3:04:
8e:45:e5:0a:97:75:fd:cc:4f:90:24:93:48:ab:60:60:87:15:
29:6c:9c:23:c1:01:58:1f:6d:32:78:df:d9:6b:7d:e8:ef:06:
60:ff:97:73:85:d7:77:82:31:3c:f7:af:1a:31:16:d9:f5:fe:
24:2c:8d:88:3a:0d:0e:55:c3:d1:71:11:d6:d4:32:fd:62:57:
a1:9e:a7:4b:3f:05:e9:c5:9c:1b:c7:d4:a4:98:4f:66:8b:a4:
bd:23:cf:2b:3c:2c:48:5a:e8:9f:fa:d7:a2:42:5b:03:f2:52:
d2:1f:b1:c4:1f:73:93:70:8b:81:bf:9a:fb:19:41:81:39:ae:
ef:c5:64:75:5e:5d:61:50:3f:56:1e:55:48:0c:ed:a0:df:f3:
e0:0e:c5:73:fd:54:ed:9f:06:1c:c0:f6:24:f4:36:95:4d:f7:
8f:a1:75:35:81:39:0c:96:b0:0d:35:df:ef:60:2b:7a:27:82:
76:e5:e9:fc:1b:d5:83:8c:43:d0:76:52:67:5f:72:fc:8e:55:
61:b3:45:83:7c:c1:1e:a2:64:b5:c2:0f:8b:37:c9:b1:6e:ba:
60:c2:70:21
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQoJYpWXa7vXtVOl3QpZ03kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjUwMTAyMTc1MjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc1ZjRhNDA4ZDRlNzBmMjgzM2MyYjBkYjc4ZTFhZTBjNzg1YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXWYC9BMyWhD2IpRYEwa97xsHSRY
Kbj/g5FLP0b/+yHt8+HHkpAYt9VdK2OVwPu+Et/fQ+lut8rn3t+ZeuO/XMvdcGBY
1U/6ns8PbisIN9XRIVr1ekLFXLgYUQUeALkgmIZ0YjNNA9Z+k6p4Nr4cMycERykp
70XwI33zXrhssNUuccKqoUQCFGlacFLt2zl79Px4JqSXHXvDxdG3j+iVQYf5cf5L
DHYtWg4p2hSFV6cH3/KcSPpn9S3JOCWTdYSvqpyLDXZjN5bFp88JTG5Nbumc0Ivo
1Obj+395GqHHDopxUlqDBj78LzLXWtSD31JIwZoLP3nsfyCb4RfXTf1jywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJl19KQI1OcPKDPCsNt44a4MeFr5MB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvbVhYMHBBalU1dzhvTThLdzIzamhyZ3g0V3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLvQSAwQA
LvRhAwQCLvRsAwQBLvRyAwQCXPCQAwQAXPCVAwQAXPCXMA0GCSqGSIb3DQEBCwUA
A4IBAQCJY6sv9rhx5oz13xfOU26lwobVJIMYJaHbei9QO22wfu5j0wSOReUKl3X9
zE+QJJNIq2BghxUpbJwjwQFYH20yeN/Za33o7wZg/5dzhdd3gjE8968aMRbZ9f4k
LI2IOg0OVcPRcRHW1DL9YlehnqdLPwXpxZwbx9SkmE9mi6S9I88rPCxIWuif+tei
QlsD8lLSH7HEH3OTcIuBv5r7GUGBOa7vxWR1Xl1hUD9WHlVIDO2g3/PgDsVz/VTt
nwYcwPYk9DaVTfePoXU1gTkMlrANNd/vYCt6J4J25en8G9WDjEPQdlJnX3L8jlVh
s0WDfMEeomS1wg+LN8mxbrpgwnAh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:35 2025 by rpki-client