Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/RZQ5y55NZ91q7qGueZI2kyy2lHI.roa
File: RZQ5y55NZ91q7qGueZI2kyy2lHI.roa (raw, json)
Hash identifier: s/DyWvu0J1swkDaWXLLyRdJ0euIh4+uqvas0DU4Xq7I=
Subject key identifier: 45:94:39:CB:9E:4D:67:DD:6A:EE:A1:AE:79:92:36:93:2C:B6:94:72
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 0197115A38529D4A70CE18BAFAFA7D268A6C
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/RZQ5y55NZ91q7qGueZI2kyy2lHI.roa
Signing time: Tue 27 May 2025 10:46:54 +0000
ROA not before: Tue 27 May 2025 10:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206774
IP address blocks: 46.252.1.0/24 maxlen: 24
46.252.3.0/24 maxlen: 24
46.252.4.0/24 maxlen: 24
46.252.5.0/24 maxlen: 24
46.252.7.0/24 maxlen: 24
46.252.8.0/24 maxlen: 24
46.252.9.0/24 maxlen: 24
46.252.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 14:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:5a:38:52:9d:4a:70:ce:18:ba:fa:fa:7d:26:8a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: May 27 10:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=459439cb9e4d67dd6aeea1ae799236932cb69472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:18:10:f8:70:3a:e3:02:61:f0:08:83:cb:
65:0e:e2:7d:ef:77:6c:74:00:c2:b3:1e:5d:2d:a9:
cf:b3:bd:d6:82:5e:86:83:ac:de:31:d3:30:11:37:
fb:9b:d2:b1:d5:0b:62:4a:20:0c:96:0b:e2:d1:bd:
4a:d9:74:1e:c3:07:25:41:64:52:d1:a1:f3:90:67:
37:27:fb:fd:87:55:7b:64:69:4d:34:2e:4c:51:f0:
f7:87:db:33:a5:27:f1:87:dd:af:56:66:09:9a:cc:
91:48:c8:24:09:82:e1:30:8f:03:b0:3e:66:49:ad:
a8:3e:a4:9e:cd:ea:17:ad:34:ac:85:dc:ef:45:18:
9b:02:39:cd:9a:94:2d:6d:1d:cd:48:94:e1:ee:ef:
e5:75:9d:d8:b6:ba:ee:80:c9:f3:a8:89:bd:b0:b4:
cd:3e:bb:29:ce:b6:3d:bd:e8:90:48:f0:81:5c:33:
4b:f4:7e:d0:29:d0:d1:ed:28:44:d7:82:99:c9:c4:
79:db:56:73:f6:df:29:b9:e6:00:4f:a0:16:f0:34:
fc:46:f1:99:5f:cf:3d:63:57:cc:2b:ae:2d:e1:90:
49:7f:f1:91:be:46:fa:64:4a:2a:6e:b7:ea:03:37:
06:64:30:7b:30:41:d7:4d:8a:f8:ab:7b:77:4c:0c:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:94:39:CB:9E:4D:67:DD:6A:EE:A1:AE:79:92:36:93:2C:B6:94:72
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/RZQ5y55NZ91q7qGueZI2kyy2lHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.1.0/24
46.252.3.0-46.252.5.255
46.252.7.0-46.252.10.255
Signature Algorithm: sha256WithRSAEncryption
bd:3b:56:a4:bc:da:c0:7e:59:12:25:05:44:af:f4:e6:45:b4:
dd:9f:37:7a:db:e0:b6:79:8a:54:96:72:6c:e3:87:66:79:63:
66:a7:d2:2e:4e:df:d1:05:75:e7:55:12:0a:81:7c:4b:c6:8d:
ff:e9:ad:be:e5:22:6f:e1:bd:46:29:0f:7c:01:e5:31:5c:2c:
75:72:00:a9:00:1c:98:2f:b7:4b:89:f8:fb:63:89:39:2a:dc:
3b:0c:78:9c:91:a2:09:5c:d9:0a:1c:98:f9:b5:22:39:ba:87:
5c:1f:ec:8f:67:a8:db:a5:1f:66:90:cb:09:90:f1:98:69:26:
87:9c:0f:98:70:3e:8c:01:4b:6f:7b:79:0a:df:f0:7b:73:c2:
06:c8:f5:99:7d:2a:9b:fb:90:a7:29:75:79:a2:89:a7:9c:f5:
26:19:88:fb:11:1f:05:47:30:b6:59:6c:7f:23:b7:79:6c:50:
93:92:e0:a3:9d:ed:a8:ac:64:bc:54:03:eb:2b:b7:bc:f2:3d:
ec:97:67:de:e4:d7:d2:b3:40:30:79:ab:6e:d7:97:7d:0d:00:
3d:cb:94:0a:c9:97:1e:f0:04:ae:5b:85:af:04:70:3e:7c:06:
f5:fa:a2:15:9d:30:8c:fd:d0:6d:79:cc:80:55:90:75:94:cc:
ad:fb:65:ec
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZcRWjhSnUpwzhi6+vp9JopsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjUwNTI3MTA0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk0MzljYjllNGQ2N2RkNmFlZWExYWU3OTkyMzY5MzJjYjY5NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUMYEPhwOuMCYfAIg8tlDuJ973ds
dADCsx5dLanPs73Wgl6Gg6zeMdMwETf7m9Kx1QtiSiAMlgvi0b1K2XQewwclQWRS
0aHzkGc3J/v9h1V7ZGlNNC5MUfD3h9szpSfxh92vVmYJmsyRSMgkCYLhMI8DsD5m
Sa2oPqSezeoXrTSshdzvRRibAjnNmpQtbR3NSJTh7u/ldZ3YtrrugMnzqIm9sLTN
PrspzrY9veiQSPCBXDNL9H7QKdDR7ShE14KZycR521Zz9t8pueYAT6AW8DT8RvGZ
X889Y1fMK64t4ZBJf/GRvkb6ZEoqbrfqAzcGZDB7MEHXTYr4q3t3TAxuRwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEWUOcueTWfdau6hrnmSNpMstpRyMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvUlpRNXk1NU5aOTFxN3FHdWVaSTJreXkybEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQALvwBMAwD
BAAu/AMDBAEu/AQwDAMEAC78BwMEAC78CjANBgkqhkiG9w0BAQsFAAOCAQEAvTtW
pLzawH5ZEiUFRK/05kW03Z83etvgtnmKVJZybOOHZnljZqfSLk7f0QV151USCoF8
S8aN/+mtvuUib+G9RikPfAHlMVwsdXIAqQAcmC+3S4n4+2OJOSrcOwx4nJGiCVzZ
ChyY+bUiObqHXB/sj2eo26UfZpDLCZDxmGkmh5wPmHA+jAFLb3t5Ct/we3PCBsj1
mX0qm/uQpyl1eaKJp5z1JhmI+xEfBUcwtllsfyO3eWxQk5Lgo53tqKxkvFQD6yu3
vPI97Jdn3uTX0rNAMHmrbteXfQ0APcuUCsmXHvAErluFrwRwPnwG9fqiFZ0wjP3Q
bXnMgFWQdZTMrftl7A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:40:52 2025 by rpki-client