Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/sxJKQqy--ePZJKy-z6ZXKspnoCU.roa
File: sxJKQqy--ePZJKy-z6ZXKspnoCU.roa (raw, json)
Hash identifier: viGZT8F9x3/CHDhQJKfJwFzfO7LR9KesSjHrb2YKNNs=
Subject key identifier: B3:12:4A:42:AC:BE:F9:E3:D9:24:AC:BE:CF:A6:57:2A:CA:67:A0:25
Certificate issuer: /CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Certificate serial: 0195B8C28180EB3101BED2D19EF7A3F4D568
Authority key identifier: 55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/sxJKQqy--ePZJKy-z6ZXKspnoCU.roa
Signing time: Fri 21 Mar 2025 12:51:49 +0000
ROA not before: Fri 21 Mar 2025 12:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49318
IP address blocks: 46.28.248.0/21 maxlen: 21
46.28.248.0/23 maxlen: 23
46.28.248.0/24 maxlen: 24
46.28.249.0/24 maxlen: 24
46.28.250.0/23 maxlen: 23
46.28.250.0/24 maxlen: 24
46.28.251.0/24 maxlen: 24
46.28.252.0/23 maxlen: 23
46.28.252.0/24 maxlen: 24
46.28.253.0/24 maxlen: 24
46.28.254.0/23 maxlen: 23
46.28.254.0/24 maxlen: 24
46.28.255.0/24 maxlen: 24
188.93.176.0/21 maxlen: 21
188.93.176.0/23 maxlen: 23
188.93.176.0/24 maxlen: 24
188.93.177.0/24 maxlen: 24
188.93.178.0/23 maxlen: 23
188.93.178.0/24 maxlen: 24
188.93.179.0/24 maxlen: 24
188.93.180.0/23 maxlen: 23
188.93.180.0/24 maxlen: 24
188.93.181.0/24 maxlen: 24
188.93.182.0/23 maxlen: 23
188.93.182.0/24 maxlen: 24
188.93.183.0/24 maxlen: 24
194.110.124.0/23 maxlen: 23
194.110.124.0/24 maxlen: 24
194.110.125.0/24 maxlen: 24
194.110.130.0/23 maxlen: 23
194.110.130.0/24 maxlen: 24
194.110.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:c2:81:80:eb:31:01:be:d2:d1:9e:f7:a3:f4:d5:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Validity
Not Before: Mar 21 12:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3124a42acbef9e3d924acbecfa6572aca67a025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8f:d1:4b:01:06:f7:83:3f:7e:e1:c8:67:cf:
4c:3f:1b:62:12:3f:20:27:98:d6:84:fe:82:c9:ff:
55:2d:8c:47:7a:b1:15:48:4f:7b:20:44:be:20:2b:
2d:17:4e:fc:67:6b:39:a8:cb:9d:0b:41:c0:80:6a:
df:07:82:21:a8:e2:67:0a:26:e6:82:7a:81:62:f0:
52:74:91:40:d7:c0:19:b0:d4:fe:30:b1:61:e6:29:
52:a8:67:2f:df:34:61:75:7d:9a:9d:fd:4e:4a:1a:
40:bf:1f:a4:b3:04:ab:c7:80:dd:12:3d:9a:41:f9:
e1:5c:22:15:40:11:43:9e:5b:70:06:51:a6:55:a9:
6b:4d:3b:12:19:ee:5b:a4:18:ea:5e:95:f5:91:5f:
ba:bb:7a:20:5f:40:5b:44:81:ca:07:d7:f5:8b:b1:
f2:19:a4:19:89:95:68:2e:01:7e:62:f8:bc:1a:9c:
53:22:d4:2e:f5:de:ca:9b:a9:b3:78:83:f3:ae:48:
b9:49:49:a7:b6:aa:47:e8:78:10:5c:3b:f0:76:a9:
11:74:bf:6c:e0:7d:a0:cd:e9:9e:6b:15:ab:84:d1:
db:e0:91:c1:ec:26:88:1f:03:7a:11:9b:c6:10:e8:
dc:e5:ea:c4:d1:0b:f5:61:ae:0b:56:e3:78:14:ef:
96:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:12:4A:42:AC:BE:F9:E3:D9:24:AC:BE:CF:A6:57:2A:CA:67:A0:25
X509v3 Authority Key Identifier:
keyid:55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/sxJKQqy--ePZJKy-z6ZXKspnoCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.248.0/21
188.93.176.0/21
194.110.124.0/23
194.110.130.0/23
Signature Algorithm: sha256WithRSAEncryption
31:78:80:b2:c3:be:16:a6:9c:e1:92:eb:87:73:f7:62:e6:2b:
64:a0:01:5f:10:14:3e:41:01:a7:d5:b1:f9:77:c2:d4:60:82:
e5:b3:0d:40:38:f0:73:25:2a:21:c4:02:88:1d:e8:4b:a8:75:
b5:3f:2c:5e:4b:95:a6:19:88:55:25:26:fb:85:55:86:6c:f4:
63:9a:2d:3a:80:9d:ba:77:4f:49:82:63:0f:96:78:38:51:df:
cb:63:1d:a2:c7:e5:cf:32:de:db:d2:59:5a:98:73:e5:02:4b:
13:ae:29:32:5a:9f:fc:8b:ed:ea:43:0c:9b:fe:cb:74:9b:03:
29:87:d7:f2:f4:7d:3e:f1:2c:1a:b3:8a:99:aa:d5:be:77:c0:
59:58:4a:d7:92:14:5c:d9:c6:d3:10:c5:dc:6d:0d:8b:c2:7e:
82:57:9b:0b:a7:1b:30:7b:67:a2:1c:2a:a9:e9:dd:ef:59:7e:
57:b0:be:46:22:91:7c:6f:d7:b6:60:5c:b6:a8:37:34:98:36:
5f:fa:fc:07:ee:82:25:c0:a0:5a:aa:49:b7:19:ca:73:37:16:
1f:0f:25:df:1f:ef:91:b0:f0:a8:24:ce:cb:af:84:09:ac:ab:
16:15:1f:be:a9:83:1c:66:9a:3c:c7:21:9f:75:b6:5d:fa:a4:
3b:04:a6:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZW4woGA6zEBvtLRnvej9NVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2NhN2IyZTZjMWUxN2Y1ZjNlZGJlMzc1ZTE5ZWNlMzk1
MzM5MTAwHhcNMjUwMzIxMTI1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEyNGE0MmFjYmVmOWUzZDkyNGFjYmVjZmE2NTcyYWNhNjdhMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY/RSwEG94M/fuHIZ89MPxtiEj8g
J5jWhP6Cyf9VLYxHerEVSE97IES+ICstF078Z2s5qMudC0HAgGrfB4IhqOJnCibm
gnqBYvBSdJFA18AZsNT+MLFh5ilSqGcv3zRhdX2anf1OShpAvx+kswSrx4DdEj2a
QfnhXCIVQBFDnltwBlGmValrTTsSGe5bpBjqXpX1kV+6u3ogX0BbRIHKB9f1i7Hy
GaQZiZVoLgF+Yvi8GpxTItQu9d7Km6mzeIPzrki5SUmntqpH6HgQXDvwdqkRdL9s
4H2gzemeaxWrhNHb4JHB7CaIHwN6EZvGEOjc5erE0Qv1Ya4LVuN4FO+W8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLMSSkKsvvnj2SSsvs+mVyrKZ6AlMB8GA1UdIwQY
MBaAFFU8p7LmweF/Xz7b43Xhns45UzkQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMt
MTUzZTkxODJhZjQxLzEvc3hKS1FxeS0tZVBaSkt5LXo2WlhLc3Bub0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMtMTUzZTkxODJhZjQx
LzEvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhz4AwQD
vF2wAwQBwm58AwQBwm6CMA0GCSqGSIb3DQEBCwUAA4IBAQAxeICyw74WppzhkuuH
c/di5itkoAFfEBQ+QQGn1bH5d8LUYILlsw1AOPBzJSohxAKIHehLqHW1PyxeS5Wm
GYhVJSb7hVWGbPRjmi06gJ26d09JgmMPlng4Ud/LYx2ix+XPMt7b0llamHPlAksT
rikyWp/8i+3qQwyb/st0mwMph9fy9H0+8Swas4qZqtW+d8BZWErXkhRc2cbTEMXc
bQ2Lwn6CV5sLpxswe2eiHCqp6d3vWX5XsL5GIpF8b9e2YFy2qDc0mDZf+vwH7oIl
wKBaqkm3GcpzNxYfDyXfH++RsPCoJM7Lr4QJrKsWFR++qYMcZpo8xyGfdbZd+qQ7
BKb5
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:24:41 2025 by rpki-client