Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_BrKG4qFUAeG8b8VjxlwGkP_cOo.roa
File: _BrKG4qFUAeG8b8VjxlwGkP_cOo.roa (raw, json)
Hash identifier: 6iUyRKK4LL6pEeYz+9QKQh7MzqtDFv6/vdl575D8vKI=
Subject key identifier: FC:1A:CA:1B:8A:85:50:07:86:F1:BF:15:8F:19:70:1A:43:FF:70:EA
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0195240A7FD2E37F9048C6B0D738BA0CAC67
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_BrKG4qFUAeG8b8VjxlwGkP_cOo.roa
Signing time: Thu 20 Feb 2025 15:47:02 +0000
ROA not before: Thu 20 Feb 2025 15:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 46.38.144.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:0a:7f:d2:e3:7f:90:48:c6:b0:d7:38:ba:0c:ac:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 20 15:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc1aca1b8a85500786f1bf158f19701a43ff70ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:eb:bf:c8:d0:d7:f9:bb:a3:3a:2d:7f:99:
f2:5d:ae:44:c6:42:4d:8c:2a:f4:71:90:9a:5c:7e:
7f:ab:a8:b2:3b:94:ff:a9:b0:8e:18:7a:6f:b2:dd:
91:e2:65:2a:e3:a8:5a:e0:02:02:da:33:82:2a:39:
73:57:9d:4b:64:4b:c1:00:c3:e3:1c:e5:c0:e8:15:
e6:1e:f2:70:71:83:12:fe:f1:8a:76:18:99:b7:0d:
59:b7:03:ee:b3:48:35:45:d5:e5:b0:34:a0:fa:3a:
31:6f:7e:26:18:ba:38:6e:a8:65:34:f8:f4:af:f5:
b3:60:47:63:2f:bc:50:00:60:68:78:65:06:58:49:
b4:25:13:d6:29:de:51:0a:c2:d0:b2:7c:09:6d:c9:
16:f5:57:11:30:e0:46:a2:15:50:15:26:ed:87:9f:
61:a4:a3:30:e0:b4:80:e4:fd:32:2a:0d:ab:75:62:
30:fc:cd:f2:ba:a8:d7:19:af:fa:9a:2f:3f:7d:85:
1e:3d:c3:2a:d9:52:10:78:46:dd:63:d7:84:af:3a:
50:7a:1b:79:c4:a3:a8:b4:24:2d:22:92:89:62:51:
cd:b5:52:fe:61:32:8f:f7:18:3d:88:04:e0:a9:95:
a2:27:d0:06:a3:b2:6d:e8:60:e6:9e:e5:df:4f:07:
c2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1A:CA:1B:8A:85:50:07:86:F1:BF:15:8F:19:70:1A:43:FF:70:EA
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_BrKG4qFUAeG8b8VjxlwGkP_cOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.144.0/24
46.38.146.0/23
46.38.149.0/24
109.94.165.0/24
185.29.223.0/24
Signature Algorithm: sha256WithRSAEncryption
be:2a:13:43:8c:b5:8f:a0:38:d0:7c:55:09:16:39:43:e2:14:
32:09:03:60:8f:29:e4:0a:87:9a:67:f6:c7:cc:ae:88:a5:7a:
13:12:ab:5d:6a:af:81:31:bc:ee:81:8d:9a:0c:08:f3:b0:01:
c0:e5:53:19:1c:ca:19:85:8a:28:42:0b:a7:5a:6c:b8:d4:22:
f9:0f:36:42:7d:16:92:1e:1b:30:94:d7:68:65:b2:60:48:28:
f5:c9:5a:c0:eb:f4:4c:8c:ca:03:58:90:36:47:68:bb:ee:63:
f8:72:64:5c:95:a5:e8:ba:27:a4:dd:42:f3:3a:11:6f:3d:d3:
ad:99:18:93:1d:87:c5:99:ca:87:28:b8:af:11:86:c3:f8:e8:
3b:e9:db:7f:b2:ff:aa:b2:f1:61:c2:ef:03:7e:7a:3c:5d:4b:
3e:21:e2:83:5c:86:a5:49:3b:a1:c6:b0:eb:55:ba:20:b7:97:
42:42:74:7e:19:18:02:a8:73:7c:30:73:ac:6d:e9:dc:18:5c:
ea:04:5a:6b:bd:b0:64:43:29:4c:61:c1:33:d2:f2:ee:d0:69:
c1:96:d8:6c:1d:b6:61:73:85:ab:cc:34:6d:10:81:f7:eb:4d:
f3:01:79:16:32:76:df:10:ea:2a:05:d2:5e:76:2e:bf:95:2c:
f2:7b:99:87
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZUkCn/S43+QSMaw1zi6DKxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMjIwMTU0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzFhY2ExYjhhODU1MDA3ODZmMWJmMTU4ZjE5NzAxYTQzZmY3MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlbrv8jQ1/m7ozotf5nyXa5ExkJN
jCr0cZCaXH5/q6iyO5T/qbCOGHpvst2R4mUq46ha4AIC2jOCKjlzV51LZEvBAMPj
HOXA6BXmHvJwcYMS/vGKdhiZtw1ZtwPus0g1RdXlsDSg+joxb34mGLo4bqhlNPj0
r/WzYEdjL7xQAGBoeGUGWEm0JRPWKd5RCsLQsnwJbckW9VcRMOBGohVQFSbth59h
pKMw4LSA5P0yKg2rdWIw/M3yuqjXGa/6mi8/fYUePcMq2VIQeEbdY9eErzpQeht5
xKOotCQtIpKJYlHNtVL+YTKP9xg9iATgqZWiJ9AGo7Jt6GDmnuXfTwfCkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPwayhuKhVAHhvG/FY8ZcBpD/3DqMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvX0JyS0c0cUZVQWVHOGI4Vmp4bHdHa1BfY09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiaQAwQB
LiaSAwQALiaVAwQAbV6lAwQAuR3fMA0GCSqGSIb3DQEBCwUAA4IBAQC+KhNDjLWP
oDjQfFUJFjlD4hQyCQNgjynkCoeaZ/bHzK6IpXoTEqtdaq+BMbzugY2aDAjzsAHA
5VMZHMoZhYooQgunWmy41CL5DzZCfRaSHhswlNdoZbJgSCj1yVrA6/RMjMoDWJA2
R2i77mP4cmRclaXouiek3ULzOhFvPdOtmRiTHYfFmcqHKLivEYbD+Og76dt/sv+q
svFhwu8Dfno8XUs+IeKDXIalSTuhxrDrVbogt5dCQnR+GRgCqHN8MHOsbencGFzq
BFprvbBkQylMYcEz0vLu0GnBlthsHbZhc4WrzDRtEIH3603zAXkWMnbfEOoqBdJe
di6/lSzye5mH
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:11:16 2025 by rpki-client