Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5kIp4bFmAr9lOCjBtU4-CSX7D0w.roa
File: 5kIp4bFmAr9lOCjBtU4-CSX7D0w.roa (raw, json)
Hash identifier: zS6XZLioq/dFM9rTCOe5dC9siPtnmQmcYc9glHbFesE=
Subject key identifier: E6:42:29:E1:B1:66:02:BF:65:38:28:C1:B5:4E:3E:09:25:FB:0F:4C
Certificate issuer: /CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Certificate serial: 019421439B75C336EC9AB771A8881D96C9E9
Authority key identifier: 73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5kIp4bFmAr9lOCjBtU4-CSX7D0w.roa
Signing time: Wed 01 Jan 2025 09:47:46 +0000
ROA not before: Wed 01 Jan 2025 09:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51615
IP address blocks: 46.54.128.0/18 maxlen: 18
46.54.192.0/19 maxlen: 19
46.54.224.0/20 maxlen: 20
2a02:2590::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:9b:75:c3:36:ec:9a:b7:71:a8:88:1d:96:c9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731d9ad404ecdafa70ea9a4c9d10b9801829ea1f
Validity
Not Before: Jan 1 09:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e64229e1b16602bf653828c1b54e3e0925fb0f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f8:57:7d:1a:69:8f:07:e7:3b:76:e9:31:f9:
6e:45:19:ae:9f:8b:50:37:42:76:63:a2:57:85:55:
a8:66:ce:a0:cd:05:c8:4e:b6:c4:c5:a4:60:7b:34:
57:26:65:d2:e9:65:39:87:51:9d:e3:c9:9c:a6:af:
01:fb:9a:9b:ac:bd:12:97:7a:51:65:92:9c:e9:85:
9c:ef:ea:1a:e5:67:ba:2b:5b:4d:2f:da:f2:39:f0:
cb:a9:6d:77:02:16:8b:35:1b:df:dc:75:c0:e5:60:
77:33:c8:33:c5:97:e6:b7:0e:6a:13:04:f1:66:0d:
8d:3b:65:de:f2:00:07:4d:ed:74:73:f1:71:96:1c:
a7:7c:f5:49:a6:9e:6f:13:d0:67:d3:b8:e3:b2:77:
63:1c:a8:38:5b:9e:8d:03:7d:b3:75:3a:cc:b0:7f:
99:bd:9d:8d:90:ab:e3:26:89:64:d8:2b:91:32:ae:
82:65:48:6d:d1:55:04:98:4b:bd:e2:30:21:0a:45:
36:63:5a:a5:7a:dd:cf:d7:6d:59:cd:e8:d8:4f:5b:
42:e9:42:16:41:74:8c:f9:51:3b:3d:56:66:f4:ee:
4e:e9:fa:79:d1:fc:1e:bf:cc:2b:e3:c8:93:09:22:
29:a7:e5:b4:c8:51:ec:d2:f7:d3:a2:63:38:77:e9:
8c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:42:29:E1:B1:66:02:BF:65:38:28:C1:B5:4E:3E:09:25:FB:0F:4C
X509v3 Authority Key Identifier:
keyid:73:1D:9A:D4:04:EC:DA:FA:70:EA:9A:4C:9D:10:B9:80:18:29:EA:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cx2a1ATs2vpw6ppMnRC5gBgp6h8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/5kIp4bFmAr9lOCjBtU4-CSX7D0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/4429a4-0b36-4ced-846f-e20a654fca95/1/cx2a1ATs2vpw6ppMnRC5gBgp6h8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.54.128.0-46.54.239.255
IPv6:
2a02:2590::/32
Signature Algorithm: sha256WithRSAEncryption
52:80:96:0c:d4:4d:11:5d:7b:b4:cc:65:51:b2:80:c1:79:eb:
3b:e7:39:62:77:8f:a3:6d:09:c8:c5:8d:02:85:f7:ed:56:a1:
e9:19:e8:96:2e:d1:c5:6d:ce:92:0d:fa:a9:42:cd:59:04:14:
67:81:7e:e7:07:96:f1:c8:22:7c:a1:39:64:4f:b3:7a:63:bf:
7c:79:93:98:aa:54:83:cb:ca:c4:92:11:a9:4d:ba:e9:fb:f1:
ee:88:35:9e:fd:4e:d3:b2:b7:40:56:59:79:ac:c3:4b:fe:7a:
0a:5a:73:34:eb:ee:c0:44:38:04:08:ec:0c:c6:2b:44:97:a0:
1e:5d:32:8f:ab:35:35:21:ad:cc:f4:f0:e1:1f:bc:8e:73:eb:
7f:ca:5c:1a:d1:fe:a3:83:27:32:49:f0:73:83:0e:ad:72:87:
b5:06:80:44:ca:53:0d:05:31:e2:46:1f:0c:28:0d:be:dd:c4:
3f:1a:7c:82:1b:29:36:a0:64:cf:c3:22:12:c4:46:49:37:8f:
9e:86:59:b6:7d:71:6a:5d:d8:63:fc:bf:55:32:d3:54:74:5b:
42:f3:12:03:c7:e7:57:a9:81:41:e3:ac:93:fe:c3:ca:27:4a:
ba:1d:ba:31:c6:0d:64:21:a2:d7:eb:db:dd:ef:77:9e:49:f6:
00:84:21:9c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhQ5t1wzbsmrdxqIgdlsnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMWQ5YWQ0MDRlY2RhZmE3MGVhOWE0YzlkMTBiOTgwMTgy
OWVhMWYwHhcNMjUwMTAxMDk0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQyMjllMWIxNjYwMmJmNjUzODI4YzFiNTRlM2UwOTI1ZmIwZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/hXfRppjwfnO3bpMfluRRmun4tQ
N0J2Y6JXhVWoZs6gzQXITrbExaRgezRXJmXS6WU5h1Gd48mcpq8B+5qbrL0Sl3pR
ZZKc6YWc7+oa5We6K1tNL9ryOfDLqW13AhaLNRvf3HXA5WB3M8gzxZfmtw5qEwTx
Zg2NO2Xe8gAHTe10c/FxlhynfPVJpp5vE9Bn07jjsndjHKg4W56NA32zdTrMsH+Z
vZ2NkKvjJolk2CuRMq6CZUht0VUEmEu94jAhCkU2Y1qlet3P121ZzejYT1tC6UIW
QXSM+VE7PVZm9O5O6fp50fwev8wr48iTCSIpp+W0yFHs0vfTomM4d+mMBwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOZCKeGxZgK/ZTgowbVOPgkl+w9MMB8GA1UdIwQY
MBaAFHMdmtQE7Nr6cOqaTJ0QuYAYKeofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYt
ZTIwYTY1NGZjYTk1LzEvNWtJcDRiRm1BcjlsT0NqQnRVNC1DU1g3RDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80NDI5YTQtMGIzNi00Y2VkLTg0NmYtZTIwYTY1NGZjYTk1
LzEvY3gyYTFBVHMydnB3NnBwTW5SQzVnQmdwNmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAcuNoAD
BAQuNuAwDQQCAAIwBwMFACoCJZAwDQYJKoZIhvcNAQELBQADggEBAFKAlgzUTRFd
e7TMZVGygMF56zvnOWJ3j6NtCcjFjQKF9+1WoekZ6JYu0cVtzpIN+qlCzVkEFGeB
fucHlvHIInyhOWRPs3pjv3x5k5iqVIPLysSSEalNuun78e6INZ79TtOyt0BWWXms
w0v+egpaczTr7sBEOAQI7AzGK0SXoB5dMo+rNTUhrcz08OEfvI5z63/KXBrR/qOD
JzJJ8HODDq1yh7UGgETKUw0FMeJGHwwoDb7dxD8afIIbKTagZM/DIhLERkk3j56G
WbZ9cWpd2GP8v1Uy01R0W0LzEgPH51epgUHjrJP+w8onSrodujHGDWQhotfr293v
d55J9gCEIZw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:58:39 2025 by rpki-client