Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/uvReHNZu0Zx8p75NQaqJP-qKUVY.roa
File: uvReHNZu0Zx8p75NQaqJP-qKUVY.roa (raw, json)
Hash identifier: KwvRsYUs0tG71ha16eVgbI+g8wMn509oBtGucdJdGuU=
Subject key identifier: BA:F4:5E:1C:D6:6E:D1:9C:7C:A7:BE:4D:41:AA:89:3F:EA:8A:51:56
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 01942825FAF626FB491E7325F214FE05F1F1
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/uvReHNZu0Zx8p75NQaqJP-qKUVY.roa
Signing time: Thu 02 Jan 2025 17:52:45 +0000
ROA not before: Thu 02 Jan 2025 17:52:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216145
IP address blocks: 46.253.2.0/24 maxlen: 24
46.253.6.0/24 maxlen: 24
46.253.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:fa:f6:26:fb:49:1e:73:25:f2:14:fe:05:f1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Jan 2 17:52:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baf45e1cd66ed19c7ca7be4d41aa893fea8a5156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3e:c0:20:5c:b1:b8:70:82:ef:0e:80:77:3e:
f0:fc:43:65:2e:dc:2b:a1:df:e1:77:fd:8b:c8:da:
08:e1:33:ef:83:e9:df:e8:4c:32:94:ab:41:80:67:
cf:43:87:87:b1:eb:e1:40:4e:0e:21:5c:76:78:ca:
98:a8:37:d8:5f:f3:72:e0:a0:07:69:0a:37:87:53:
00:bb:48:5d:7c:fc:34:31:e2:39:4e:1b:83:b4:6a:
40:10:55:0c:dc:d0:70:13:4c:3d:92:1b:52:93:65:
54:4e:08:98:e7:3f:3f:21:89:1c:7e:2f:8e:2e:4e:
ab:6a:59:12:d3:56:34:97:b4:1c:6b:96:8e:51:1d:
8e:ee:5f:67:a8:9f:2d:a0:52:f9:33:04:05:16:0a:
82:b8:ce:ed:c7:7a:3d:0c:0c:7f:8a:0b:f0:57:51:
e6:d4:75:ef:54:af:35:b7:d2:61:68:04:8d:a4:18:
d8:25:8f:8d:fd:74:ba:79:7c:43:43:7d:3c:4b:95:
f3:5c:33:b2:17:fd:50:9a:50:4d:4d:82:4e:97:52:
3a:49:2a:2f:6b:ed:49:5b:41:eb:d7:7e:b6:fa:80:
48:01:4d:27:a6:bf:c3:ff:aa:0e:e3:93:b2:e9:a4:
8b:21:1e:15:b2:76:58:a1:3e:ff:13:32:07:e7:23:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F4:5E:1C:D6:6E:D1:9C:7C:A7:BE:4D:41:AA:89:3F:EA:8A:51:56
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/uvReHNZu0Zx8p75NQaqJP-qKUVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.2.0/24
46.253.6.0/23
Signature Algorithm: sha256WithRSAEncryption
83:f2:5d:a4:90:4e:df:60:be:92:07:eb:b6:d8:a1:83:fe:81:
04:e4:70:5e:75:a9:85:5c:97:2d:62:a8:04:57:e3:cd:5b:93:
3c:fc:31:73:d5:61:c8:83:83:ca:e8:0e:b5:70:b5:5f:22:cd:
52:e9:56:ed:8c:99:aa:28:d6:7e:34:66:92:09:c8:c8:5e:a8:
40:6a:82:10:f9:bd:db:1f:3b:48:47:a3:4a:be:3d:6c:f2:fc:
ad:a6:3f:9e:c2:32:74:8b:0b:3a:d4:41:89:cd:d5:62:16:95:
4e:6d:af:a8:f0:6a:63:9a:ed:e6:30:42:63:c9:f1:a5:e6:61:
26:41:c8:f1:6e:fa:2d:e4:12:ae:bc:e5:20:2d:97:9d:9a:01:
38:de:01:2b:fa:2e:a8:4c:3e:b5:da:1c:17:57:5e:f4:35:2f:
3b:aa:f5:fd:bf:d4:2e:9b:62:2a:09:3d:83:6b:d9:ab:8a:67:
b3:e8:81:bb:c2:16:20:70:e2:a2:ff:53:2a:d6:d0:84:c5:f7:
9f:6b:4f:e0:e5:0e:76:fc:77:53:5d:98:45:81:fd:f0:08:b5:
a2:2d:db:10:01:33:a1:fa:a7:d9:9f:ec:9a:b2:76:68:9e:65:
6c:7c:76:32:e4:f8:0e:51:12:02:96:99:fa:87:36:24:fd:bd:
c7:04:b9:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJfr2JvtJHnMl8hT+BfHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjUwMTAyMTc1MjQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY0NWUxY2Q2NmVkMTljN2NhN2JlNGQ0MWFhODkzZmVhOGE1MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD7AIFyxuHCC7w6Adz7w/ENlLtwr
od/hd/2LyNoI4TPvg+nf6EwylKtBgGfPQ4eHsevhQE4OIVx2eMqYqDfYX/Ny4KAH
aQo3h1MAu0hdfPw0MeI5ThuDtGpAEFUM3NBwE0w9khtSk2VUTgiY5z8/IYkcfi+O
Lk6ralkS01Y0l7Qca5aOUR2O7l9nqJ8toFL5MwQFFgqCuM7tx3o9DAx/igvwV1Hm
1HXvVK81t9JhaASNpBjYJY+N/XS6eXxDQ308S5XzXDOyF/1QmlBNTYJOl1I6SSov
a+1JW0Hr1362+oBIAU0npr/D/6oO45Oy6aSLIR4VsnZYoT7/EzIH5yPf9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLr0XhzWbtGcfKe+TUGqiT/qilFWMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvdXZSZUhOWnUwWng4cDc1TlFhcUpQLXFLVVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALv0CAwQB
Lv0GMA0GCSqGSIb3DQEBCwUAA4IBAQCD8l2kkE7fYL6SB+u22KGD/oEE5HBedamF
XJctYqgEV+PNW5M8/DFz1WHIg4PK6A61cLVfIs1S6VbtjJmqKNZ+NGaSCcjIXqhA
aoIQ+b3bHztIR6NKvj1s8vytpj+ewjJ0iws61EGJzdViFpVOba+o8Gpjmu3mMEJj
yfGl5mEmQcjxbvot5BKuvOUgLZedmgE43gEr+i6oTD612hwXV170NS87qvX9v9Qu
m2IqCT2Da9mrimez6IG7whYgcOKi/1Mq1tCExfefa0/g5Q52/HdTXZhFgf3wCLWi
LdsQATOh+qfZn+yasnZonmVsfHYy5PgOURIClpn6hzYk/b3HBLn8
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:50:46 2025 by rpki-client