Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/nIj-C3WdkAFcA4_Ngvkfutdaf_s.roa
File: nIj-C3WdkAFcA4_Ngvkfutdaf_s.roa (raw, json)
Hash identifier: yzlIgktfxTBSgISHGYHZ7rHc6AI8aMue2aaA1Dfkxmw=
Subject key identifier: 9C:88:FE:0B:75:9D:90:01:5C:03:8F:CD:82:F9:1F:BA:D7:5A:7F:FB
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 0196A996703F49AC287C896C14377A3198F3
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/nIj-C3WdkAFcA4_Ngvkfutdaf_s.roa
Signing time: Wed 07 May 2025 07:12:10 +0000
ROA not before: Wed 07 May 2025 07:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44417
IP address blocks: 46.166.192.0/21 maxlen: 21
46.166.200.0/21 maxlen: 21
46.166.208.0/21 maxlen: 21
46.166.220.0/22 maxlen: 22
46.166.224.0/22 maxlen: 22
2a04:3800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:96:70:3f:49:ac:28:7c:89:6c:14:37:7a:31:98:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: May 7 07:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c88fe0b759d90015c038fcd82f91fbad75a7ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:db:2f:f2:ac:07:15:23:2a:9a:8a:92:d7:14:
ec:1e:66:0d:6e:3a:be:b9:b5:34:5a:e2:f8:96:41:
68:ae:ab:14:7c:d7:8c:4b:c0:45:8b:39:a5:f2:7e:
2d:be:15:2f:6c:75:ea:d8:d7:cc:5e:d3:14:a6:5b:
31:bd:f7:16:26:78:07:e0:29:6a:8a:a1:d2:4d:87:
80:8d:39:71:f4:89:cd:77:63:b2:d4:9f:18:b6:95:
02:51:da:82:58:4b:54:ef:98:8f:a0:b3:a2:ad:1e:
57:0f:b5:4d:e2:57:09:76:25:d3:c5:a4:7b:e4:4c:
df:0a:07:70:aa:0e:76:70:36:44:0b:47:5f:ef:54:
8f:eb:6e:57:cd:c5:77:e6:dd:73:85:9a:df:33:5b:
9e:84:f4:bc:31:67:da:49:9d:bf:11:35:df:12:f8:
05:b8:0c:8b:27:70:b0:88:22:10:31:06:35:a9:85:
fe:c8:f1:c3:db:b8:2c:e8:c4:e4:ef:ed:fa:f2:52:
52:e3:95:cc:46:69:64:72:a2:67:0e:63:c8:7f:83:
91:bc:a9:59:cc:18:3d:86:a6:6a:76:4e:a7:a2:96:
7e:6e:94:45:20:9a:0b:2b:ce:84:09:a1:8b:a0:bb:
d0:e6:cf:40:06:e4:66:38:1e:d1:38:f1:d9:9d:1e:
ba:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:88:FE:0B:75:9D:90:01:5C:03:8F:CD:82:F9:1F:BA:D7:5A:7F:FB
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/nIj-C3WdkAFcA4_Ngvkfutdaf_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.192.0-46.166.215.255
46.166.220.0-46.166.227.255
IPv6:
2a04:3800::/48
Signature Algorithm: sha256WithRSAEncryption
4a:4a:17:2e:b4:23:cb:3b:da:4d:f0:b0:b5:57:df:14:98:df:
82:e4:10:fb:38:8e:de:c0:0e:3b:62:0f:02:cd:6d:dc:9e:8e:
f2:02:5b:02:c4:0a:6c:4d:e9:1b:ad:01:9d:e6:4a:20:a7:48:
c1:f3:e7:73:12:97:c0:0b:84:32:33:5f:a5:24:eb:b2:c8:21:
62:bd:62:8c:43:2d:9f:70:f0:88:1d:2f:cb:9c:f5:c2:da:3e:
6e:ae:56:ff:f2:18:cb:53:40:a7:74:20:e9:04:47:31:25:f9:
53:66:7a:09:97:da:eb:42:7f:87:e5:f5:da:93:90:e4:f2:b4:
69:ea:dd:38:3b:41:41:41:3a:8f:c2:3a:15:42:35:1e:52:cc:
42:08:2b:5e:0b:65:07:bb:66:c6:1b:fe:c2:60:80:5d:68:d0:
e0:1d:43:a4:fb:19:78:74:5d:df:28:bf:f8:1b:4f:83:89:0a:
75:77:8d:9c:13:bd:de:4a:fc:e2:e0:04:ef:bc:bf:93:71:fd:
56:bf:ce:dd:ba:b0:07:04:a0:c4:bf:09:2e:8e:d8:b3:6c:6c:
4f:3e:4e:10:7d:8c:dc:47:a9:e9:29:9e:46:db:b6:d1:71:8d:
49:3e:54:38:f9:97:4e:d8:e9:a0:62:c6:11:a1:07:a4:90:da:
83:39:c8:04
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZaplnA/SawofIlsFDd6MZjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjUwNTA3MDcxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg4ZmUwYjc1OWQ5MDAxNWMwMzhmY2Q4MmY5MWZiYWQ3NWE3ZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndsv8qwHFSMqmoqS1xTsHmYNbjq+
ubU0WuL4lkForqsUfNeMS8BFizml8n4tvhUvbHXq2NfMXtMUplsxvfcWJngH4Clq
iqHSTYeAjTlx9InNd2Oy1J8YtpUCUdqCWEtU75iPoLOirR5XD7VN4lcJdiXTxaR7
5EzfCgdwqg52cDZEC0df71SP625XzcV35t1zhZrfM1uehPS8MWfaSZ2/ETXfEvgF
uAyLJ3CwiCIQMQY1qYX+yPHD27gs6MTk7+368lJS45XMRmlkcqJnDmPIf4ORvKlZ
zBg9hqZqdk6nopZ+bpRFIJoLK86ECaGLoLvQ5s9ABuRmOB7ROPHZnR66TwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJyI/gt1nZABXAOPzYL5H7rXWn/7MB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvbklqLUMzV2RrQUZjQTRfTmd2a2Z1dGRhZl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBAYupsAD
BAMuptAwDAMEAi6m3AMEAi6m4DAPBAIAAjAJAwcAKgQ4AAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQBKShcutCPLO9pN8LC1V98UmN+C5BD7OI7ewA47Yg8CzW3cno7yAlsC
xApsTekbrQGd5kogp0jB8+dzEpfAC4QyM1+lJOuyyCFivWKMQy2fcPCIHS/LnPXC
2j5urlb/8hjLU0CndCDpBEcxJflTZnoJl9rrQn+H5fXak5Dk8rRp6t04O0FBQTqP
wjoVQjUeUsxCCCteC2UHu2bGG/7CYIBdaNDgHUOk+xl4dF3fKL/4G0+DiQp1d42c
E73eSvzi4ATvvL+Tcf1Wv87durAHBKDEvwkujtizbGxPPk4QfYzcR6npKZ5G27bR
cY1JPlQ4+ZdO2OmgYsYRoQekkNqDOcgE
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:32:02 2025 by rpki-client