Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/zqHV1s3_ke5VR1xw5hKua-2OaIY.roa
File: zqHV1s3_ke5VR1xw5hKua-2OaIY.roa (raw, json)
Hash identifier: 0keVGUwlHiXeuS1CJF1dPMcb+8zsBp943xc7umCmbts=
Subject key identifier: CE:A1:D5:D6:CD:FF:91:EE:55:47:5C:70:E6:12:AE:6B:ED:8E:68:86
Certificate issuer: /CN=241455f852c6ad4a0412e5ea308aa66172d1d147
Certificate serial: 01941FFA33C666A92EC6FFCF400E8140C631
Authority key identifier: 24:14:55:F8:52:C6:AD:4A:04:12:E5:EA:30:8A:A6:61:72:D1:D1:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/zqHV1s3_ke5VR1xw5hKua-2OaIY.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51569
IP address blocks: 46.20.80.0/20 maxlen: 20
46.20.80.0/24 maxlen: 24
46.20.81.0/24 maxlen: 24
46.20.82.0/24 maxlen: 24
46.20.83.0/24 maxlen: 24
46.20.84.0/24 maxlen: 24
46.20.85.0/24 maxlen: 24
46.20.86.0/24 maxlen: 24
46.20.87.0/24 maxlen: 24
46.20.88.0/24 maxlen: 24
46.20.89.0/24 maxlen: 24
46.20.90.0/24 maxlen: 24
46.20.91.0/24 maxlen: 24
46.20.92.0/24 maxlen: 24
46.20.93.0/24 maxlen: 24
46.20.94.0/24 maxlen: 24
46.20.95.0/24 maxlen: 24
185.159.52.0/22 maxlen: 22
185.159.52.0/24 maxlen: 24
185.159.53.0/24 maxlen: 24
185.159.54.0/24 maxlen: 24
185.159.55.0/24 maxlen: 24
2a05:b580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.mft
rsync://rpki.ripe.net/repository/DEFAULT/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:33:c6:66:a9:2e:c6:ff:cf:40:0e:81:40:c6:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=241455f852c6ad4a0412e5ea308aa66172d1d147
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cea1d5d6cdff91ee55475c70e612ae6bed8e6886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f0:8f:cd:ed:6b:ed:50:e4:14:15:2f:b9:bb:
ca:1f:d2:3e:20:b3:4d:9e:76:1f:4f:70:8b:ff:0c:
36:18:2f:13:e0:e1:ef:d0:92:32:4d:4b:52:54:da:
df:3c:a1:3b:8b:67:c0:ab:d5:5a:23:ae:75:17:cb:
e4:a4:b9:ea:1b:d0:c9:50:ca:e0:ed:93:7b:51:31:
95:04:e9:eb:c2:8a:6d:28:b2:67:cc:ae:47:4c:93:
4f:0f:30:d6:1c:25:2f:95:e7:92:6f:b7:89:72:6c:
a5:91:87:22:e2:b4:63:60:77:24:32:7a:7a:c5:5f:
7b:05:f0:56:7b:2b:1c:f4:eb:e9:c6:8e:a4:64:0e:
99:ea:d8:5b:1b:19:03:8b:5d:5a:1e:92:1c:69:13:
c3:83:05:5e:aa:b0:3d:17:4f:0b:bc:c6:2a:6e:78:
7d:ef:73:7a:a1:38:d9:cc:67:03:2b:6c:01:5f:02:
04:88:ad:58:f2:92:70:a6:cd:69:6d:ec:8d:dc:c6:
ce:a4:aa:0d:55:5c:66:53:3e:da:55:37:7c:a7:42:
18:e1:4b:cc:f0:f4:e5:33:04:5e:3c:25:0e:83:b6:
da:a9:61:43:a7:68:53:19:35:80:e7:f9:8f:1d:d9:
9d:ef:e3:dc:75:31:a8:03:a5:19:a3:dd:4d:e2:a1:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:D5:D6:CD:FF:91:EE:55:47:5C:70:E6:12:AE:6B:ED:8E:68:86
X509v3 Authority Key Identifier:
keyid:24:14:55:F8:52:C6:AD:4A:04:12:E5:EA:30:8A:A6:61:72:D1:D1:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/zqHV1s3_ke5VR1xw5hKua-2OaIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/90add8-f3be-48a8-9e92-3b32c19f6385/1/JBRV-FLGrUoEEuXqMIqmYXLR0Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.80.0/20
185.159.52.0/22
IPv6:
2a05:b580::/29
Signature Algorithm: sha256WithRSAEncryption
1a:78:aa:78:08:8a:2a:cd:e7:94:43:4a:78:79:41:48:fe:62:
ab:ca:6b:aa:70:1c:ad:0a:02:a4:00:c5:5c:4f:55:3a:59:72:
a0:50:a1:a8:b4:eb:40:3e:e0:74:b3:ad:8e:e3:47:02:3d:2d:
b6:db:67:e6:74:a4:42:37:95:49:57:ae:a9:53:7e:1b:56:41:
89:28:a6:52:4b:3b:1a:e2:d3:9a:bb:32:e7:e4:99:4d:54:cf:
7d:1a:c5:32:5c:04:2f:8a:d3:ca:d0:13:0f:f6:40:b9:9f:eb:
17:b3:76:08:19:b8:53:d2:e4:e4:32:1c:59:1e:9c:c8:0d:ec:
6c:fc:ac:8d:23:b4:7f:cf:7a:b8:ea:35:5e:db:a8:3a:42:11:
8a:69:5f:fe:7b:cd:7e:39:52:b8:a1:69:c3:9b:7e:18:c0:da:
b8:26:d4:e6:ad:15:cc:79:73:a8:c1:ea:24:34:01:df:88:7b:
da:b1:0b:7f:51:13:88:07:69:ac:ec:fd:f9:5e:db:0f:32:3a:
d8:1d:22:d1:a5:b3:32:c4:d9:4f:11:e4:75:77:f7:ad:25:68:
62:88:01:78:a1:3c:71:5a:d0:b5:d1:bd:d5:1c:72:ce:cf:92:
d3:be:e2:c0:5a:53:b4:e8:4e:a4:f8:09:59:58:aa:e3:26:d9:
12:44:01:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+jPGZqkuxv/PQA6BQMYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ1NWY4NTJjNmFkNGEwNDEyZTVlYTMwOGFhNjYxNzJk
MWQxNDcwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWExZDVkNmNkZmY5MWVlNTU0NzVjNzBlNjEyYWU2YmVkOGU2ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvCPze1r7VDkFBUvubvKH9I+ILNN
nnYfT3CL/ww2GC8T4OHv0JIyTUtSVNrfPKE7i2fAq9VaI651F8vkpLnqG9DJUMrg
7ZN7UTGVBOnrwoptKLJnzK5HTJNPDzDWHCUvleeSb7eJcmylkYci4rRjYHckMnp6
xV97BfBWeysc9Ovpxo6kZA6Z6thbGxkDi11aHpIcaRPDgwVeqrA9F08LvMYqbnh9
73N6oTjZzGcDK2wBXwIEiK1Y8pJwps1pbeyN3MbOpKoNVVxmUz7aVTd8p0IY4UvM
8PTlMwRePCUOg7baqWFDp2hTGTWA5/mPHdmd7+PcdTGoA6UZo91N4qEdqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM6h1dbN/5HuVUdccOYSrmvtjmiGMB8GA1UdIwQY
MBaAFCQUVfhSxq1KBBLl6jCKpmFy0dFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSVi1GTEdyVW9FRXVYcU1JcW1ZWExSMFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85MGFkZDgtZjNiZS00OGE4LTllOTIt
M2IzMmMxOWY2Mzg1LzEvenFIVjFzM19rZTVWUjF4dzVoS3VhLTJPYUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85MGFkZDgtZjNiZS00OGE4LTllOTItM2IzMmMxOWY2Mzg1
LzEvSkJSVi1GTEdyVW9FRXVYcU1JcW1ZWExSMFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhRQAwQC
uZ80MA0EAgACMAcDBQMqBbWAMA0GCSqGSIb3DQEBCwUAA4IBAQAaeKp4CIoqzeeU
Q0p4eUFI/mKrymuqcBytCgKkAMVcT1U6WXKgUKGotOtAPuB0s62O40cCPS2222fm
dKRCN5VJV66pU34bVkGJKKZSSzsa4tOauzLn5JlNVM99GsUyXAQvitPK0BMP9kC5
n+sXs3YIGbhT0uTkMhxZHpzIDexs/KyNI7R/z3q46jVe26g6QhGKaV/+e81+OVK4
oWnDm34YwNq4JtTmrRXMeXOoweokNAHfiHvasQt/UROIB2ms7P35XtsPMjrYHSLR
pbMyxNlPEeR1d/etJWhiiAF4oTxxWtC10b3VHHLOz5LTvuLAWlO06E6k+AlZWKrj
JtkSRAGU
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:18:57 2025 by rpki-client