Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa
File: RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa (raw, json)
Hash identifier: ZwW8RhsC1c6THaCJDOUF+Lquzo4U71ipuOUtISL9Y48=
Subject key identifier: 46:FB:90:91:9F:C9:FB:0B:E5:C8:37:3D:0F:04:0C:45:F7:5B:46:E7
Certificate issuer: /CN=35d2929f1652f958812d099a233f33ad3445bbfb
Certificate serial: 01941FFA94A3230A50C4C9B4D955AA360567
Authority key identifier: 35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206807
IP address blocks: 93.114.249.0/24 maxlen: 24
185.187.69.0/24 maxlen: 24
185.187.70.0/24 maxlen: 24
194.116.220.0/24 maxlen: 24
2a10:22c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:94:a3:23:0a:50:c4:c9:b4:d9:55:aa:36:05:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d2929f1652f958812d099a233f33ad3445bbfb
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46fb90919fc9fb0be5c8373d0f040c45f75b46e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:68:47:2e:f6:28:bf:34:1d:f8:f8:9f:50:2f:
30:67:18:77:7c:58:55:1f:80:f0:aa:39:c8:6b:29:
7f:a5:e8:4d:c7:32:1e:bb:d1:a7:0b:6b:d0:0f:20:
4b:79:15:2a:6e:5c:fb:17:7e:bf:ab:fb:ff:36:fa:
62:96:79:b1:2f:3e:37:e6:98:ad:53:ee:7b:ec:24:
fe:e5:45:eb:9a:16:36:f1:48:be:92:bf:aa:a5:e7:
e2:35:04:1e:42:42:0d:ae:c5:b5:8f:a1:a6:0a:fa:
af:63:72:64:ea:5d:e2:f4:53:3c:10:19:49:85:cb:
0a:6f:4a:fa:b4:1b:9b:7b:75:3f:17:ca:ea:81:b1:
73:75:fa:f2:0b:e9:7e:31:ca:18:b3:99:7b:21:1a:
7d:e9:36:c8:29:ca:07:ff:95:93:80:4c:d9:4a:ad:
b2:0c:3b:d2:6e:77:29:2a:15:f0:34:5f:45:f4:f3:
7d:8d:ff:e7:c0:da:89:df:04:2a:01:10:16:fd:ed:
06:61:d1:72:c9:23:5e:ce:83:bc:67:ce:3a:60:36:
4b:a5:92:d4:1b:41:f0:ba:64:81:8f:ca:48:52:7c:
1d:f0:7a:27:13:4e:8a:b0:8c:24:e9:f7:1d:c6:76:
8d:8a:fc:73:98:44:1b:3f:0b:a1:ba:8f:a0:7b:c5:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FB:90:91:9F:C9:FB:0B:E5:C8:37:3D:0F:04:0C:45:F7:5B:46:E7
X509v3 Authority Key Identifier:
keyid:35:D2:92:9F:16:52:F9:58:81:2D:09:9A:23:3F:33:AD:34:45:BB:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdKSnxZS-ViBLQmaIz8zrTRFu_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/RvuQkZ_J-wvlyDc9DwQMRfdbRuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c49ca0-952e-495a-8eb1-b280d4c62745/1/NdKSnxZS-ViBLQmaIz8zrTRFu_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.249.0/24
185.187.69.0-185.187.70.255
194.116.220.0/24
IPv6:
2a10:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:fe:bf:6d:36:d1:65:e2:fd:c7:68:2b:72:fe:59:02:5e:0d:
bf:7c:a3:76:bb:f9:ec:eb:f1:d3:32:a4:69:11:61:7a:46:d4:
0e:a0:2c:2c:ab:c0:99:5e:a3:18:3f:41:6e:6b:87:2f:1a:83:
72:bf:b4:85:13:2f:c1:79:44:b1:1b:5a:b0:e1:0a:4e:2e:55:
e6:29:3e:5d:bd:50:d8:1e:9b:85:a4:50:54:6b:3e:e8:af:96:
74:3e:73:a9:70:e0:56:5e:75:48:ad:13:e8:8b:e4:cb:6d:47:
50:e0:d8:00:0f:54:2d:85:7d:5a:86:01:d0:25:3a:ca:a1:b2:
5d:df:67:54:34:42:56:f2:a3:a2:78:bd:89:b7:fc:c3:1f:47:
f5:e2:a2:74:26:99:69:29:4b:dc:6e:d1:6d:20:89:b2:de:9a:
7e:f3:37:27:44:8b:b5:67:de:8b:97:f8:53:9b:e2:c7:d4:8b:
df:34:03:84:b7:28:51:00:73:82:b9:46:9f:61:83:ac:b1:62:
75:6f:36:3a:42:fe:30:5a:cf:20:ca:ca:3e:08:67:1b:3f:b0:
5b:37:80:45:a8:e3:fb:f7:00:2b:d8:5c:dd:93:b4:fc:a3:52:
2d:3b:dd:f9:e5:11:18:3c:22:07:39:da:e4:51:da:e8:ea:11:
d0:ea:15:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQf+pSjIwpQxMm02VWqNgVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDI5MjlmMTY1MmY5NTg4MTJkMDk5YTIzM2YzM2FkMzQ0
NWJiZmIwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmZiOTA5MTlmYzlmYjBiZTVjODM3M2QwZjA0MGM0NWY3NWI0NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWhHLvYovzQd+PifUC8wZxh3fFhV
H4DwqjnIayl/pehNxzIeu9GnC2vQDyBLeRUqblz7F36/q/v/NvpilnmxLz435pit
U+577CT+5UXrmhY28Ui+kr+qpefiNQQeQkINrsW1j6GmCvqvY3Jk6l3i9FM8EBlJ
hcsKb0r6tBube3U/F8rqgbFzdfryC+l+McoYs5l7IRp96TbIKcoH/5WTgEzZSq2y
DDvSbncpKhXwNF9F9PN9jf/nwNqJ3wQqARAW/e0GYdFyySNezoO8Z846YDZLpZLU
G0HwumSBj8pIUnwd8HonE06KsIwk6fcdxnaNivxzmEQbPwuhuo+ge8WVcQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEb7kJGfyfsL5cg3PQ8EDEX3W0bnMB8GA1UdIwQY
MBaAFDXSkp8WUvlYgS0JmiM/M600Rbv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEt
YjI4MGQ0YzYyNzQ1LzEvUnZ1UWtaX0otd3ZseURjOUR3UU1SZmRiUnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jNDljYTAtOTUyZS00OTVhLThlYjEtYjI4MGQ0YzYyNzQ1
LzEvTmRLU254WlMtVmlCTFFtYUl6OHpyVFJGdV9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAXXL5MAwD
BAC5u0UDBAC5u0YDBADCdNwwDQQCAAIwBwMFAyoQIsAwDQYJKoZIhvcNAQELBQAD
ggEBAFr+v2020WXi/cdoK3L+WQJeDb98o3a7+ezr8dMypGkRYXpG1A6gLCyrwJle
oxg/QW5rhy8ag3K/tIUTL8F5RLEbWrDhCk4uVeYpPl29UNgem4WkUFRrPuivlnQ+
c6lw4FZedUitE+iL5MttR1Dg2AAPVC2FfVqGAdAlOsqhsl3fZ1Q0Qlbyo6J4vYm3
/MMfR/XionQmmWkpS9xu0W0gibLemn7zNydEi7Vn3ouX+FOb4sfUi980A4S3KFEA
c4K5Rp9hg6yxYnVvNjpC/jBazyDKyj4IZxs/sFs3gEWo4/v3ACvYXN2TtPyjUi07
3fnlERg8Igc52uRR2ujqEdDqFQs=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:52 2025 by rpki-client