Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/20y5ubfJnSaHdbEYhfDAIBE8gCA.roa
File: 20y5ubfJnSaHdbEYhfDAIBE8gCA.roa (raw, json)
Hash identifier: PxZHYMXvBuF+PNUk3IUPx2E16Gx/KhT8hlhJp8/fAbA=
Subject key identifier: DB:4C:B9:B9:B7:C9:9D:26:87:75:B1:18:85:F0:C0:20:11:3C:80:20
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 01951E8F801FAE91517CCD855345EE53AD5B
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/20y5ubfJnSaHdbEYhfDAIBE8gCA.roa
Signing time: Wed 19 Feb 2025 14:14:35 +0000
ROA not before: Wed 19 Feb 2025 14:14:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 46.235.10.0/24 maxlen: 32
178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
178.210.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:8f:80:1f:ae:91:51:7c:cd:85:53:45:ee:53:ad:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Feb 19 14:14:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db4cb9b9b7c99d268775b11885f0c020113c8020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:cf:01:c3:bd:cc:0d:4b:80:c8:f3:32:08:
65:d4:fb:fa:76:95:31:c0:30:d3:72:9a:71:41:6c:
ae:fd:66:63:62:e7:c9:3d:25:de:cf:23:f0:4c:92:
e7:6e:f8:5e:02:f8:e8:42:1a:2e:79:24:16:4d:ed:
57:2d:9d:6c:d1:a1:33:37:55:39:61:6d:74:e0:df:
28:0a:47:11:c4:ce:d4:e9:ee:e0:f0:ec:d0:c1:eb:
4f:91:92:93:0c:73:fb:46:c4:04:35:85:37:a0:ee:
4f:b5:05:72:ce:3d:b4:56:00:9f:75:d5:82:18:d7:
9c:0f:aa:5b:c9:ca:1b:c2:d4:d6:80:58:a3:ed:6e:
43:94:65:6d:71:c2:b0:61:6c:94:d9:c6:4a:f8:58:
fd:d1:9c:a7:e2:ce:fd:f5:8d:f4:28:b7:6b:bc:e0:
38:9e:20:6d:b4:ef:7c:b2:ce:8e:c8:1a:0a:ac:b7:
a4:23:4e:c6:a5:99:b2:1c:45:59:1a:f5:8c:23:42:
3c:48:72:a6:94:64:61:59:5a:20:3c:c8:0e:a7:4e:
dd:ef:e3:b9:7d:c0:d8:78:22:93:ce:e2:08:1f:23:
39:3f:80:18:9f:69:4c:b8:ec:6d:09:7f:31:c3:e9:
54:15:8c:34:82:e6:92:b6:1c:1f:0e:b0:b7:9b:64:
54:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4C:B9:B9:B7:C9:9D:26:87:75:B1:18:85:F0:C0:20:11:3C:80:20
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/20y5ubfJnSaHdbEYhfDAIBE8gCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.10.0/24
178.210.160.0-178.210.166.255
178.210.168.0-178.210.178.255
178.210.180.0/24
Signature Algorithm: sha256WithRSAEncryption
58:89:bf:af:7a:76:32:22:cd:64:c1:7c:7b:ee:b0:b4:58:7c:
09:b7:28:44:db:70:a5:37:66:43:ab:8d:e3:81:01:55:f6:32:
6e:58:9f:2e:5c:56:ae:71:3b:7b:6b:41:f2:68:9e:d0:4d:e6:
1b:30:3c:9c:3a:e4:9a:37:54:86:58:8d:33:56:48:dc:72:32:
a1:7c:82:35:a0:26:c9:ec:03:a3:5a:ea:27:61:7f:f9:7d:da:
b9:fa:39:2a:fa:ba:ec:3b:19:17:1b:ad:2f:7d:11:f1:e9:d3:
59:a1:6d:80:6a:58:d7:07:e1:ab:04:b5:20:51:89:b7:13:8e:
79:c6:27:a5:a4:12:8f:f0:bd:39:67:2f:55:2a:1f:e0:71:d6:
48:3c:6e:46:66:34:42:b7:4d:af:0d:60:74:a6:f6:e6:88:f0:
25:d9:07:4b:f7:a9:f3:38:60:91:57:ae:4a:a7:98:f3:34:0a:
3b:7e:c9:5e:96:78:79:b5:f3:61:82:6a:70:05:62:cc:06:34:
2c:4f:78:19:07:48:79:f6:de:d5:7b:22:98:9e:43:7f:33:44:
30:85:a3:fb:1d:45:92:72:8f:32:ff:53:76:89:1c:c5:00:72:
b7:74:f0:ec:99:14:18:9b:93:c6:80:24:e4:70:e6:0f:4a:55:
06:04:87:d5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZUej4AfrpFRfM2FU0XuU61bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjUwMjE5MTQxNDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRjYjliOWI3Yzk5ZDI2ODc3NWIxMTg4NWYwYzAyMDExM2M4MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywTPAcO9zA1LgMjzMghl1Pv6dpUx
wDDTcppxQWyu/WZjYufJPSXezyPwTJLnbvheAvjoQhoueSQWTe1XLZ1s0aEzN1U5
YW104N8oCkcRxM7U6e7g8OzQwetPkZKTDHP7RsQENYU3oO5PtQVyzj20VgCfddWC
GNecD6pbycobwtTWgFij7W5DlGVtccKwYWyU2cZK+Fj90Zyn4s799Y30KLdrvOA4
niBttO98ss6OyBoKrLekI07GpZmyHEVZGvWMI0I8SHKmlGRhWVogPMgOp07d7+O5
fcDYeCKTzuIIHyM5P4AYn2lMuOxtCX8xw+lUFYw0guaSthwfDrC3m2RUJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNtMubm3yZ0mh3WxGIXwwCARPIAgMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvMjB5NXViZkpuU2FIZGJFWWhmREFJQkU4Z0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQALusKMAwD
BAWy0qADBACy0qYwDAMEA7LSqAMEALLSsgMEALLStDANBgkqhkiG9w0BAQsFAAOC
AQEAWIm/r3p2MiLNZMF8e+6wtFh8CbcoRNtwpTdmQ6uN44EBVfYyblifLlxWrnE7
e2tB8mie0E3mGzA8nDrkmjdUhliNM1ZI3HIyoXyCNaAmyewDo1rqJ2F/+X3aufo5
Kvq67DsZFxutL30R8enTWaFtgGpY1wfhqwS1IFGJtxOOecYnpaQSj/C9OWcvVSof
4HHWSDxuRmY0QrdNrw1gdKb25ojwJdkHS/ep8zhgkVeuSqeY8zQKO37JXpZ4ebXz
YYJqcAVizAY0LE94GQdIefbe1XsimJ5DfzNEMIWj+x1FknKPMv9TdokcxQByt3Tw
7JkUGJuTxoAk5HDmD0pVBgSH1Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:15:38 2025 by rpki-client