Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/lN3w_CQ-pmg0o8Uv6v-3uj3yMXY.roa
File: lN3w_CQ-pmg0o8Uv6v-3uj3yMXY.roa (raw, json)
Hash identifier: yR0ABww6qrzdgsxlfyOghUNrgq+qwWXZtqgAtOQG9ZA=
Subject key identifier: 94:DD:F0:FC:24:3E:A6:68:34:A3:C5:2F:EA:FF:B7:BA:3D:F2:31:76
Certificate issuer: /CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Certificate serial: 01944F83B575ADFB6AB73C35BBC45AB83C68
Authority key identifier: 0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/lN3w_CQ-pmg0o8Uv6v-3uj3yMXY.roa
Signing time: Fri 10 Jan 2025 09:20:19 +0000
ROA not before: Fri 10 Jan 2025 09:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60294
IP address blocks: 46.245.216.0/21 maxlen: 21
94.31.64.0/18 maxlen: 18
94.31.67.0/24 maxlen: 24
94.31.68.0/22 maxlen: 22
94.31.72.0/22 maxlen: 22
94.31.80.0/20 maxlen: 20
94.31.92.0/23 maxlen: 23
94.31.94.0/23 maxlen: 23
94.31.96.0/20 maxlen: 20
94.31.108.0/22 maxlen: 22
94.31.112.0/23 maxlen: 23
94.31.114.0/23 maxlen: 23
94.31.116.0/22 maxlen: 22
150.5.0.0/18 maxlen: 24
185.7.196.0/22 maxlen: 22
185.22.44.0/22 maxlen: 22
185.22.44.0/24 maxlen: 24
185.22.45.0/24 maxlen: 24
185.22.140.0/22 maxlen: 22
185.113.120.0/22 maxlen: 22
185.158.40.0/22 maxlen: 22
185.158.41.0/24 maxlen: 24
2a00:1f38::/32 maxlen: 32
2a00:6020::/32 maxlen: 32
2a00:6020:0:21::/64 maxlen: 64
2a00:61e0::/32 maxlen: 32
2a03:fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:83:b5:75:ad:fb:6a:b7:3c:35:bb:c4:5a:b8:3c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Validity
Not Before: Jan 10 09:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ddf0fc243ea66834a3c52feaffb7ba3df23176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:96:46:b0:4f:5b:17:e2:e3:bb:ea:7c:99:
b0:de:a6:0a:39:71:24:98:c1:48:1b:e7:7e:b0:43:
1a:d1:5e:6a:af:96:34:38:3c:30:d3:ca:10:6d:e8:
f7:1d:05:d8:38:4c:68:f5:c6:ca:7f:77:70:f7:0f:
35:c9:66:a3:77:99:8d:df:c9:c9:03:f2:fc:5c:d3:
05:f3:b0:a6:59:c1:47:ab:ce:d8:98:57:4f:af:31:
45:d1:4f:ab:69:36:f3:c8:f7:62:0d:3a:a4:37:7b:
7f:eb:22:3a:8a:77:64:75:ee:3c:b7:cb:8e:02:d0:
c7:db:be:8a:80:f3:c9:91:1c:89:dd:6b:35:20:8b:
41:e2:e2:4f:71:73:3c:d1:b5:09:b7:b7:9f:38:78:
62:8d:34:75:8c:bd:b9:a0:e2:da:aa:82:2d:a9:22:
9d:a8:c9:50:74:81:19:ff:f3:95:b9:6a:ce:a8:35:
95:ef:18:14:c2:ab:31:23:2e:dc:fe:78:58:f9:5b:
00:8f:91:ff:da:79:04:76:7d:99:85:63:25:93:a8:
4f:db:d6:31:54:b9:08:c9:dd:98:c7:c3:e6:6d:6a:
2d:9f:9b:f7:0d:31:a3:e6:93:d3:47:a2:0a:8f:12:
db:b6:70:05:21:74:dc:43:b7:41:62:2f:64:a7:ff:
d1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DD:F0:FC:24:3E:A6:68:34:A3:C5:2F:EA:FF:B7:BA:3D:F2:31:76
X509v3 Authority Key Identifier:
keyid:0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/lN3w_CQ-pmg0o8Uv6v-3uj3yMXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.216.0/21
94.31.64.0/18
150.5.0.0/18
185.7.196.0/22
185.22.44.0/22
185.22.140.0/22
185.113.120.0/22
185.158.40.0/22
IPv6:
2a00:1f38::/32
2a00:6020::/32
2a00:61e0::/32
2a03:fc0::/32
Signature Algorithm: sha256WithRSAEncryption
18:84:d4:c0:32:ea:22:3a:bc:95:00:d6:61:26:69:ed:15:28:
08:67:5a:7b:38:17:06:e7:50:0d:33:df:f6:78:d2:7e:c5:c8:
56:3f:7c:f2:3e:91:63:49:9d:7a:16:88:a7:b5:0a:d1:3b:9f:
fc:c2:61:59:ed:11:d3:75:c5:22:60:5f:d6:f5:95:e3:73:ba:
5c:51:a9:26:a3:e6:4b:8d:69:a0:13:ad:ea:1b:12:74:ad:1e:
61:f1:6c:59:22:14:91:ba:d0:56:a9:39:56:99:d4:5b:f4:79:
03:97:b1:6e:04:de:a3:f2:1c:47:51:fe:69:c7:d7:29:62:4c:
ac:c5:56:10:a2:c6:e8:d9:aa:a6:4b:61:30:98:a7:ea:3e:4c:
6a:92:08:7e:0a:49:0f:91:62:d3:ec:10:d5:b4:6f:a7:97:11:
fa:3f:40:4e:12:51:e5:0f:b5:4f:17:db:14:9f:40:0b:d7:34:
89:83:82:f9:12:63:bb:d3:71:cd:87:b7:df:a9:54:8e:f4:79:
59:d0:f2:59:3b:6c:2f:10:95:90:b1:16:45:25:1c:4f:df:9a:
f4:c8:56:29:eb:e1:a7:ce:7c:f0:41:e9:66:ed:ca:98:16:bf:
93:52:b2:e9:9e:52:27:0a:67:b2:b9:14:b6:e6:c9:7b:31:5b:
65:32:91:44
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZRPg7V1rftqtzw1u8RauDxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjllM2VlNTVkZDg2MjY3NGQ0NTg2NjFiYTM0OTA4YjA2
MTdmYTEwHhcNMjUwMTEwMDkyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRkZjBmYzI0M2VhNjY4MzRhM2M1MmZlYWZmYjdiYTNkZjIzMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOSWRrBPWxfi47vqfJmw3qYKOXEk
mMFIG+d+sEMa0V5qr5Y0ODww08oQbej3HQXYOExo9cbKf3dw9w81yWajd5mN38nJ
A/L8XNMF87CmWcFHq87YmFdPrzFF0U+raTbzyPdiDTqkN3t/6yI6indkde48t8uO
AtDH276KgPPJkRyJ3Ws1IItB4uJPcXM80bUJt7efOHhijTR1jL25oOLaqoItqSKd
qMlQdIEZ//OVuWrOqDWV7xgUwqsxIy7c/nhY+VsAj5H/2nkEdn2ZhWMlk6hP29Yx
VLkIyd2Yx8PmbWotn5v3DTGj5pPTR6IKjxLbtnAFIXTcQ7dBYi9kp//RuQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJTd8PwkPqZoNKPFL+r/t7o98jF2MB8GA1UdIwQY
MBaAFA1p4+5V3YYmdNRYZhujSQiwYX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUt
YjgzM2JkOWUwYjNhLzEvbE4zd19DUS1wbWcwbzhVdjZ2LTN1ajN5TVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUtYjgzM2JkOWUwYjNh
LzEvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQDLvXYAwQG
Xh9AAwQGlgUAAwQCuQfEAwQCuRYsAwQCuRaMAwQCuXF4AwQCuZ4oMCIEAgACMBwD
BQAqAB84AwUAKgBgIAMFACoAYeADBQAqAw/AMA0GCSqGSIb3DQEBCwUAA4IBAQAY
hNTAMuoiOryVANZhJmntFSgIZ1p7OBcG51ANM9/2eNJ+xchWP3zyPpFjSZ16Foin
tQrRO5/8wmFZ7RHTdcUiYF/W9ZXjc7pcUakmo+ZLjWmgE63qGxJ0rR5h8WxZIhSR
utBWqTlWmdRb9HkDl7FuBN6j8hxHUf5px9cpYkysxVYQosbo2aqmS2EwmKfqPkxq
kgh+CkkPkWLT7BDVtG+nlxH6P0BOElHlD7VPF9sUn0AL1zSJg4L5EmO703HNh7ff
qVSO9HlZ0PJZO2wvEJWQsRZFJRxP35r0yFYp6+GnznzwQelm7cqYFr+TUrLpnlIn
CmeyuRS25sl7MVtlMpFE
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:30 2025 by rpki-client