Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/DStV17Hecan-6QQiecnzOLb7PtA.roa
File: DStV17Hecan-6QQiecnzOLb7PtA.roa (raw, json)
Hash identifier: E6s1lLpFj1dG9iVyKbgkYVYs/gktTO6G9yKQPD1Kbsk=
Subject key identifier: 0D:2B:55:D7:B1:DE:71:A9:FE:E9:04:22:79:C9:F3:38:B6:FB:3E:D0
Certificate issuer: /CN=31a3da6d0fafd27d01b74703bb39d8c115e86412
Certificate serial: 019425FDEB241E1C82B1B39CD6CC3860E27D
Authority key identifier: 31:A3:DA:6D:0F:AF:D2:7D:01:B7:47:03:BB:39:D8:C1:15:E8:64:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/DStV17Hecan-6QQiecnzOLb7PtA.roa
Signing time: Thu 02 Jan 2025 07:49:45 +0000
ROA not before: Thu 02 Jan 2025 07:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207758
IP address blocks: 46.16.200.0/22 maxlen: 22
46.16.204.0/24 maxlen: 24
185.148.76.0/22 maxlen: 24
2a07:5c80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:eb:24:1e:1c:82:b1:b3:9c:d6:cc:38:60:e2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a3da6d0fafd27d01b74703bb39d8c115e86412
Validity
Not Before: Jan 2 07:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d2b55d7b1de71a9fee9042279c9f338b6fb3ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:6c:ea:2c:f7:0f:79:7a:ce:cb:3f:59:ed:
09:76:b7:31:b1:e3:18:50:b7:91:5b:54:19:ba:0b:
99:e3:9a:50:9b:d7:ce:0f:79:7e:c1:65:96:4c:7d:
65:25:6b:cd:81:49:ee:19:e1:0f:b0:9d:15:ce:c5:
e1:14:91:64:b2:64:c1:84:a5:ec:2a:bf:88:4c:f6:
7f:bc:16:21:e6:82:81:c5:5d:d9:15:94:d6:b2:4b:
01:e4:31:d0:86:bf:37:44:d2:8f:53:98:47:cf:21:
16:aa:b1:ec:0b:fe:2d:38:24:92:5e:ab:f5:87:34:
ae:bc:26:29:34:e1:73:de:a1:30:4c:80:a5:c0:53:
02:33:1e:8a:4d:ca:50:34:41:d0:5e:99:3a:4c:82:
36:25:cc:b1:ab:c2:73:f0:d5:09:70:88:64:cb:56:
aa:d2:a5:25:14:26:ca:2f:15:c5:33:cf:4b:11:51:
38:64:d3:5b:a7:28:f9:86:bb:da:74:04:c4:64:96:
50:ac:36:fc:35:23:41:1e:14:43:70:32:60:df:8b:
e7:55:94:41:ff:f9:c1:8a:6a:ee:09:a2:26:51:13:
84:5c:9f:d6:99:0e:33:b5:38:2e:90:cb:03:cd:24:
4e:cc:05:f5:10:6b:f8:8b:79:be:0b:36:82:ce:55:
d7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2B:55:D7:B1:DE:71:A9:FE:E9:04:22:79:C9:F3:38:B6:FB:3E:D0
X509v3 Authority Key Identifier:
keyid:31:A3:DA:6D:0F:AF:D2:7D:01:B7:47:03:BB:39:D8:C1:15:E8:64:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/DStV17Hecan-6QQiecnzOLb7PtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.200.0-46.16.204.255
185.148.76.0/22
IPv6:
2a07:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
9b:77:42:32:ae:be:f2:56:82:67:81:fa:4b:1f:b8:fc:5a:28:
52:c1:5f:63:cf:42:da:22:8a:5c:6d:ac:0a:f4:98:40:bb:b5:
d4:9d:01:56:b1:44:74:aa:6f:fe:67:d9:92:1d:23:22:20:12:
e5:2e:18:ca:ab:a3:be:f7:c2:fb:c6:be:bb:14:3c:16:06:6d:
ee:3e:9a:29:1f:d3:b3:a3:7a:07:e9:ee:08:94:8e:2b:39:85:
70:38:46:3d:5c:45:47:c1:56:fc:21:26:21:bb:db:81:cf:12:
e3:e5:f6:cc:c7:0c:6b:29:bd:5d:87:7a:64:8e:ea:e6:87:37:
c0:81:6c:47:6d:f0:34:48:13:e2:6c:5d:ce:65:75:c8:0a:f1:
42:f7:b2:f1:fb:59:56:03:b9:f9:86:fa:b3:0e:6f:d4:ef:3f:
8a:ac:5f:96:f0:cc:58:12:98:c1:b9:f8:03:f7:a6:eb:77:4d:
66:04:df:16:a2:98:20:3c:4d:83:ad:78:fa:a2:60:e6:19:f4:
9c:55:cf:d5:50:0c:6e:ee:83:5d:5d:d0:ca:77:dd:3e:3d:46:
fb:32:1e:22:45:9e:07:5d:e3:99:c8:50:17:5e:9b:af:06:41:
e6:97:d4:9c:ac:33:40:a5:61:0b:eb:fd:81:c7:37:87:78:3c:
57:4c:9d:9b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQl/eskHhyCsbOc1sw4YOJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTNkYTZkMGZhZmQyN2QwMWI3NDcwM2JiMzlkOGMxMTVl
ODY0MTIwHhcNMjUwMTAyMDc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJiNTVkN2IxZGU3MWE5ZmVlOTA0MjI3OWM5ZjMzOGI2ZmIzZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Mxs6iz3D3l6zss/We0JdrcxseMY
ULeRW1QZuguZ45pQm9fOD3l+wWWWTH1lJWvNgUnuGeEPsJ0VzsXhFJFksmTBhKXs
Kr+ITPZ/vBYh5oKBxV3ZFZTWsksB5DHQhr83RNKPU5hHzyEWqrHsC/4tOCSSXqv1
hzSuvCYpNOFz3qEwTIClwFMCMx6KTcpQNEHQXpk6TII2Jcyxq8Jz8NUJcIhky1aq
0qUlFCbKLxXFM89LEVE4ZNNbpyj5hrvadATEZJZQrDb8NSNBHhRDcDJg34vnVZRB
//nBimruCaImUROEXJ/WmQ4ztTgukMsDzSROzAX1EGv4i3m+CzaCzlXXQQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA0rVdex3nGp/ukEInnJ8zi2+z7QMB8GA1UdIwQY
MBaAFDGj2m0Pr9J9AbdHA7s52MEV6GQSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFQYWJRLXYwbjBCdDBjRHV6bll3UlhvWkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yMDI5MDAtM2Q3Mi00MDViLTllZjYt
NmNkNGM5ODBhNTIzLzEvRFN0VjE3SGVjYW4tNlFRaWVjbnpPTGI3UHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yMDI5MDAtM2Q3Mi00MDViLTllZjYtNmNkNGM5ODBhNTIz
LzEvTWFQYWJRLXYwbjBCdDBjRHV6bll3UlhvWkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAMuEMgD
BAAuEMwDBAK5lEwwDQQCAAIwBwMFAyoHXIAwDQYJKoZIhvcNAQELBQADggEBAJt3
QjKuvvJWgmeB+ksfuPxaKFLBX2PPQtoiilxtrAr0mEC7tdSdAVaxRHSqb/5n2ZId
IyIgEuUuGMqro773wvvGvrsUPBYGbe4+mikf07Ojegfp7giUjis5hXA4Rj1cRUfB
VvwhJiG724HPEuPl9szHDGspvV2HemSO6uaHN8CBbEdt8DRIE+JsXc5ldcgK8UL3
svH7WVYDufmG+rMOb9TvP4qsX5bwzFgSmMG5+AP3put3TWYE3xaimCA8TYOtePqi
YOYZ9JxVz9VQDG7ug11d0Mp33T49RvsyHiJFngdd45nIUBdem68GQeaX1JysM0Cl
YQvr/YHHN4d4PFdMnZs=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:26:16 2025 by rpki-client