Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Dyi32KlOskocQHPe6FUF7ELQs5U.roa
File: Dyi32KlOskocQHPe6FUF7ELQs5U.roa (raw, json)
Hash identifier: D3EF+UreJY6p0ckzuksgWXVvYetF6sITxKDGv/w2L0k=
Subject key identifier: 0F:28:B7:D8:A9:4E:B2:4A:1C:40:73:DE:E8:55:05:EC:42:D0:B3:95
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0194258EB598FC90FBA21F01240AA9D168A4
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Dyi32KlOskocQHPe6FUF7ELQs5U.roa
Signing time: Thu 02 Jan 2025 05:48:16 +0000
ROA not before: Thu 02 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213296
IP address blocks: 158.46.188.0/24 maxlen: 24
158.46.191.0/24 maxlen: 24
158.46.192.0/22 maxlen: 22
178.171.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 09:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:b5:98:fc:90:fb:a2:1f:01:24:0a:a9:d1:68:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f28b7d8a94eb24a1c4073dee85505ec42d0b395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d7:47:eb:41:ee:27:33:89:12:a8:e5:97:b8:
20:dc:76:23:19:59:dd:d3:29:d3:bb:50:4d:4d:09:
11:c1:bd:69:bf:97:cd:ce:32:0e:6c:e8:5b:0b:2c:
a8:fe:05:f9:7e:bb:3c:85:5b:dd:15:0f:cc:9e:6b:
62:6c:27:c7:01:67:a2:93:a5:ec:6a:4b:6c:b8:ab:
1e:54:fb:00:c1:35:76:a1:30:f9:e1:94:cc:67:13:
98:b1:83:76:52:ab:3d:4d:bc:07:6f:0c:10:1a:1e:
a4:d8:38:b0:0a:cf:b4:00:4b:4b:70:3f:fb:66:4d:
50:3d:55:b8:df:0e:d3:dc:44:d4:dc:7f:25:76:e6:
3a:b3:c8:db:8e:10:96:e9:ad:a8:28:78:fc:85:3a:
c2:df:f8:dc:e7:23:94:4d:62:44:d4:46:38:bd:ff:
4f:e7:ae:9d:45:78:ea:0d:81:27:e7:57:e5:b8:39:
39:2d:4f:08:38:3a:15:27:ee:e8:83:04:e9:3f:4f:
aa:57:0a:49:1c:47:28:b3:0d:e1:69:4e:1f:61:b2:
ce:c4:a4:d0:e9:03:db:42:d0:54:7a:83:82:32:f4:
09:83:bb:22:02:64:e7:13:79:c5:6b:e2:7c:f0:d9:
0c:19:3b:7a:68:4b:1d:c7:ec:54:45:88:78:70:fd:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:28:B7:D8:A9:4E:B2:4A:1C:40:73:DE:E8:55:05:EC:42:D0:B3:95
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Dyi32KlOskocQHPe6FUF7ELQs5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/24
158.46.191.0-158.46.195.255
178.171.22.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fd:3f:41:5e:d9:36:f3:e6:e2:6b:49:07:78:73:7b:64:97:
79:30:b0:fb:ca:1a:c8:03:c2:76:60:45:7b:76:c2:f5:7d:a4:
90:ee:28:d9:e1:d9:ee:65:49:cc:88:c5:43:e2:e7:d6:62:e9:
93:05:69:00:3d:48:cf:0a:7b:2e:1e:39:52:e9:22:9e:62:e1:
de:fd:0e:8c:aa:8a:0a:e4:a4:1c:f7:b0:81:db:49:de:fe:26:
b1:43:82:c6:e0:7b:34:a4:15:6e:e6:74:44:e7:19:f4:d8:96:
fd:e3:c4:98:3c:b2:b4:86:ed:37:43:ba:b2:ff:14:e9:81:3f:
09:04:2b:08:8d:1a:ba:37:99:17:99:13:e7:f3:79:19:59:2f:
f1:92:03:82:59:33:23:0b:94:46:1f:a1:15:bd:8b:a5:26:11:
a7:97:b4:b9:77:50:86:62:62:ac:28:17:9b:e8:ae:e5:24:c6:
4f:40:73:04:a3:c1:12:b4:5a:b4:3a:31:b4:c7:88:0d:b3:b5:
ae:70:be:bc:e2:3d:d7:d0:2b:df:bc:82:3b:01:8c:52:a4:72:
36:db:5d:55:22:af:db:6f:51:2e:b0:1d:16:9e:74:2d:56:3a:
1b:13:62:b3:b4:40:3f:28:b9:72:44:19:da:aa:b8:e5:b3:37:
3e:36:57:eb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQljrWY/JD7oh8BJAqp0WikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjUwMTAyMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI4YjdkOGE5NGViMjRhMWM0MDczZGVlODU1MDVlYzQyZDBiMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNdH60HuJzOJEqjll7gg3HYjGVnd
0ynTu1BNTQkRwb1pv5fNzjIObOhbCyyo/gX5frs8hVvdFQ/MnmtibCfHAWeik6Xs
aktsuKseVPsAwTV2oTD54ZTMZxOYsYN2Uqs9TbwHbwwQGh6k2DiwCs+0AEtLcD/7
Zk1QPVW43w7T3ETU3H8lduY6s8jbjhCW6a2oKHj8hTrC3/jc5yOUTWJE1EY4vf9P
566dRXjqDYEn51fluDk5LU8IODoVJ+7ogwTpP0+qVwpJHEcosw3haU4fYbLOxKTQ
6QPbQtBUeoOCMvQJg7siAmTnE3nFa+J88NkMGTt6aEsdx+xURYh4cP1A1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFA8ot9ipTrJKHEBz3uhVBexC0LOVMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvRHlpMzJLbE9za29jUUhQZTZGVUY3RUxRczVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAni68MAwD
BACeLr8DBAKeLsADBACyqxYwDQYJKoZIhvcNAQELBQADggEBAAX9P0Fe2Tbz5uJr
SQd4c3tkl3kwsPvKGsgDwnZgRXt2wvV9pJDuKNnh2e5lScyIxUPi59Zi6ZMFaQA9
SM8Key4eOVLpIp5i4d79DoyqigrkpBz3sIHbSd7+JrFDgsbgezSkFW7mdETnGfTY
lv3jxJg8srSG7TdDurL/FOmBPwkEKwiNGro3mReZE+fzeRlZL/GSA4JZMyMLlEYf
oRW9i6UmEaeXtLl3UIZiYqwoF5voruUkxk9AcwSjwRK0WrQ6MbTHiA2zta5wvrzi
PdfQK9+8gjsBjFKkcjbbXVUir9tvUS6wHRaedC1WOhsTYrO0QD8ouXJEGdqquOWz
Nz42V+s=
-----END CERTIFICATE-----
Generated at Sun Apr 13 18:54:51 2025 by rpki-client