Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/onHMu3bAahxq_cU4SfKfk6E_UV4.roa
File: onHMu3bAahxq_cU4SfKfk6E_UV4.roa (raw, json)
Hash identifier: iPBBLCVey8nRw59EFOtKkUkXyLv07ioTCFN/ZWTNZaI=
Subject key identifier: A2:71:CC:BB:76:C0:6A:1C:6A:FD:C5:38:49:F2:9F:93:A1:3F:51:5E
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 0196E777CD7CE9660B81523084FAC32D933D
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/onHMu3bAahxq_cU4SfKfk6E_UV4.roa
Signing time: Mon 19 May 2025 07:35:10 +0000
ROA not before: Mon 19 May 2025 07:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43541
IP address blocks: 46.243.48.0/24 maxlen: 24
46.243.49.0/24 maxlen: 24
46.243.50.0/24 maxlen: 24
46.243.55.0/24 maxlen: 24
78.24.8.0/21 maxlen: 21
93.185.96.0/20 maxlen: 20
178.251.184.0/21 maxlen: 21
185.14.252.0/22 maxlen: 22
185.59.208.0/22 maxlen: 22
185.64.216.0/22 maxlen: 22
185.115.1.0/24 maxlen: 24
185.115.2.0/24 maxlen: 24
217.16.176.0/20 maxlen: 20
2a00:1ed0::/32 maxlen: 32
2a00:1ed1::/32 maxlen: 32
2a00:1ed2::/32 maxlen: 32
2a02:5420:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:77:cd:7c:e9:66:0b:81:52:30:84:fa:c3:2d:93:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: May 19 07:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a271ccbb76c06a1c6afdc53849f29f93a13f515e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:75:82:c4:1d:77:82:88:07:20:e4:5c:6b:
5c:40:40:02:42:b7:67:75:ed:a6:6d:24:6a:fa:02:
18:4b:7a:a4:ac:d2:65:63:ad:46:7f:32:92:a6:26:
38:98:a5:6d:a4:7a:88:77:1a:5d:f6:3c:a3:bd:d8:
7b:fa:a5:d6:7e:d1:3a:3a:b7:d3:5b:d8:85:a4:54:
48:45:84:80:ed:40:0b:1c:32:8f:0b:e0:c0:1a:6e:
49:d8:4e:c1:94:4c:72:a6:e9:ae:d7:f9:02:45:03:
1e:e7:22:7a:22:02:21:c7:61:bb:3f:19:a7:ed:1d:
18:be:df:7e:17:a3:27:b8:4e:38:91:d8:6a:5f:fd:
7c:7b:d8:6c:87:54:5a:e8:fa:b0:db:49:e1:a4:e8:
09:8b:93:d7:6f:89:49:14:52:e6:b7:29:0b:a6:17:
b9:3d:6b:19:3a:11:d2:18:ba:2d:c8:dd:d8:8c:b5:
a0:1d:1b:33:d7:92:13:06:6e:74:9d:c8:a8:12:e7:
9a:67:98:c5:b6:30:58:3e:11:f0:64:73:54:c3:5b:
0b:02:66:7a:92:f2:d0:d6:5b:d8:b7:c9:c5:e2:86:
a5:ea:26:a5:fd:a7:ed:6a:87:0e:44:ac:3c:51:05:
32:0a:5b:64:c2:b1:c5:76:8b:c6:70:de:c9:0e:d1:
50:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:71:CC:BB:76:C0:6A:1C:6A:FD:C5:38:49:F2:9F:93:A1:3F:51:5E
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/onHMu3bAahxq_cU4SfKfk6E_UV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.48.0-46.243.50.255
46.243.55.0/24
78.24.8.0/21
93.185.96.0/20
178.251.184.0/21
185.14.252.0/22
185.59.208.0/22
185.64.216.0/22
185.115.1.0-185.115.2.255
217.16.176.0/20
IPv6:
2a00:1ed0::-2a00:1ed2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:5420:11::/48
Signature Algorithm: sha256WithRSAEncryption
2b:46:1a:74:98:a9:14:48:a0:48:84:b5:2b:0a:6a:94:84:6b:
1a:35:b1:bd:74:89:de:6f:19:d5:ee:c6:1e:77:ff:78:2b:61:
03:55:41:91:6d:5b:95:90:dd:cf:a3:12:ed:81:84:44:33:6c:
20:25:e9:29:2c:b8:00:d7:1b:d3:d6:ca:63:41:63:0c:72:8f:
45:b3:3a:56:0e:fc:fa:67:64:4b:f9:f6:e1:9c:bc:56:cd:d9:
87:c2:2c:d0:4a:17:08:d5:c8:ca:81:f4:d8:2a:8b:4e:89:3b:
85:d1:67:9b:e2:12:b7:20:96:00:35:77:c5:7a:e8:0f:d3:09:
cd:76:61:c8:f1:8e:d7:fa:7c:ec:7b:c7:08:60:7a:aa:16:cf:
8b:b8:bb:18:3f:e5:fa:30:00:49:f1:de:72:82:0f:fa:78:dc:
7b:ca:b1:e0:d3:9e:66:5c:dd:f1:98:c9:0b:49:8c:bb:a7:15:
54:d4:fa:6b:3a:41:99:b0:92:26:4e:51:8e:e5:f9:ac:b9:4c:
a1:46:0f:b6:ff:db:ea:d2:1e:94:88:c6:24:a7:a8:05:e2:36:
d6:34:6b:e2:35:76:6e:21:5b:76:95:bb:f8:29:ad:c8:ce:0b:
2c:86:ed:3d:fd:77:e5:65:c2:63:32:89:ab:48:a9:6a:10:af:
90:88:c9:39
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZbnd8186WYLgVIwhPrDLZM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjUwNTE5MDczNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjcxY2NiYjc2YzA2YTFjNmFmZGM1Mzg0OWYyOWY5M2ExM2Y1MTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzl1gsQdd4KIByDkXGtcQEACQrdn
de2mbSRq+gIYS3qkrNJlY61GfzKSpiY4mKVtpHqIdxpd9jyjvdh7+qXWftE6OrfT
W9iFpFRIRYSA7UALHDKPC+DAGm5J2E7BlExypumu1/kCRQMe5yJ6IgIhx2G7Pxmn
7R0Yvt9+F6MnuE44kdhqX/18e9hsh1Ra6Pqw20nhpOgJi5PXb4lJFFLmtykLphe5
PWsZOhHSGLotyN3YjLWgHRsz15ITBm50ncioEueaZ5jFtjBYPhHwZHNUw1sLAmZ6
kvLQ1lvYt8nF4oal6ial/aftaocORKw8UQUyCltkwrHFdovGcN7JDtFQ1wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFKJxzLt2wGocav3FOEnyn5OhP1FeMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvb25ITXUzYkFhaHhxX2NVNFNmS2ZrNkVfVVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwUgQCAAEwTDAMAwQELvMw
AwQALvMyAwQALvM3AwQDThgIAwQEXblgAwQDsvu4AwQCuQ78AwQCuTvQAwQCuUDY
MAwDBAC5cwEDBAC5cwIDBATZELAwHwQCAAIwGTAOAwUEKgAe0AMFACoAHtIDBwAq
AlQgABEwDQYJKoZIhvcNAQELBQADggEBACtGGnSYqRRIoEiEtSsKapSEaxo1sb10
id5vGdXuxh53/3grYQNVQZFtW5WQ3c+jEu2BhEQzbCAl6SksuADXG9PWymNBYwxy
j0WzOlYO/PpnZEv59uGcvFbN2YfCLNBKFwjVyMqB9Ngqi06JO4XRZ5viErcglgA1
d8V66A/TCc12Ycjxjtf6fOx7xwhgeqoWz4u4uxg/5fowAEnx3nKCD/p43HvKseDT
nmZc3fGYyQtJjLunFVTU+ms6QZmwkiZOUY7l+ay5TKFGD7b/2+rSHpSIxiSnqAXi
NtY0a+I1dm4hW3aVu/gprcjOCyyG7T39d+VlwmMyiatIqWoQr5CIyTk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:39:23 2025 by rpki-client