Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RkiK4rh0-E_-W_HqKwRMEYj0Jsc.roa
File: RkiK4rh0-E_-W_HqKwRMEYj0Jsc.roa (raw, json)
Hash identifier: gqhP/twOb4neptA72hsuXyc44XyhAEB7mRcgXtdjn0o=
Subject key identifier: 46:48:8A:E2:B8:74:F8:4F:FE:5B:F1:EA:2B:04:4C:11:88:F4:26:C7
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 019421444787A22C0FF50A6E2E320CFC8DDD
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RkiK4rh0-E_-W_HqKwRMEYj0Jsc.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60033
IP address blocks: 185.61.136.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
185.61.139.0/24 maxlen: 24
2a02:7a60::/32 maxlen: 32
2a02:7a60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.mft
rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:47:87:a2:2c:0f:f5:0a:6e:2e:32:0c:fc:8d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46488ae2b874f84ffe5bf1ea2b044c1188f426c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:8a:2f:4f:dc:e0:85:a0:74:ac:2a:24:cf:
fd:3b:10:98:61:13:24:60:ff:c0:af:6d:2f:8b:ad:
00:ca:2b:ed:2a:e2:a8:24:03:ed:47:55:66:01:26:
99:60:69:65:08:cc:06:99:6d:e2:8e:47:1e:88:91:
44:ad:cd:af:da:50:c5:a0:43:85:26:92:d2:fc:eb:
eb:a3:3b:49:6a:26:6d:85:e5:53:69:16:e4:4b:de:
97:18:5a:56:f2:b0:3b:ed:80:6b:6b:db:0c:15:c8:
be:00:12:57:d6:f7:38:53:54:81:2f:26:1e:83:fe:
8b:fe:a2:bb:f7:36:27:71:3d:6c:57:6f:5c:74:07:
dd:7c:de:2f:b2:42:a7:bc:05:ee:2f:48:50:df:f5:
1c:b2:a0:14:e4:5a:7c:64:39:c1:13:58:38:df:1e:
e2:2d:ee:63:ad:30:3c:0d:48:84:4b:b1:e3:83:75:
f4:7e:09:cb:9d:64:1e:5e:e6:65:7b:1f:ff:a8:ef:
a2:77:b4:35:ec:3d:fd:c5:c6:06:5e:9c:80:d0:6b:
36:16:a2:10:01:64:66:b6:60:72:41:01:9d:cf:ab:
4b:16:96:eb:c7:2b:ca:d1:2d:c0:81:88:a5:8b:fd:
bf:b8:7f:8c:54:10:d7:22:68:a2:b6:7a:2e:ca:1d:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:48:8A:E2:B8:74:F8:4F:FE:5B:F1:EA:2B:04:4C:11:88:F4:26:C7
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RkiK4rh0-E_-W_HqKwRMEYj0Jsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
90:38:d1:f5:c6:12:3b:50:76:f1:df:64:12:ca:c8:91:28:62:
06:b4:02:5f:a5:58:a5:8d:d3:d5:42:cd:2e:50:10:6e:fa:78:
83:71:9f:5a:67:6a:42:e6:d0:6b:06:4d:30:39:75:39:e8:bf:
0d:57:a4:bf:26:92:ef:8b:69:28:0f:0c:91:49:07:e4:b4:78:
cb:11:d9:03:2d:cc:10:da:c0:aa:9f:b9:32:a0:77:68:4b:79:
d4:32:da:b2:22:b0:a8:33:ee:77:e2:6a:91:3f:fa:b1:6e:a0:
2b:ba:81:cd:e4:e2:21:1f:c2:75:5b:8a:7b:b1:9f:fb:3d:72:
e8:07:93:de:4a:a0:2a:ca:66:05:a1:23:96:88:cf:2f:1c:6e:
e7:5c:e9:e2:1d:b1:4f:65:25:7a:86:06:29:69:d7:12:0b:b2:
c7:7d:50:07:85:80:8a:c7:68:8f:ca:65:17:02:df:75:d5:89:
2d:00:1d:82:62:0c:09:ca:44:37:3e:dc:a4:16:18:15:c4:5d:
5e:12:5e:7b:69:41:a0:ed:67:4b:e4:bd:25:08:8c:cd:24:6b:
d6:48:a7:a6:e3:3d:17:63:f0:8c:d6:f3:1c:53:1d:69:a7:d4:
9b:02:bf:d4:1a:f3:04:86:0e:e2:d6:bc:a8:c0:97:80:cb:2f:
ee:e2:c9:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhREeHoiwP9QpuLjIM/I3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQ4OGFlMmI4NzRmODRmZmU1YmYxZWEyYjA0NGMxMTg4ZjQyNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulOKL0/c4IWgdKwqJM/9OxCYYRMk
YP/Ar20vi60AyivtKuKoJAPtR1VmASaZYGllCMwGmW3ijkceiJFErc2v2lDFoEOF
JpLS/OvroztJaiZtheVTaRbkS96XGFpW8rA77YBra9sMFci+ABJX1vc4U1SBLyYe
g/6L/qK79zYncT1sV29cdAfdfN4vskKnvAXuL0hQ3/UcsqAU5Fp8ZDnBE1g43x7i
Le5jrTA8DUiES7Hjg3X0fgnLnWQeXuZlex//qO+id7Q17D39xcYGXpyA0Gs2FqIQ
AWRmtmByQQGdz6tLFpbrxyvK0S3AgYili/2/uH+MVBDXImiitnouyh0BLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEZIiuK4dPhP/lvx6isETBGI9CbHMB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvUmtpSzRyaDAtRV8tV19IcUt3Uk1FWWowSnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQCQONH1xhI7UHbx32QSysiR
KGIGtAJfpViljdPVQs0uUBBu+niDcZ9aZ2pC5tBrBk0wOXU56L8NV6S/JpLvi2ko
DwyRSQfktHjLEdkDLcwQ2sCqn7kyoHdoS3nUMtqyIrCoM+534mqRP/qxbqAruoHN
5OIhH8J1W4p7sZ/7PXLoB5PeSqAqymYFoSOWiM8vHG7nXOniHbFPZSV6hgYpadcS
C7LHfVAHhYCKx2iPymUXAt911YktAB2CYgwJykQ3PtykFhgVxF1eEl57aUGg7WdL
5L0lCIzNJGvWSKem4z0XY/CM1vMcUx1pp9SbAr/UGvMEhg7i1ryowJeAyy/u4slf
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:51:47 2025 by rpki-client