Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/rhWOdvbRW_QkUa1o5T8i6dRU720.roa
File: rhWOdvbRW_QkUa1o5T8i6dRU720.roa (raw, json)
Hash identifier: v5LlEHGBOX4X3JyqUu8rErhLCU66G7I7hGMGMVexdV4=
Subject key identifier: AE:15:8E:76:F6:D1:5B:F4:24:51:AD:68:E5:3F:22:E9:D4:54:EF:6D
Certificate issuer: /CN=816684a2958e0190f270a80a98789319e1cee4d8
Certificate serial: 01941F8C180A713F9E339F37F361CB6BED14
Authority key identifier: 81:66:84:A2:95:8E:01:90:F2:70:A8:0A:98:78:93:19:E1:CE:E4:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWaEopWOAZDycKgKmHiTGeHO5Ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/rhWOdvbRW_QkUa1o5T8i6dRU720.roa
Signing time: Wed 01 Jan 2025 01:47:42 +0000
ROA not before: Wed 01 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207658
IP address blocks: 46.17.72.0/23 maxlen: 23
46.17.72.0/24 maxlen: 24
46.17.76.0/23 maxlen: 23
46.17.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/gWaEopWOAZDycKgKmHiTGeHO5Ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/gWaEopWOAZDycKgKmHiTGeHO5Ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/gWaEopWOAZDycKgKmHiTGeHO5Ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:18:0a:71:3f:9e:33:9f:37:f3:61:cb:6b:ed:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=816684a2958e0190f270a80a98789319e1cee4d8
Validity
Not Before: Jan 1 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae158e76f6d15bf42451ad68e53f22e9d454ef6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:23:93:58:3f:34:3e:3d:92:29:f9:7d:b0:
ef:cc:4c:41:52:c4:dc:7f:b8:53:a5:74:a1:4f:e7:
59:79:3d:98:b4:0a:16:cf:72:63:20:8e:35:59:c3:
06:f6:b1:1f:25:9c:41:1a:0e:c2:af:c4:76:5a:90:
b0:15:72:dd:c4:11:bf:8a:f4:cb:13:b9:93:96:fb:
92:15:5e:14:d7:63:24:7e:bf:85:c9:69:f2:a7:31:
05:44:0c:32:ff:51:e9:8d:b0:a4:75:98:0b:77:77:
0f:33:2a:6c:a8:0c:f0:c5:99:49:53:1c:d9:09:bd:
14:6e:75:07:42:b6:7f:51:13:74:ea:54:d1:b8:2c:
28:d1:1e:14:bc:ff:6b:03:ed:8e:4d:fc:99:d6:f9:
57:69:29:54:80:3f:5e:b2:cc:5e:23:dc:37:b3:5e:
03:3f:f3:e2:1b:c6:ab:18:2d:40:42:e8:2f:ba:d5:
8e:63:29:44:a3:5a:78:b7:9c:26:f0:fc:b9:85:62:
f8:c2:d1:b0:4d:a8:23:54:cd:3a:dd:1e:d6:a4:ee:
84:9d:ed:b3:b8:77:5d:26:74:f0:f7:47:35:3e:72:
6e:3a:9c:7b:3c:f1:6b:af:89:59:fa:a8:da:c3:29:
b5:d9:4f:fe:35:9e:1a:ad:a0:e3:be:99:69:eb:80:
dc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:15:8E:76:F6:D1:5B:F4:24:51:AD:68:E5:3F:22:E9:D4:54:EF:6D
X509v3 Authority Key Identifier:
keyid:81:66:84:A2:95:8E:01:90:F2:70:A8:0A:98:78:93:19:E1:CE:E4:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWaEopWOAZDycKgKmHiTGeHO5Ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/rhWOdvbRW_QkUa1o5T8i6dRU720.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/gWaEopWOAZDycKgKmHiTGeHO5Ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.72.0/23
46.17.76.0/23
Signature Algorithm: sha256WithRSAEncryption
48:c1:e5:b7:1d:b5:fa:05:51:c6:fe:45:d7:3a:cb:16:0c:84:
fd:f9:e6:4d:38:19:62:9c:e6:73:fd:be:a5:7e:af:78:e5:00:
73:1c:89:05:d2:ec:e8:ad:22:29:7d:64:ce:1c:e5:45:8b:04:
22:8d:73:41:8e:32:a2:88:7c:ab:eb:72:d7:82:94:58:ea:2b:
33:04:7a:26:16:ee:2e:c9:b2:73:5d:9a:15:22:8a:05:8f:f9:
94:5d:4c:af:3f:23:8d:95:3d:7a:72:46:4c:f2:36:69:76:9d:
77:5d:24:af:8a:a2:59:40:f5:79:ea:d3:64:d7:71:93:33:16:
16:31:f5:47:db:c6:86:07:67:70:6f:4c:87:d1:5e:51:46:87:
c8:11:0a:3c:08:7f:89:d1:ff:98:ca:c0:e5:48:1b:05:f5:01:
3b:b1:2f:ed:ff:f6:50:03:ba:2c:d1:34:57:b3:fb:ce:36:84:
d3:ad:89:f4:ba:06:4f:29:78:6d:60:4f:a2:20:fd:c9:9f:20:
f5:fa:15:30:6d:e7:ec:61:fe:f7:dd:a4:4c:b0:1a:64:ba:2d:
f3:9b:62:b9:43:39:d8:39:77:39:6f:b5:93:dd:13:7c:c2:7c:
3f:3c:3f:a3:83:1c:74:9a:cf:18:3d:3e:a9:91:e3:4c:21:71:
ce:56:d5:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjBgKcT+eM58382HLa+0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNjY4NGEyOTU4ZTAxOTBmMjcwYTgwYTk4Nzg5MzE5ZTFj
ZWU0ZDgwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE1OGU3NmY2ZDE1YmY0MjQ1MWFkNjhlNTNmMjJlOWQ0NTRlZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBojk1g/ND49kin5fbDvzExBUsTc
f7hTpXShT+dZeT2YtAoWz3JjII41WcMG9rEfJZxBGg7Cr8R2WpCwFXLdxBG/ivTL
E7mTlvuSFV4U12Mkfr+FyWnypzEFRAwy/1HpjbCkdZgLd3cPMypsqAzwxZlJUxzZ
Cb0UbnUHQrZ/URN06lTRuCwo0R4UvP9rA+2OTfyZ1vlXaSlUgD9essxeI9w3s14D
P/PiG8arGC1AQugvutWOYylEo1p4t5wm8Py5hWL4wtGwTagjVM063R7WpO6Ene2z
uHddJnTw90c1PnJuOpx7PPFrr4lZ+qjawym12U/+NZ4araDjvplp64DcWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4Vjnb20Vv0JFGtaOU/IunUVO9tMB8GA1UdIwQY
MBaAFIFmhKKVjgGQ8nCoCph4kxnhzuTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1dhRW9wV09BWkR5Y0tnS21IaVRHZUhPNU5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xMzQ5Y2EtOGMzYy00MTMxLTlmNTUt
ZDU5MDMwNjYxOTQ5LzEvcmhXT2R2YlJXX1FrVWExbzVUOGk2ZFJVNzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xMzQ5Y2EtOGMzYy00MTMxLTlmNTUtZDU5MDMwNjYxOTQ5
LzEvZ1dhRW9wV09BWkR5Y0tnS21IaVRHZUhPNU5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhFIAwQB
LhFMMA0GCSqGSIb3DQEBCwUAA4IBAQBIweW3HbX6BVHG/kXXOssWDIT9+eZNOBli
nOZz/b6lfq945QBzHIkF0uzorSIpfWTOHOVFiwQijXNBjjKiiHyr63LXgpRY6isz
BHomFu4uybJzXZoVIooFj/mUXUyvPyONlT16ckZM8jZpdp13XSSviqJZQPV56tNk
13GTMxYWMfVH28aGB2dwb0yH0V5RRofIEQo8CH+J0f+YysDlSBsF9QE7sS/t//ZQ
A7os0TRXs/vONoTTrYn0ugZPKXhtYE+iIP3JnyD1+hUwbefsYf733aRMsBpkui3z
m2K5QznYOXc5b7WT3RN8wnw/PD+jgxx0ms8YPT6pkeNMIXHOVtWb
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:39:46 2025 by rpki-client