Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/MiQ5lO70RTIllrRi3q-oV9hjYQY.roa
File: MiQ5lO70RTIllrRi3q-oV9hjYQY.roa (raw, json)
Hash identifier: bCltxRSzrKGlzGDkjY4BpBmmHNltm/4kHnZFojNlryM=
Subject key identifier: 32:24:39:94:EE:F4:45:32:25:96:B4:62:DE:AF:A8:57:D8:63:61:06
Certificate issuer: /CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Certificate serial: 019425FDC9E5A3441BC1FDDDDB029088BB3F
Authority key identifier: EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/MiQ5lO70RTIllrRi3q-oV9hjYQY.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44558
IP address blocks: 46.106.192.0/24 maxlen: 24
46.106.193.0/24 maxlen: 24
46.106.194.0/24 maxlen: 24
46.106.195.0/24 maxlen: 24
46.106.196.0/24 maxlen: 24
46.106.197.0/24 maxlen: 24
46.106.198.0/24 maxlen: 24
46.106.199.0/24 maxlen: 24
46.106.200.0/24 maxlen: 24
46.106.201.0/24 maxlen: 24
46.106.202.0/24 maxlen: 24
46.106.203.0/24 maxlen: 24
46.106.208.0/24 maxlen: 24
46.106.209.0/24 maxlen: 24
46.106.210.0/24 maxlen: 24
46.106.211.0/24 maxlen: 24
46.106.212.0/24 maxlen: 24
46.106.213.0/24 maxlen: 24
46.106.214.0/24 maxlen: 24
46.106.215.0/24 maxlen: 24
46.106.216.0/24 maxlen: 24
46.106.217.0/24 maxlen: 24
46.106.218.0/24 maxlen: 24
46.106.219.0/24 maxlen: 24
46.106.220.0/24 maxlen: 24
46.106.221.0/24 maxlen: 24
46.106.222.0/24 maxlen: 24
46.106.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/7kOBzgO6piUBmYDzeP5BuytmIbk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/7kOBzgO6piUBmYDzeP5BuytmIbk.mft
rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c9:e5:a3:44:1b:c1:fd:dd:db:02:90:88:bb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32243994eef445322596b462deafa857d8636106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c0:a4:b8:2a:62:ee:4c:23:98:ce:2a:49:5c:
f9:e2:7b:7b:4d:b9:bb:2e:fd:68:b5:0e:4a:02:e4:
17:ba:04:5b:35:fe:bf:79:7f:2e:20:cf:76:3c:7d:
fd:8a:80:7c:97:03:a6:45:db:92:9c:28:71:b3:eb:
4c:91:33:d5:f7:18:4d:b0:f1:60:73:40:25:18:2f:
bf:c9:ef:b4:1b:81:3c:27:34:7f:ba:97:6e:d9:06:
ff:5c:d0:00:8f:0a:14:48:9b:67:61:76:f2:75:a9:
41:e1:82:2b:26:70:66:9c:5d:18:c2:00:3a:c4:ee:
6d:ce:ae:5e:4c:c0:52:27:50:80:c6:5e:36:29:e4:
52:e3:10:66:ae:47:f0:66:15:16:42:96:da:e8:e0:
29:9b:fc:47:30:ae:03:37:84:15:78:29:05:24:d1:
a6:64:33:5d:01:70:7d:11:96:93:82:eb:bd:5c:2f:
10:14:93:4f:53:89:0e:46:72:2c:d9:a4:1e:70:b0:
c3:c8:90:92:41:e2:27:ef:ef:c1:4b:68:30:c3:e8:
9a:0e:f7:b2:ff:c0:52:98:3c:7e:4f:8e:b3:93:0a:
cf:ec:ce:0f:10:04:2b:40:d2:fc:7d:c3:74:80:09:
9d:ac:b4:a8:15:3e:ec:18:64:ed:d2:a7:a5:04:9e:
e2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:24:39:94:EE:F4:45:32:25:96:B4:62:DE:AF:A8:57:D8:63:61:06
X509v3 Authority Key Identifier:
keyid:EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/MiQ5lO70RTIllrRi3q-oV9hjYQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/7kOBzgO6piUBmYDzeP5BuytmIbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.106.192.0-46.106.203.255
46.106.208.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:d4:57:3e:94:65:ce:e5:2c:3c:43:ac:73:52:ef:05:56:8a:
42:cd:f7:18:89:45:0a:64:8d:ca:a9:66:2e:00:b4:fe:2a:77:
70:e0:d2:55:c5:0b:80:33:ca:7b:f6:b5:09:f5:c3:2e:9e:31:
c5:f1:bd:ba:2b:56:77:a4:a8:72:a4:7b:30:a3:26:07:44:db:
18:9b:74:44:25:d1:cb:cc:81:7e:a6:7a:58:c8:11:35:59:0f:
e7:4b:fe:6d:78:c7:7c:3b:1d:4a:6a:01:6c:06:0d:75:0e:81:
b0:31:c6:73:11:6a:b3:37:ff:6e:11:3d:e7:80:76:0d:6f:de:
41:e7:91:42:69:c5:93:d5:79:db:83:57:0b:4a:4f:b1:55:b4:
2f:4d:5e:38:10:d4:9e:c5:ec:d6:0a:c4:80:6b:dc:8b:70:04:
92:3b:94:19:4e:29:8d:2a:01:92:bd:c4:4b:b6:bf:78:d5:f3:
e7:84:be:23:fe:65:b9:c0:90:1b:fa:c3:9c:56:f8:1c:d1:b9:
49:c3:39:46:d4:ff:b9:00:d8:e9:f8:0f:2c:f7:90:8c:42:52:
52:40:2c:1b:95:53:68:70:59:4a:e4:1a:4b:e1:1e:55:94:ae:
fa:82:25:e7:2b:fc:dc:7f:2e:d5:16:ae:a2:2b:f1:a0:bf:2c:
7a:e5:96:20
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/cnlo0Qbwf3d2wKQiLs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNDM4MWNlMDNiYWE2MjUwMTk5ODBmMzc4ZmU0MWJiMmI2
NjIxYjkwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI0Mzk5NGVlZjQ0NTMyMjU5NmI0NjJkZWFmYTg1N2Q4NjM2MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MCkuCpi7kwjmM4qSVz54nt7Tbm7
Lv1otQ5KAuQXugRbNf6/eX8uIM92PH39ioB8lwOmRduSnChxs+tMkTPV9xhNsPFg
c0AlGC+/ye+0G4E8JzR/updu2Qb/XNAAjwoUSJtnYXbydalB4YIrJnBmnF0YwgA6
xO5tzq5eTMBSJ1CAxl42KeRS4xBmrkfwZhUWQpba6OApm/xHMK4DN4QVeCkFJNGm
ZDNdAXB9EZaTguu9XC8QFJNPU4kORnIs2aQecLDDyJCSQeIn7+/BS2gww+iaDvey
/8BSmDx+T46zkwrP7M4PEAQrQNL8fcN0gAmdrLSoFT7sGGTt0qelBJ7iaQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDIkOZTu9EUyJZa0Yt6vqFfYY2EGMB8GA1UdIwQY
MBaAFO5Dgc4DuqYlAZmA83j+QbsrZiG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2tPQnpnTzZwaVVCbVlEemVQNUJ1eXRtSWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWExMmItNTFjNi00MTk1LWFlYjYt
YzFhZGRkN2RlYmFhLzEvTWlRNWxPNzBSVElsbHJSaTNxLW9WOWhqWVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWExMmItNTFjNi00MTk1LWFlYjYtYzFhZGRkN2RlYmFh
LzEvN2tPQnpnTzZwaVVCbVlEemVQNUJ1eXRtSWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAYuasAD
BAIuasgDBAQuatAwDQYJKoZIhvcNAQELBQADggEBAH/UVz6UZc7lLDxDrHNS7wVW
ikLN9xiJRQpkjcqpZi4AtP4qd3Dg0lXFC4Azynv2tQn1wy6eMcXxvborVnekqHKk
ezCjJgdE2xibdEQl0cvMgX6meljIETVZD+dL/m14x3w7HUpqAWwGDXUOgbAxxnMR
arM3/24RPeeAdg1v3kHnkUJpxZPVeduDVwtKT7FVtC9NXjgQ1J7F7NYKxIBr3Itw
BJI7lBlOKY0qAZK9xEu2v3jV8+eEviP+ZbnAkBv6w5xW+BzRuUnDOUbU/7kA2On4
Dyz3kIxCUlJALBuVU2hwWUrkGkvhHlWUrvqCJecr/Nx/LtUWrqIr8aC/LHrlliA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:48:10 2025 by rpki-client