Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DME6Z2yHvtwN9BpWt6KQRxkNhiE.roa
File: DME6Z2yHvtwN9BpWt6KQRxkNhiE.roa (raw, json)
Hash identifier: 5KNJMhgr/+YTgIV3c10bMpSTpS79pSMdzzTWYMAuBR4=
Subject key identifier: 0C:C1:3A:67:6C:87:BE:DC:0D:F4:1A:56:B7:A2:90:47:19:0D:86:21
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01942590037F7C24FBA4B82D0A97C46275F7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DME6Z2yHvtwN9BpWt6KQRxkNhiE.roa
Signing time: Thu 02 Jan 2025 05:49:42 +0000
ROA not before: Thu 02 Jan 2025 05:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209458
IP address blocks: 95.46.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:90:03:7f:7c:24:fb:a4:b8:2d:0a:97:c4:62:75:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cc13a676c87bedc0df41a56b7a29047190d8621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cf:ff:79:48:7b:a3:c8:e6:32:94:c4:c0:a5:
fc:20:84:20:51:05:99:ae:9d:a2:7a:50:45:57:50:
5d:97:9b:b8:67:ad:20:ec:43:7c:50:20:cf:7d:a3:
60:a6:1e:56:1d:db:6a:09:fc:bf:cc:32:96:88:d8:
51:48:78:f8:53:e5:6b:d2:d7:a3:98:01:37:d0:c7:
b8:00:64:d9:66:4d:b7:fd:9c:03:a1:d4:3d:ea:f0:
48:70:7f:d9:d2:49:06:cc:21:b9:6b:fc:5d:f9:98:
73:aa:ea:d4:2f:ac:b5:8c:c3:53:18:8d:29:51:1c:
c4:ad:43:4e:7d:f3:5f:b0:e0:ed:7c:ca:86:af:93:
8c:55:62:92:ad:f2:2a:0c:62:ed:a0:41:02:42:78:
ab:36:7b:ae:15:57:2e:e7:30:87:b4:08:77:d5:b0:
97:47:bc:ae:2b:55:c8:a8:84:1c:c2:21:93:de:01:
69:e8:15:1a:d1:2b:dd:29:ed:3c:2d:35:68:79:73:
3c:c5:ba:3d:84:9a:30:75:9f:7e:7c:56:24:24:28:
54:05:cf:a5:7a:a4:67:93:79:15:ea:6b:48:84:25:
f0:5e:bd:19:50:56:d1:29:43:6e:1a:72:ce:22:3e:
bd:7a:dd:3c:10:11:a6:ac:04:64:f7:af:91:4d:a7:
0d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C1:3A:67:6C:87:BE:DC:0D:F4:1A:56:B7:A2:90:47:19:0D:86:21
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DME6Z2yHvtwN9BpWt6KQRxkNhiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.115.0/24
Signature Algorithm: sha256WithRSAEncryption
83:6d:55:ee:cc:74:9d:09:9e:ac:fd:75:a4:9a:5f:c7:4e:73:
e2:1a:5b:b9:89:85:60:24:2d:dc:a1:61:67:c8:b0:47:86:76:
7a:35:60:99:e1:3d:95:1f:f6:a5:85:ae:09:63:a0:32:dd:80:
58:91:62:3d:af:f6:f0:ba:5a:b8:3e:26:16:07:65:bc:a1:2d:
cf:79:ba:f5:66:20:08:e8:f6:2a:e9:b5:eb:2f:65:c0:25:06:
f3:9f:d4:5a:35:73:6e:87:20:84:37:df:25:05:b4:4c:58:ff:
d7:3c:06:c7:5e:75:57:c5:cf:a4:9d:f1:ab:28:b4:c2:02:13:
ad:9a:4a:f4:43:ba:90:36:3b:2d:3d:42:7e:63:2c:bb:76:8d:
1d:f2:4b:9c:49:bc:1b:59:09:6c:69:35:4b:65:41:84:01:af:
a2:9e:80:24:cc:d9:50:bf:cf:19:5d:eb:4a:7a:a4:39:35:4c:
17:ae:0a:98:65:54:c5:ed:9e:a1:11:01:a9:7a:96:b9:81:0c:
6c:63:56:d6:8e:7f:3d:53:8c:56:2c:67:54:f6:6f:2f:2e:5d:
e3:10:cd:eb:b1:3f:58:a2:dd:28:5a:fe:fc:0b:44:38:a1:48:
ed:9c:c5:93:65:80:10:44:33:84:e1:d6:02:4c:bd:6c:d6:8e:
9b:37:f2:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlkAN/fCT7pLgtCpfEYnX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2MxM2E2NzZjODdiZWRjMGRmNDFhNTZiN2EyOTA0NzE5MGQ4NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM//eUh7o8jmMpTEwKX8IIQgUQWZ
rp2ielBFV1Bdl5u4Z60g7EN8UCDPfaNgph5WHdtqCfy/zDKWiNhRSHj4U+Vr0tej
mAE30Me4AGTZZk23/ZwDodQ96vBIcH/Z0kkGzCG5a/xd+ZhzqurUL6y1jMNTGI0p
URzErUNOffNfsODtfMqGr5OMVWKSrfIqDGLtoEECQnirNnuuFVcu5zCHtAh31bCX
R7yuK1XIqIQcwiGT3gFp6BUa0SvdKe08LTVoeXM8xbo9hJowdZ9+fFYkJChUBc+l
eqRnk3kV6mtIhCXwXr0ZUFbRKUNuGnLOIj69et08EBGmrARk96+RTacNcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzBOmdsh77cDfQaVreikEcZDYYhMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvRE1FNloyeUh2dHdOOUJwV3Q2S1FSeGtOaGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy5zMA0G
CSqGSIb3DQEBCwUAA4IBAQCDbVXuzHSdCZ6s/XWkml/HTnPiGlu5iYVgJC3coWFn
yLBHhnZ6NWCZ4T2VH/alha4JY6Ay3YBYkWI9r/bwulq4PiYWB2W8oS3Pebr1ZiAI
6PYq6bXrL2XAJQbzn9RaNXNuhyCEN98lBbRMWP/XPAbHXnVXxc+knfGrKLTCAhOt
mkr0Q7qQNjstPUJ+Yyy7do0d8kucSbwbWQlsaTVLZUGEAa+inoAkzNlQv88ZXetK
eqQ5NUwXrgqYZVTF7Z6hEQGpepa5gQxsY1bWjn89U4xWLGdU9m8vLl3jEM3rsT9Y
ot0oWv78C0Q4oUjtnMWTZYAQRDOE4dYCTL1s1o6bN/I8
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:25:08 2025 by rpki-client