Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/xfu021S1jJtouexa28jA9KZojkw.roa
File: xfu021S1jJtouexa28jA9KZojkw.roa (raw, json)
Hash identifier: ydYZd2IQ/M2DMWZopd0Btk/t60vr6MsiYiLHbkf4rwI=
Subject key identifier: C5:FB:B4:DB:54:B5:8C:9B:68:B9:EC:5A:DB:C8:C0:F4:A6:68:8E:4C
Certificate issuer: /CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Certificate serial: 01946B9EA4CD30429FFEE6B70E0EC35532C9
Authority key identifier: CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/xfu021S1jJtouexa28jA9KZojkw.roa
Signing time: Wed 15 Jan 2025 20:19:06 +0000
ROA not before: Wed 15 Jan 2025 20:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216417
IP address blocks: 46.29.32.0/24 maxlen: 24
2a04:5040:6001::/48 maxlen: 48
2a04:5040:6002::/48 maxlen: 48
2a04:5040:6003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:9e:a4:cd:30:42:9f:fe:e6:b7:0e:0e:c3:55:32:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Validity
Not Before: Jan 15 20:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5fbb4db54b58c9b68b9ec5adbc8c0f4a6688e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:dd:64:86:2f:c0:9e:81:35:40:19:ab:36:
5b:a8:50:fa:0a:0d:ae:b8:d7:95:a6:9c:14:66:6f:
25:b0:5a:eb:b3:c8:62:67:bd:34:44:1b:a3:63:d0:
3e:d5:02:b2:fd:02:16:e9:25:fb:18:00:81:60:cf:
56:25:43:95:e3:08:07:e2:c5:6f:d0:79:a3:2e:a3:
4a:a1:37:80:d9:3e:3f:5c:1d:0f:56:3d:2c:6b:84:
84:55:65:87:12:e1:63:59:3c:8e:e8:0b:eb:8b:11:
a5:58:4c:48:88:41:db:30:9a:9d:75:18:56:70:3d:
23:d0:17:b6:83:ed:f7:53:63:32:7d:c6:8e:1e:ae:
4c:08:77:05:a6:a8:ce:51:6a:7e:7d:0a:30:a5:20:
c9:d5:39:b1:1b:1d:cb:ea:d9:47:3f:48:fc:41:49:
4b:6e:04:f8:5e:70:23:a9:b1:a7:56:db:e2:08:10:
5b:33:fa:6b:97:e3:b4:25:ff:de:cd:1b:d3:0e:49:
30:79:7f:f1:fd:27:7f:eb:e3:f0:dd:e8:6a:9c:67:
69:0f:b4:c3:ef:e0:3e:10:e2:72:1d:49:24:65:85:
f3:dd:46:75:6d:ad:cb:da:32:e2:55:cc:9d:98:4b:
e2:2a:48:16:20:1f:a5:75:9d:ab:4f:11:f1:75:da:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FB:B4:DB:54:B5:8C:9B:68:B9:EC:5A:DB:C8:C0:F4:A6:68:8E:4C
X509v3 Authority Key Identifier:
keyid:CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/xfu021S1jJtouexa28jA9KZojkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.32.0/24
IPv6:
2a04:5040:6001::-2a04:5040:6003:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:9f:37:94:a9:19:b9:b4:9d:a9:a6:a5:c8:da:5b:d7:98:ba:
c2:3e:e8:e3:e3:8a:c8:b4:45:72:3f:0d:ae:d7:e2:aa:a1:b6:
cb:e6:c3:c4:e4:a7:c3:44:26:19:7c:cc:2b:57:39:41:8f:8f:
6a:a6:63:52:10:26:ec:39:c6:4f:fa:aa:16:c7:5d:a5:6e:04:
0d:23:d6:b3:ca:01:0b:d6:48:6b:ba:69:22:45:9a:7e:a9:c1:
32:0f:99:d5:bd:da:5c:4e:7f:b3:1b:00:0d:54:f9:8a:9d:2a:
8f:5c:a6:bd:92:9b:63:0c:cd:9f:cb:7d:82:f7:cf:e9:49:d3:
7a:31:ca:5c:23:aa:7f:ed:dc:a8:90:e7:48:f3:dc:c6:a4:b7:
9b:fe:29:33:d7:a7:64:5b:a9:ce:26:58:83:31:ec:11:4f:15:
32:1c:5d:33:7f:81:2f:eb:85:77:42:1f:20:5a:d8:bf:54:7d:
81:e5:27:fa:6d:9a:7d:8b:3f:74:64:10:4d:d1:f7:b9:04:a8:
a6:f1:63:02:20:85:57:9e:19:e6:24:44:8a:b3:60:9c:52:2a:
55:8e:fa:64:c7:f5:a8:9c:f1:ee:a3:b7:09:c8:20:23:06:9a:
fa:b8:94:fa:3e:6a:56:4e:36:10:c9:18:43:2f:8e:ad:ec:e3:
0b:28:74:9e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZRrnqTNMEKf/ua3Dg7DVTLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0OGFiZjE3M2QyNzc0Yzg5NDIwMDhjYWRmNmQ2MDEy
YTNkNTIwHhcNMjUwMTE1MjAxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZiYjRkYjU0YjU4YzliNjhiOWVjNWFkYmM4YzBmNGE2Njg4ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmvdZIYvwJ6BNUAZqzZbqFD6Cg2u
uNeVppwUZm8lsFrrs8hiZ700RBujY9A+1QKy/QIW6SX7GACBYM9WJUOV4wgH4sVv
0HmjLqNKoTeA2T4/XB0PVj0sa4SEVWWHEuFjWTyO6AvrixGlWExIiEHbMJqddRhW
cD0j0Be2g+33U2MyfcaOHq5MCHcFpqjOUWp+fQowpSDJ1TmxGx3L6tlHP0j8QUlL
bgT4XnAjqbGnVtviCBBbM/prl+O0Jf/ezRvTDkkweX/x/Sd/6+Pw3ehqnGdpD7TD
7+A+EOJyHUkkZYXz3UZ1ba3L2jLiVcydmEviKkgWIB+ldZ2rTxHxddonSwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMX7tNtUtYybaLnsWtvIwPSmaI5MMB8GA1UdIwQY
MBaAFMozSKvxc9J3TIlCAIyt9tYBKj1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYt
MmFjYjlkMTdjMTFjLzEveGZ1MDIxUzFqSnRvdWV4YTI4akE5S1pvamt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYtMmFjYjlkMTdjMTFj
LzEveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALh0gMBoE
AgACMBQwEgMHACoEUEBgAQMHAioEUEBgADANBgkqhkiG9w0BAQsFAAOCAQEAEZ83
lKkZubSdqaalyNpb15i6wj7o4+OKyLRFcj8NrtfiqqG2y+bDxOSnw0QmGXzMK1c5
QY+PaqZjUhAm7DnGT/qqFsddpW4EDSPWs8oBC9ZIa7ppIkWafqnBMg+Z1b3aXE5/
sxsADVT5ip0qj1ymvZKbYwzNn8t9gvfP6UnTejHKXCOqf+3cqJDnSPPcxqS3m/4p
M9enZFupziZYgzHsEU8VMhxdM3+BL+uFd0IfIFrYv1R9geUn+m2afYs/dGQQTdH3
uQSopvFjAiCFV54Z5iREirNgnFIqVY76ZMf1qJzx7qO3CcggIwaa+riU+j5qVk42
EMkYQy+OrezjCyh0ng==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:48 2025 by rpki-client