Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/gQFR0ws8EpADtXwJYL1_rKqtUCU.roa
File: gQFR0ws8EpADtXwJYL1_rKqtUCU.roa (raw, json)
Hash identifier: O/ujjDYhXza5+3b/lt0kt/wL12KlNYtlZgn4DDp272Q=
Subject key identifier: 81:01:51:D3:0B:3C:12:90:03:B5:7C:09:60:BD:7F:AC:AA:AD:50:25
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 01971078508CE349108B7266C35297055CA0
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/gQFR0ws8EpADtXwJYL1_rKqtUCU.roa
Signing time: Tue 27 May 2025 06:40:09 +0000
ROA not before: Tue 27 May 2025 06:40:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48072
IP address blocks: 46.22.80.0/20 maxlen: 20
46.22.80.0/23 maxlen: 23
46.22.85.0/24 maxlen: 24
46.22.86.0/24 maxlen: 24
46.22.87.0/24 maxlen: 24
46.22.88.0/23 maxlen: 23
46.22.91.0/24 maxlen: 24
46.22.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:10:78:50:8c:e3:49:10:8b:72:66:c3:52:97:05:5c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: May 27 06:40:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=810151d30b3c129003b57c0960bd7facaaad5025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:1a:b0:01:47:c1:d6:68:e5:78:d7:3a:6d:
cf:2d:73:48:02:9c:db:f8:ab:ca:ab:21:6e:49:25:
e2:68:a6:c5:83:78:6e:58:25:7f:d2:ad:52:d9:d1:
fd:ff:6a:76:f5:1c:7b:c3:6f:05:19:55:92:37:97:
14:af:2f:6a:91:95:db:68:3e:c7:f5:9f:49:e3:16:
75:bb:cd:68:88:e8:aa:7c:d8:96:1f:68:91:40:85:
78:89:f1:7d:e3:b6:0d:de:a1:02:b0:55:25:b1:aa:
a9:38:b9:a7:e9:c4:15:a1:4f:78:fb:8b:5b:3d:2a:
e4:5f:b7:c3:ea:43:a4:c3:b8:07:58:51:00:8e:38:
2b:a5:67:18:44:95:53:26:f8:14:23:93:47:c6:16:
e2:68:f2:cd:3f:32:fe:02:4f:96:e2:bb:8c:94:9c:
2d:7c:11:22:3f:29:a3:b0:b5:cd:7b:29:27:01:22:
ad:20:b6:53:c1:1e:40:45:09:d5:33:64:30:0d:d2:
0e:a9:7f:9a:0f:c2:86:94:1a:5d:fd:03:58:c3:90:
66:12:b2:d8:b4:4e:61:ab:1a:55:12:f6:cc:54:11:
ee:55:e8:ad:c1:7f:c8:e5:f1:63:27:7d:e6:7c:f6:
22:69:c2:dd:fc:7e:12:91:4a:40:3a:7c:4a:45:3e:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:01:51:D3:0B:3C:12:90:03:B5:7C:09:60:BD:7F:AC:AA:AD:50:25
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/gQFR0ws8EpADtXwJYL1_rKqtUCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.80.0/20
Signature Algorithm: sha256WithRSAEncryption
00:63:6c:38:63:69:1b:35:aa:93:21:2d:a5:d7:c5:e9:bc:27:
3a:87:5a:a6:94:a3:ca:c3:c2:81:54:ae:ed:e7:e0:ee:dc:7b:
a1:f3:b0:48:99:ae:b3:cd:b5:e8:73:e4:4b:da:9a:fa:88:79:
b7:75:8e:dc:72:5c:4d:d1:9c:28:e5:80:a9:f6:a6:81:2a:6b:
3e:0f:4b:6d:b3:4d:dc:ce:a7:90:ac:7c:42:3d:23:d8:11:7c:
8c:92:76:d8:44:d5:d1:73:8a:f7:f9:24:89:10:1c:56:d1:a7:
8e:4b:8b:b6:c6:6b:63:1b:24:21:3c:48:b4:a6:55:55:6b:2d:
3b:37:5f:80:ad:20:32:b2:2b:1f:9c:7d:73:45:3f:78:ef:88:
13:5e:da:f5:4c:1c:a6:07:40:61:2e:fe:78:c9:ea:52:3b:0a:
b5:f6:9c:56:05:21:f4:91:01:12:03:9c:ff:3e:aa:17:a6:1f:
5d:4c:f2:f7:0b:8a:c5:6a:bb:08:90:7f:9a:5e:10:79:e4:b3:
ba:1b:dc:63:3e:ea:23:85:91:5f:ba:bf:d0:38:d9:64:99:f5:
29:ba:6a:ff:05:c0:dc:57:b7:fa:07:4e:0d:da:97:f0:58:e8:
fe:ea:1d:d6:76:f6:9d:1a:c5:70:4f:60:6b:4b:9c:40:3b:c5:
87:1c:bb:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcQeFCM40kQi3Jmw1KXBVygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjUwNTI3MDY0MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTAxNTFkMzBiM2MxMjkwMDNiNTdjMDk2MGJkN2ZhY2FhYWQ1MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBwasAFHwdZo5XjXOm3PLXNIApzb
+KvKqyFuSSXiaKbFg3huWCV/0q1S2dH9/2p29Rx7w28FGVWSN5cUry9qkZXbaD7H
9Z9J4xZ1u81oiOiqfNiWH2iRQIV4ifF947YN3qECsFUlsaqpOLmn6cQVoU94+4tb
PSrkX7fD6kOkw7gHWFEAjjgrpWcYRJVTJvgUI5NHxhbiaPLNPzL+Ak+W4ruMlJwt
fBEiPymjsLXNeyknASKtILZTwR5ARQnVM2QwDdIOqX+aD8KGlBpd/QNYw5BmErLY
tE5hqxpVEvbMVBHuVeitwX/I5fFjJ33mfPYiacLd/H4SkUpAOnxKRT4sGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEBUdMLPBKQA7V8CWC9f6yqrVAlMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvZ1FGUjB3czhFcEFEdFh3SllMMV9yS3F0VUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELhZQMA0G
CSqGSIb3DQEBCwUAA4IBAQAAY2w4Y2kbNaqTIS2l18XpvCc6h1qmlKPKw8KBVK7t
5+Du3Huh87BIma6zzbXoc+RL2pr6iHm3dY7cclxN0Zwo5YCp9qaBKms+D0tts03c
zqeQrHxCPSPYEXyMknbYRNXRc4r3+SSJEBxW0aeOS4u2xmtjGyQhPEi0plVVay07
N1+ArSAysisfnH1zRT9474gTXtr1TBymB0BhLv54yepSOwq19pxWBSH0kQESA5z/
PqoXph9dTPL3C4rFarsIkH+aXhB55LO6G9xjPuojhZFfur/QONlkmfUpumr/BcDc
V7f6B04N2pfwWOj+6h3WdvadGsVwT2BrS5xAO8WHHLsh
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:41:49 2025 by rpki-client