Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/DVEsULbgc1uy6V52nNRIcIhepiA.roa
File: DVEsULbgc1uy6V52nNRIcIhepiA.roa (raw, json)
Hash identifier: XNV6aUJyGeh2Aa9mxZ1t5TwCl8DNIg+I/K5KbgR9/Ys=
Subject key identifier: 0D:51:2C:50:B6:E0:73:5B:B2:E9:5E:76:9C:D4:48:70:88:5E:A6:20
Certificate issuer: /CN=93cf4e7927e104964e4c96f441649ce34174ce3a
Certificate serial: 019426D9474DF5596EF057BB5A7EA4235DDA
Authority key identifier: 93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k89OeSfhBJZOTJb0QWSc40F0zjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/DVEsULbgc1uy6V52nNRIcIhepiA.roa
Signing time: Thu 02 Jan 2025 11:49:21 +0000
ROA not before: Thu 02 Jan 2025 11:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56349
IP address blocks: 46.227.176.0/21 maxlen: 24
46.227.176.0/22 maxlen: 24
46.227.180.0/22 maxlen: 24
2a02:6380::/32 maxlen: 48
2a02:6380::/33 maxlen: 48
2a02:6380:8000::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.mft
rsync://rpki.ripe.net/repository/DEFAULT/k89OeSfhBJZOTJb0QWSc40F0zjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:47:4d:f5:59:6e:f0:57:bb:5a:7e:a4:23:5d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93cf4e7927e104964e4c96f441649ce34174ce3a
Validity
Not Before: Jan 2 11:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d512c50b6e0735bb2e95e769cd44870885ea620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0c:1b:91:7e:66:29:e7:ee:1e:be:dc:58:c5:
22:9d:6c:dd:6f:47:41:7a:73:97:f4:fd:4e:3e:80:
25:10:95:2e:9c:2a:bf:33:67:ae:61:63:a6:fc:f6:
aa:a3:66:df:6c:66:58:70:3f:3f:0b:19:fa:cd:2f:
ef:f0:42:32:28:fb:d5:d7:18:17:64:29:cf:27:57:
7e:42:89:7f:84:f3:bc:d3:a0:32:51:ad:bd:2f:2e:
b7:aa:ea:1a:80:0d:78:18:05:da:38:60:ee:ee:ca:
bf:88:a4:f0:1a:e5:e1:35:5c:b2:c5:64:73:35:a8:
39:09:2c:6c:89:2f:e3:44:94:37:39:c4:bb:24:a3:
72:bd:74:84:18:8a:41:17:66:ba:10:8c:05:83:87:
f1:db:93:6e:4b:a3:da:7a:27:cd:9f:a5:90:10:9c:
a8:d4:eb:f5:b7:0f:d0:6c:45:67:4c:09:e7:ce:20:
87:dc:5e:fa:ce:d1:17:95:71:f5:58:2b:73:0e:27:
8d:92:61:00:c5:37:b8:97:4a:78:61:9f:71:30:f2:
3a:35:18:3d:49:d2:49:3a:57:f7:f5:d7:e4:1b:9b:
f1:a3:9d:03:da:c8:24:ff:fc:21:01:2a:e1:fd:b0:
39:5d:c7:9f:8d:af:a9:7e:66:15:68:75:98:8e:07:
e6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:51:2C:50:B6:E0:73:5B:B2:E9:5E:76:9C:D4:48:70:88:5E:A6:20
X509v3 Authority Key Identifier:
keyid:93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k89OeSfhBJZOTJb0QWSc40F0zjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/DVEsULbgc1uy6V52nNRIcIhepiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.176.0/21
IPv6:
2a02:6380::/32
Signature Algorithm: sha256WithRSAEncryption
7b:08:a2:7d:67:99:a4:77:fc:28:03:4a:32:bf:78:51:d7:a9:
47:bc:1a:e7:53:40:72:92:af:c5:12:d9:de:cf:f9:c7:f9:50:
4e:2a:87:51:ab:b6:10:bc:a5:f4:75:aa:22:72:4a:3c:be:49:
b4:39:a4:bc:ca:af:25:46:ef:e8:32:c4:3f:90:93:75:13:2f:
3e:38:0b:ca:2b:93:22:07:b2:95:83:24:b5:9d:36:75:05:dc:
9d:b7:50:f4:2a:cb:e0:c8:06:b3:38:18:b7:e4:04:58:0d:ea:
1e:75:47:ab:f3:89:05:52:72:6d:90:46:96:bd:1c:77:5d:c9:
05:a3:e9:1e:75:97:7f:c2:3b:54:b2:0c:19:2f:cc:93:90:d8:
45:59:60:f0:a5:b1:25:61:4a:fc:65:49:4d:45:5b:c8:5c:b5:
d0:13:cb:e1:74:87:dd:bf:fc:f7:7c:b8:c5:d4:92:ba:00:ab:
29:5b:c0:87:fd:df:d4:1f:ea:49:e1:7a:58:c4:d1:e9:7a:02:
3b:5b:4e:51:af:b5:df:8f:d5:bd:bc:0a:54:70:c9:8f:ff:0d:
97:38:51:77:bd:2d:15:c5:ad:8e:10:a8:74:13:18:bc:ab:84:
d3:d2:fc:3f:c2:c0:81:03:cd:52:19:28:24:a2:39:c4:53:db:
69:31:73:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2UdN9Vlu8Fe7Wn6kI13aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzY2Y0ZTc5MjdlMTA0OTY0ZTRjOTZmNDQxNjQ5Y2UzNDE3
NGNlM2EwHhcNMjUwMTAyMTE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDUxMmM1MGI2ZTA3MzViYjJlOTVlNzY5Y2Q0NDg3MDg4NWVhNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QwbkX5mKefuHr7cWMUinWzdb0dB
enOX9P1OPoAlEJUunCq/M2euYWOm/Paqo2bfbGZYcD8/Cxn6zS/v8EIyKPvV1xgX
ZCnPJ1d+Qol/hPO806AyUa29Ly63quoagA14GAXaOGDu7sq/iKTwGuXhNVyyxWRz
Nag5CSxsiS/jRJQ3OcS7JKNyvXSEGIpBF2a6EIwFg4fx25NuS6PaeifNn6WQEJyo
1Ov1tw/QbEVnTAnnziCH3F76ztEXlXH1WCtzDieNkmEAxTe4l0p4YZ9xMPI6NRg9
SdJJOlf39dfkG5vxo50D2sgk//whASrh/bA5Xcefja+pfmYVaHWYjgfmgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA1RLFC24HNbsuledpzUSHCIXqYgMB8GA1UdIwQY
MBaAFJPPTnkn4QSWTkyW9EFknONBdM46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazg5T2VTZmhCSlpPVEpiMFFXU2M0MEYwempvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wYjAwMDctZDMwYS00OTk0LWFiMDAt
YmQ1YjRlNTQ3MTJiLzEvRFZFc1VMYmdjMXV5NlY1Mm5OUkljSWhlcGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wYjAwMDctZDMwYS00OTk0LWFiMDAtYmQ1YjRlNTQ3MTJi
LzEvazg5T2VTZmhCSlpPVEpiMFFXU2M0MEYwempvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuOwMA0E
AgACMAcDBQAqAmOAMA0GCSqGSIb3DQEBCwUAA4IBAQB7CKJ9Z5mkd/woA0oyv3hR
16lHvBrnU0Bykq/FEtnez/nH+VBOKodRq7YQvKX0daoicko8vkm0OaS8yq8lRu/o
MsQ/kJN1Ey8+OAvKK5MiB7KVgyS1nTZ1Bdydt1D0KsvgyAazOBi35ARYDeoedUer
84kFUnJtkEaWvRx3XckFo+kedZd/wjtUsgwZL8yTkNhFWWDwpbElYUr8ZUlNRVvI
XLXQE8vhdIfdv/z3fLjF1JK6AKspW8CH/d/UH+pJ4XpYxNHpegI7W05Rr7Xfj9W9
vApUcMmP/w2XOFF3vS0Vxa2OEKh0Exi8q4TT0vw/wsCBA81SGSgkojnEU9tpMXPJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:22 2025 by rpki-client