Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/Tuxvba9WYfbnEvHd3kzqapBEZ_Y.roa
File: Tuxvba9WYfbnEvHd3kzqapBEZ_Y.roa (raw, json)
Hash identifier: k++irbF5tx+uarYSpIOQsyD8NQHcKQnnHY3y6c8vNEg=
Subject key identifier: 4E:EC:6F:6D:AF:56:61:F6:E7:12:F1:DD:DE:4C:EA:6A:90:44:67:F6
Certificate issuer: /CN=e1ac0322b3eab6572ece2a0ac5abf164a5bbff20
Certificate serial: 019422FB6FB1FFD4CBA9303D3FB7CD7364C7
Authority key identifier: E1:AC:03:22:B3:EA:B6:57:2E:CE:2A:0A:C5:AB:F1:64:A5:BB:FF:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4awDIrPqtlcuzioKxavxZKW7_yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/Tuxvba9WYfbnEvHd3kzqapBEZ_Y.roa
Signing time: Wed 01 Jan 2025 17:48:10 +0000
ROA not before: Wed 01 Jan 2025 17:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12301
IP address blocks: 46.31.176.0/22 maxlen: 22
46.31.180.0/23 maxlen: 23
46.31.182.0/24 maxlen: 24
77.243.208.0/20 maxlen: 20
185.91.140.0/24 maxlen: 24
185.91.141.0/24 maxlen: 24
185.91.142.0/24 maxlen: 24
185.91.143.0/24 maxlen: 24
2a00:df80::/48 maxlen: 48
2a00:df80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/4awDIrPqtlcuzioKxavxZKW7_yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/4awDIrPqtlcuzioKxavxZKW7_yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4awDIrPqtlcuzioKxavxZKW7_yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6f:b1:ff:d4:cb:a9:30:3d:3f:b7:cd:73:64:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1ac0322b3eab6572ece2a0ac5abf164a5bbff20
Validity
Not Before: Jan 1 17:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eec6f6daf5661f6e712f1ddde4cea6a904467f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:09:2f:2b:d3:fc:e5:8e:04:69:45:41:e6:
5e:75:3f:70:c6:12:a4:16:6f:fd:d7:17:88:5e:0f:
7d:27:19:e4:43:d4:dd:58:07:dc:b0:5e:a7:d8:38:
5c:35:b9:40:f3:02:93:8e:01:68:37:61:60:4f:12:
a1:e3:4c:6f:61:cf:17:04:b7:6a:9d:2b:f5:4f:38:
a9:ee:e9:61:82:52:70:81:7c:b9:2e:91:8e:d2:02:
3b:1b:a2:f6:1e:f2:73:ab:07:a5:3e:a7:c2:9d:89:
5b:ab:d1:70:bd:2d:90:6d:3b:01:0d:c0:50:96:72:
a5:15:af:b1:03:da:61:70:f2:5b:20:1e:2e:e0:3c:
1d:bc:93:9c:07:ef:c3:84:a5:2d:39:f7:00:db:e9:
9a:e1:9d:36:e7:fa:b2:24:c5:e9:9c:90:8e:fb:99:
8e:67:f5:4e:5d:ff:d6:ab:db:5b:aa:07:dd:62:a0:
a0:b4:e9:df:4c:a6:ca:c8:cb:78:11:e6:b4:98:27:
60:61:38:56:2f:9a:16:b1:f9:3a:61:23:64:ab:24:
dc:6c:69:3a:f0:53:4f:37:3b:e4:43:9b:c6:02:0d:
17:34:2a:93:b4:4b:35:e9:5e:dd:c1:89:38:c1:c1:
f2:ab:9f:e7:fd:f6:da:ef:c9:69:f2:6c:fa:1a:86:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EC:6F:6D:AF:56:61:F6:E7:12:F1:DD:DE:4C:EA:6A:90:44:67:F6
X509v3 Authority Key Identifier:
keyid:E1:AC:03:22:B3:EA:B6:57:2E:CE:2A:0A:C5:AB:F1:64:A5:BB:FF:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4awDIrPqtlcuzioKxavxZKW7_yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/Tuxvba9WYfbnEvHd3kzqapBEZ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/4awDIrPqtlcuzioKxavxZKW7_yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.176.0-46.31.182.255
77.243.208.0/20
185.91.140.0/22
IPv6:
2a00:df80::/47
Signature Algorithm: sha256WithRSAEncryption
1c:12:d3:ac:cc:c8:93:fb:64:ee:8e:56:5f:25:53:c4:e2:7b:
30:58:b5:ac:f6:44:62:53:67:89:83:90:44:03:13:ad:ca:d6:
aa:df:15:a8:5f:72:d3:9b:3b:d6:03:cd:ac:96:30:bb:df:8e:
90:71:50:c9:b1:a7:b8:ac:ed:d2:a5:4c:af:21:67:e5:27:ad:
1e:1f:43:93:71:bb:a4:33:d4:c9:24:4d:03:d0:ba:d3:57:7b:
41:0b:83:1e:a2:b3:e5:82:d8:f8:c4:60:72:a3:a0:54:84:d1:
a4:e7:d6:d1:86:11:a6:88:1d:e9:fb:44:67:07:f7:36:90:bc:
7d:60:e3:15:94:6d:60:cc:fc:94:be:56:e0:99:aa:12:1a:0f:
7b:52:22:46:57:6f:56:2b:f3:d2:42:fb:5f:83:a6:38:e2:0f:
a5:ae:9e:f9:ce:e0:5f:92:fb:ac:e6:18:39:3a:01:2e:f5:f5:
1b:df:21:1f:9b:2f:38:1f:6f:df:16:34:8a:63:e7:e8:d6:8c:
1c:7b:9c:1e:be:fd:b6:1f:4e:a4:c5:96:4a:89:8f:87:d7:40:
0e:3d:6a:4e:eb:fb:26:6b:5b:18:f0:7b:f2:ec:eb:3a:12:5d:
09:81:26:f1:36:9b:08:b1:3d:2a:cb:90:ef:a4:a8:cd:fa:2f:
08:e8:ba:54
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQi+2+x/9TLqTA9P7fNc2THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYWMwMzIyYjNlYWI2NTcyZWNlMmEwYWM1YWJmMTY0YTVi
YmZmMjAwHhcNMjUwMTAxMTc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWVjNmY2ZGFmNTY2MWY2ZTcxMmYxZGRkZTRjZWE2YTkwNDQ2N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WsJLyvT/OWOBGlFQeZedT9wxhKk
Fm/91xeIXg99JxnkQ9TdWAfcsF6n2DhcNblA8wKTjgFoN2FgTxKh40xvYc8XBLdq
nSv1Tzip7ulhglJwgXy5LpGO0gI7G6L2HvJzqwelPqfCnYlbq9FwvS2QbTsBDcBQ
lnKlFa+xA9phcPJbIB4u4DwdvJOcB+/DhKUtOfcA2+ma4Z025/qyJMXpnJCO+5mO
Z/VOXf/Wq9tbqgfdYqCgtOnfTKbKyMt4Eea0mCdgYThWL5oWsfk6YSNkqyTcbGk6
8FNPNzvkQ5vGAg0XNCqTtEs16V7dwYk4wcHyq5/n/fba78lp8mz6GoafWwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFE7sb22vVmH25xLx3d5M6mqQRGf2MB8GA1UdIwQY
MBaAFOGsAyKz6rZXLs4qCsWr8WSlu/8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGF3RElyUHF0bGN1emlvS3hhdnhaS1c3X3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZjAwMzYtODMxMy00YjNkLWFkN2Yt
OGQ4MWZkYzZmMTcwLzEvVHV4dmJhOVdZZmJuRXZIZDNrenFhcEJFWl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZjAwMzYtODMxMy00YjNkLWFkN2YtOGQ4MWZkYzZmMTcw
LzEvNGF3RElyUHF0bGN1emlvS3hhdnhaS1c3X3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAQuH7AD
BAAuH7YDBARN89ADBAK5W4wwDwQCAAIwCQMHASoA34AAADANBgkqhkiG9w0BAQsF
AAOCAQEAHBLTrMzIk/tk7o5WXyVTxOJ7MFi1rPZEYlNniYOQRAMTrcrWqt8VqF9y
05s71gPNrJYwu9+OkHFQybGnuKzt0qVMryFn5SetHh9Dk3G7pDPUySRNA9C601d7
QQuDHqKz5YLY+MRgcqOgVITRpOfW0YYRpogd6ftEZwf3NpC8fWDjFZRtYMz8lL5W
4JmqEhoPe1IiRldvVivz0kL7X4OmOOIPpa6e+c7gX5L7rOYYOToBLvX1G98hH5sv
OB9v3xY0imPn6NaMHHucHr79th9OpMWWSomPh9dADj1qTuv7JmtbGPB78uzrOhJd
CYEm8TabCLE9KsuQ76SozfovCOi6VA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:45:52 2025 by rpki-client