Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/txKA05gc1PNEhcuQ9gw4JRL4SOg.roa
File: txKA05gc1PNEhcuQ9gw4JRL4SOg.roa (raw, json)
Hash identifier: ZxoTI5LHLJfIjBc6aAlc7tJn+4E9R4JWht3d4AMJtIc=
Subject key identifier: B7:12:80:D3:98:1C:D4:F3:44:85:CB:90:F6:0C:38:25:12:F8:48:E8
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01941FFA62A38312371BBC1C7EF6B627682A
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/txKA05gc1PNEhcuQ9gw4JRL4SOg.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44417
IP address blocks: 46.166.192.0/21 maxlen: 21
46.166.200.0/21 maxlen: 21
2a04:3800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:62:a3:83:12:37:1b:bc:1c:7e:f6:b6:27:68:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b71280d3981cd4f34485cb90f60c382512f848e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a4:44:07:a5:9d:a5:01:db:f6:b1:47:4b:ae:
58:2d:39:f5:48:d7:e0:d2:d6:38:f5:8b:f9:38:e4:
98:82:33:2d:15:8a:34:cd:f4:bb:ad:18:c5:05:e6:
ee:3b:30:78:43:0f:12:be:e7:5d:d6:9d:5f:6c:de:
dd:4a:32:ce:b9:2c:8f:76:0e:c8:de:14:1b:47:e1:
7e:c4:33:21:35:d5:2b:cc:0d:99:66:41:72:3c:2e:
c0:2c:9d:4b:b1:f1:1d:61:39:c6:7a:4e:d6:b4:1f:
1d:bd:85:fc:11:5c:54:a2:96:96:e6:02:2f:74:e0:
ec:ea:b7:99:d4:35:d1:3d:70:40:9a:c7:7a:35:ef:
e9:90:4e:fb:9e:e0:3f:b8:95:f1:fc:22:b7:36:22:
dd:c4:8f:db:36:1a:7a:1b:41:0f:9b:68:e6:5b:f3:
c9:40:34:b4:35:0b:34:d6:cd:e8:40:f8:36:e3:0a:
b5:2a:ce:bc:cb:0e:40:42:fb:52:77:8c:08:c3:99:
47:a2:28:ad:3f:15:40:30:0d:d6:28:b5:06:06:de:
79:c2:01:66:60:cc:cb:70:f7:b0:94:a9:e6:90:e5:
6f:7c:ad:f3:ec:49:8c:6f:fa:d2:7c:da:b2:e6:50:
19:90:2c:30:89:40:86:c8:8b:2d:f8:07:9f:18:e0:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:12:80:D3:98:1C:D4:F3:44:85:CB:90:F6:0C:38:25:12:F8:48:E8
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/txKA05gc1PNEhcuQ9gw4JRL4SOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.192.0/20
IPv6:
2a04:3800::/48
Signature Algorithm: sha256WithRSAEncryption
00:04:d8:01:83:47:3f:fa:ab:b2:1e:1d:5e:90:21:ad:e2:cf:
a7:29:a6:63:71:2c:92:54:bb:78:ea:7a:04:49:c9:f4:b4:80:
1e:41:e3:19:47:a6:68:01:4c:1c:54:47:2d:38:e0:17:4b:65:
85:70:ae:59:49:3d:78:60:1f:d6:4f:7f:3e:30:86:01:84:9e:
e1:dc:f6:a6:44:f4:ed:61:29:d1:8c:7a:0d:ac:9c:1d:37:f3:
98:4c:a3:ec:11:40:69:e1:20:d1:d4:a7:a3:54:7d:29:5f:65:
77:b6:20:06:b4:3d:ed:0a:d4:34:84:ba:fe:86:09:3c:07:9e:
6d:d3:28:76:47:82:03:59:3f:77:22:47:bd:af:eb:bc:92:e0:
fc:fe:a4:5d:78:78:35:d9:cd:b3:13:09:57:a4:dc:72:7f:2e:
13:21:f1:39:38:18:8f:a9:18:20:e1:65:dc:68:73:c7:03:76:
f1:b2:01:2b:42:8e:a4:d4:30:dc:8b:28:d8:93:be:46:7f:05:
4b:c7:1d:21:b0:2c:e7:52:29:68:aa:dd:3c:80:65:b1:a7:b6:
2f:d1:20:b9:19:f4:c4:63:d4:7b:76:e3:42:43:e3:aa:08:24:
10:f2:56:ad:89:6f:58:2c:06:30:d2:07:44:94:5f:ce:5c:fd:
7b:4d:5c:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+mKjgxI3G7wcfva2J2gqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzEyODBkMzk4MWNkNGYzNDQ4NWNiOTBmNjBjMzgyNTEyZjg0OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6REB6WdpQHb9rFHS65YLTn1SNfg
0tY49Yv5OOSYgjMtFYo0zfS7rRjFBebuOzB4Qw8Svudd1p1fbN7dSjLOuSyPdg7I
3hQbR+F+xDMhNdUrzA2ZZkFyPC7ALJ1LsfEdYTnGek7WtB8dvYX8EVxUopaW5gIv
dODs6reZ1DXRPXBAmsd6Ne/pkE77nuA/uJXx/CK3NiLdxI/bNhp6G0EPm2jmW/PJ
QDS0NQs01s3oQPg24wq1Ks68yw5AQvtSd4wIw5lHoiitPxVAMA3WKLUGBt55wgFm
YMzLcPewlKnmkOVvfK3z7EmMb/rSfNqy5lAZkCwwiUCGyIst+AefGOATQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcSgNOYHNTzRIXLkPYMOCUS+EjoMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvdHhLQTA1Z2MxUE5FaGN1UTlndzRKUkw0U09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQELqbAMA8E
AgACMAkDBwAqBDgAAAAwDQYJKoZIhvcNAQELBQADggEBAAAE2AGDRz/6q7IeHV6Q
Ia3iz6cppmNxLJJUu3jqegRJyfS0gB5B4xlHpmgBTBxURy044BdLZYVwrllJPXhg
H9ZPfz4whgGEnuHc9qZE9O1hKdGMeg2snB0385hMo+wRQGnhINHUp6NUfSlfZXe2
IAa0Pe0K1DSEuv6GCTwHnm3TKHZHggNZP3ciR72v67yS4Pz+pF14eDXZzbMTCVek
3HJ/LhMh8Tk4GI+pGCDhZdxoc8cDdvGyAStCjqTUMNyLKNiTvkZ/BUvHHSGwLOdS
KWiq3TyAZbGnti/RILkZ9MRj1Ht240JD46oIJBDyVq2Jb1gsBjDSB0SUX85c/XtN
XD8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:43 2025 by rpki-client