Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/6Klja74aZhTKKoLLCt_3rKEYk4Y.roa
File: 6Klja74aZhTKKoLLCt_3rKEYk4Y.roa (raw, json)
Hash identifier: t/uqWcCxSiWj4oYGbIVmwqMGIoVskiP1e2fDZiUxvEY=
Subject key identifier: E8:A9:63:6B:BE:1A:66:14:CA:2A:82:CB:0A:DF:F7:AC:A1:18:93:86
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 019564FCBDA3E10F1F232AE61CD4D69AB375
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/6Klja74aZhTKKoLLCt_3rKEYk4Y.roa
Signing time: Wed 05 Mar 2025 06:27:19 +0000
ROA not before: Wed 05 Mar 2025 06:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211995
IP address blocks: 46.22.225.0/24 maxlen: 24
46.22.226.0/24 maxlen: 24
46.22.227.0/24 maxlen: 24
46.22.228.0/24 maxlen: 24
46.22.229.0/24 maxlen: 24
46.22.230.0/24 maxlen: 24
46.22.231.0/24 maxlen: 24
46.22.232.0/24 maxlen: 24
46.22.233.0/24 maxlen: 24
46.22.234.0/24 maxlen: 24
46.22.235.0/24 maxlen: 24
46.22.236.0/24 maxlen: 24
46.22.237.0/24 maxlen: 24
46.22.238.0/24 maxlen: 24
46.22.239.0/24 maxlen: 24
46.28.237.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
109.237.112.0/20 maxlen: 20
109.237.112.0/24 maxlen: 24
109.237.113.0/24 maxlen: 24
109.237.114.0/24 maxlen: 24
109.237.115.0/24 maxlen: 24
109.237.116.0/24 maxlen: 24
109.237.120.0/24 maxlen: 24
109.237.121.0/24 maxlen: 24
109.237.122.0/24 maxlen: 24
185.55.36.0/22 maxlen: 22
185.55.36.0/24 maxlen: 24
185.55.37.0/24 maxlen: 24
185.55.38.0/24 maxlen: 24
185.55.39.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
194.164.222.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.mft
rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:64:fc:bd:a3:e1:0f:1f:23:2a:e6:1c:d4:d6:9a:b3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Mar 5 06:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8a9636bbe1a6614ca2a82cb0adff7aca1189386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4e:97:af:a0:9e:40:94:25:17:00:ab:3e:9d:
e2:8f:20:71:c1:2b:04:e0:11:7d:8e:39:ed:e8:f1:
00:4a:19:69:dd:7c:bd:86:93:c7:31:9c:85:07:02:
97:72:23:cd:36:d7:8d:fb:76:fe:b5:57:66:61:3e:
72:76:e0:3a:8c:6a:6a:f6:43:a4:3d:ff:05:8d:98:
a9:57:61:8c:4f:c2:f5:c9:87:64:ea:f2:a5:29:28:
90:72:23:60:3c:fa:00:51:78:68:a1:a5:a9:0e:90:
b8:e4:40:a1:fe:c9:c1:ad:76:b4:e3:5e:92:18:7d:
b2:6a:d1:75:ad:54:c6:de:a1:ef:2a:3e:e5:38:f1:
a7:0b:98:fa:f0:81:5c:9e:f8:e7:ee:42:b1:e8:35:
00:f6:92:cb:9d:13:9d:b2:76:b7:02:74:a8:04:83:
95:62:31:29:dc:35:35:86:52:dd:e1:41:9c:86:9b:
da:89:bd:ec:9b:3e:2c:6d:d9:f1:1b:96:4e:58:18:
33:df:66:28:b5:d5:ea:fc:bd:92:e9:98:0f:a9:56:
16:46:25:6f:64:82:1b:64:5e:d0:7f:92:2e:95:48:
02:bc:11:0a:a3:30:21:8e:6b:65:15:47:3e:46:9f:
91:4e:41:49:a8:6f:54:ad:1c:a9:c0:87:d0:de:3a:
74:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A9:63:6B:BE:1A:66:14:CA:2A:82:CB:0A:DF:F7:AC:A1:18:93:86
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/6Klja74aZhTKKoLLCt_3rKEYk4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.225.0-46.22.239.255
46.28.237.0/24
93.114.130.0/24
109.237.112.0/20
185.55.36.0/22
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
194.164.222.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
c3:79:f2:83:96:9c:f1:1e:33:e8:9e:10:24:1f:fb:e0:1a:92:
28:00:f0:4d:72:23:05:a5:4b:6a:7c:91:a5:fd:47:ca:81:60:
85:03:fb:4f:23:79:b6:e7:0b:e4:66:af:64:7b:f0:00:0c:70:
65:2e:1c:33:34:f3:7f:24:d3:9e:0e:09:27:91:30:e6:c8:87:
3f:ba:e0:4b:8e:86:40:99:eb:45:0b:67:f2:e3:fe:51:6c:ad:
20:bf:3d:da:6b:9b:53:a9:21:ab:30:39:09:b4:0d:11:04:59:
f6:b3:ea:f1:91:f3:61:89:b9:75:e9:bd:6e:05:3e:ca:2f:0d:
5e:78:01:ca:4c:dc:a1:39:74:24:b3:fb:70:2b:71:1b:73:50:
61:7d:14:89:03:d0:77:40:01:9b:06:84:62:21:0e:44:ff:70:
4e:fd:60:6e:6a:29:c0:31:aa:3d:83:91:0b:46:91:1f:b6:50:
76:64:ba:82:f4:f3:45:b4:86:e7:e6:7f:df:db:16:12:8b:b6:
26:c0:60:ca:d8:d0:1f:fd:20:15:7c:90:fb:cc:e6:93:9d:58:
97:76:cd:0e:6a:61:c6:ad:2e:d2:bf:62:3a:08:7b:a2:aa:4a:
56:00:0c:d3:e8:10:0c:ae:f8:4b:bb:2c:f5:a3:80:6d:f2:1f:
f2:e3:b9:0e
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZVk/L2j4Q8fIyrmHNTWmrN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjUwMzA1MDYyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE5NjM2YmJlMWE2NjE0Y2EyYTgyY2IwYWRmZjdhY2ExMTg5Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU6Xr6CeQJQlFwCrPp3ijyBxwSsE
4BF9jjnt6PEAShlp3Xy9hpPHMZyFBwKXciPNNteN+3b+tVdmYT5yduA6jGpq9kOk
Pf8FjZipV2GMT8L1yYdk6vKlKSiQciNgPPoAUXhooaWpDpC45ECh/snBrXa0416S
GH2yatF1rVTG3qHvKj7lOPGnC5j68IFcnvjn7kKx6DUA9pLLnROdsna3AnSoBIOV
YjEp3DU1hlLd4UGchpvaib3smz4sbdnxG5ZOWBgz32YotdXq/L2S6ZgPqVYWRiVv
ZIIbZF7Qf5IulUgCvBEKozAhjmtlFUc+Rp+RTkFJqG9UrRypwIfQ3jp0dwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFOipY2u+GmYUyiqCywrf96yhGJOGMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvNktsamE3NGFaaFRLS29MTEN0XzNyS0VZazRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEMAwDBAAuFuED
BAQuFuADBAAuHO0DBABdcoIDBARt7XADBAK5NyQDBAC5TQMDBAC5iM8DBAC56SMD
BADCpN4DBADVjp4wDQQCAAIwBwMFAyoQ2IAwDQYJKoZIhvcNAQELBQADggEBAMN5
8oOWnPEeM+ieECQf++AakigA8E1yIwWlS2p8kaX9R8qBYIUD+08jebbnC+Rmr2R7
8AAMcGUuHDM0838k054OCSeRMObIhz+64EuOhkCZ60ULZ/Lj/lFsrSC/Pdprm1Op
IaswOQm0DREEWfaz6vGR82GJuXXpvW4FPsovDV54AcpM3KE5dCSz+3ArcRtzUGF9
FIkD0HdAAZsGhGIhDkT/cE79YG5qKcAxqj2DkQtGkR+2UHZkuoL080W0hufmf9/b
FhKLtibAYMrY0B/9IBV8kPvM5pOdWJd2zQ5qYcatLtK/YjoIe6KqSlYADNPoEAyu
+Eu7LPWjgG3yH/LjuQ4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:05:41 2025 by rpki-client