Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/SYZlptmfwW05iDvw4BXOJL_fG8M.roa
File: SYZlptmfwW05iDvw4BXOJL_fG8M.roa (raw, json)
Hash identifier: h6Di4p8kHK2EYyUSqyx3mMW/pVHzVV5hYvjCX+I4Wgk=
Subject key identifier: 49:86:65:A6:D9:9F:C1:6D:39:88:3B:F0:E0:15:CE:24:BF:DF:1B:C3
Certificate issuer: /CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Certificate serial: 019425217DCB0128D019C6CB6EC9218E7880
Authority key identifier: 01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/SYZlptmfwW05iDvw4BXOJL_fG8M.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56911
IP address blocks: 46.149.168.0/22 maxlen: 24
185.111.76.0/22 maxlen: 24
2a06:5bc0::/29 maxlen: 34
2a0d:f7c0::/32 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7d:cb:01:28:d0:19:c6:cb:6e:c9:21:8e:78:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=498665a6d99fc16d39883bf0e015ce24bfdf1bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:6f:74:94:26:f1:88:c8:09:62:d6:24:f9:
2f:30:82:7b:ad:fb:a9:2a:f5:6b:6d:47:d7:ac:5a:
fe:ab:e5:5e:d1:9e:45:aa:0b:f6:ae:3b:28:57:6a:
68:3a:6d:f9:ac:da:40:21:11:73:fc:3a:c3:05:b6:
b3:95:cf:14:f9:2f:6e:ca:58:30:2e:71:8e:c3:71:
15:b5:1b:94:88:a6:5e:41:e9:9f:26:c8:08:f8:a8:
31:94:9f:53:3c:39:0f:3d:f0:da:93:31:3f:50:c8:
ed:db:b2:e0:64:16:eb:f5:97:1a:81:bc:43:b9:bf:
d2:6b:04:3d:5e:55:16:4b:df:bc:a7:07:9a:02:b9:
48:17:e9:3a:e9:ae:3a:0e:20:4f:7a:a9:1a:f4:bd:
3c:f4:ed:c2:eb:f5:1f:cc:fa:6c:e0:1e:1f:b5:dd:
ea:9e:21:2f:28:ba:9c:4c:93:35:7c:a4:de:7e:81:
40:dd:0f:ba:d1:11:04:0b:65:41:5c:60:61:e3:38:
a3:d9:fa:16:f6:0d:5c:b8:8e:73:b1:4d:38:39:49:
41:53:81:c8:63:41:c7:24:0a:b4:83:44:4d:58:dd:
55:c3:29:d2:e0:be:50:1a:99:42:41:6b:ee:1f:9e:
0b:8e:06:57:a4:49:3f:37:fe:39:73:22:e2:cf:88:
da:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:86:65:A6:D9:9F:C1:6D:39:88:3B:F0:E0:15:CE:24:BF:DF:1B:C3
X509v3 Authority Key Identifier:
keyid:01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/SYZlptmfwW05iDvw4BXOJL_fG8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.168.0/22
185.111.76.0/22
IPv6:
2a06:5bc0::/29
2a0d:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
33:a3:dc:99:f4:db:82:e4:ab:8b:32:ff:d7:c4:3d:30:80:43:
c9:af:64:49:5c:06:ce:03:5e:30:a9:97:a7:d3:ee:15:80:d6:
99:20:b9:6e:e9:f5:1a:43:2f:72:c5:21:30:72:9a:e8:4f:8f:
a4:00:b5:5d:e2:32:9f:0b:30:5e:66:94:db:67:1c:a1:03:1e:
35:fe:ed:05:9d:a2:d1:89:6c:24:fe:f7:6a:f8:a4:df:f1:a2:
2f:66:bb:6b:b5:17:9b:1c:a4:1e:9a:eb:45:45:87:99:3f:e2:
b9:1a:2b:e9:53:d7:9b:e1:0f:09:90:7a:20:36:d5:3d:70:32:
32:6d:a4:ed:98:ec:a7:a1:33:88:e4:e1:a2:f7:de:a5:8d:71:
12:3c:92:f5:4e:4b:b9:0a:4e:d6:44:52:4b:08:a2:78:83:3f:
10:b7:92:94:f0:b5:41:a1:b2:b5:13:3d:62:f9:60:51:1c:ad:
98:1f:d4:80:43:b6:75:7c:8e:7f:29:2c:18:9e:e8:f4:4f:9c:
38:68:fd:f3:d8:4f:60:23:2b:b8:cb:6a:a1:49:ac:11:0c:0c:
8e:d0:33:cf:52:63:5c:46:ad:a2:f0:7b:27:5d:27:89:de:46:
12:df:4c:93:cd:f6:d6:ca:20:ea:7c:28:68:4d:e8:8b:ab:f9:
ca:97:13:ad
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIX3LASjQGcbLbskhjniAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzIzNTA2NzE4ZGZjZjJhOGJkMTc2ZDRlYTI0ZTI3NTMy
MmZjZmIwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg2NjVhNmQ5OWZjMTZkMzk4ODNiZjBlMDE1Y2UyNGJmZGYxYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApERvdJQm8YjICWLWJPkvMIJ7rfup
KvVrbUfXrFr+q+Ve0Z5Fqgv2rjsoV2poOm35rNpAIRFz/DrDBbazlc8U+S9uylgw
LnGOw3EVtRuUiKZeQemfJsgI+KgxlJ9TPDkPPfDakzE/UMjt27LgZBbr9ZcagbxD
ub/SawQ9XlUWS9+8pweaArlIF+k66a46DiBPeqka9L089O3C6/UfzPps4B4ftd3q
niEvKLqcTJM1fKTefoFA3Q+60REEC2VBXGBh4zij2foW9g1cuI5zsU04OUlBU4HI
Y0HHJAq0g0RNWN1VwynS4L5QGplCQWvuH54LjgZXpEk/N/45cyLiz4jaaQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEmGZabZn8FtOYg78OAVziS/3xvDMB8GA1UdIwQY
MBaAFAFyNQZxjfzyqL0XbU6iTidTIvz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEt
MDUzNzNiYTk0ODNkLzEvU1labHB0bWZ3VzA1aUR2dzRCWE9KTF9mRzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEtMDUzNzNiYTk0ODNk
LzEvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLpWoAwQC
uW9MMBQEAgACMA4DBQMqBlvAAwUAKg33wDANBgkqhkiG9w0BAQsFAAOCAQEAM6Pc
mfTbguSrizL/18Q9MIBDya9kSVwGzgNeMKmXp9PuFYDWmSC5bun1GkMvcsUhMHKa
6E+PpAC1XeIynwswXmaU22ccoQMeNf7tBZ2i0YlsJP73avik3/GiL2a7a7UXmxyk
HprrRUWHmT/iuRor6VPXm+EPCZB6IDbVPXAyMm2k7Zjsp6EziOThovfepY1xEjyS
9U5LuQpO1kRSSwiieIM/ELeSlPC1QaGytRM9YvlgURytmB/UgEO2dXyOfyksGJ7o
9E+cOGj989hPYCMruMtqoUmsEQwMjtAzz1JjXEatovB7J10nid5GEt9Mk8321sog
6nwoaE3oi6v5ypcTrQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:43:15 2025 by rpki-client