Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/CdQL_rNfT4mruJeuRhVd0hpPdps.roa
File: CdQL_rNfT4mruJeuRhVd0hpPdps.roa (raw, json)
Hash identifier: Z/uUo7J+RuPWC8u1ha2F9ldd1L0f2IgJnPvQNnlMC1w=
Subject key identifier: 09:D4:0B:FE:B3:5F:4F:89:AB:B8:97:AE:46:15:5D:D2:1A:4F:76:9B
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019425217BCC77A753CE6E4617C586238828
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/CdQL_rNfT4mruJeuRhVd0hpPdps.roa
Signing time: Thu 02 Jan 2025 03:48:58 +0000
ROA not before: Thu 02 Jan 2025 03:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49037
IP address blocks: 46.226.160.0/21 maxlen: 32
80.72.16.0/21 maxlen: 32
80.72.24.0/22 maxlen: 32
85.198.120.0/21 maxlen: 32
89.169.52.0/22 maxlen: 32
92.118.72.0/22 maxlen: 32
92.246.132.0/22 maxlen: 32
92.246.136.0/21 maxlen: 32
93.185.144.0/20 maxlen: 32
94.141.100.0/22 maxlen: 32
95.174.96.0/19 maxlen: 32
178.212.139.0/24 maxlen: 32
185.9.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
185.230.240.0/22 maxlen: 32
185.230.241.0/24 maxlen: 24
185.230.242.0/24 maxlen: 24
213.108.20.0/22 maxlen: 32
217.144.176.0/20 maxlen: 32
2a00:8740::/32 maxlen: 128
2a0b:1c40::/29 maxlen: 128
2a12:3280::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7b:cc:77:a7:53:ce:6e:46:17:c5:86:23:88:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 2 03:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09d40bfeb35f4f89abb897ae46155dd21a4f769b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a9:d6:51:48:c1:b6:32:72:aa:6e:d0:59:d2:
2d:3d:77:34:99:93:b6:9c:0f:f1:bf:d8:29:f3:69:
e3:d9:83:5b:14:17:ef:b6:ad:9c:94:78:b2:9f:4c:
62:0e:68:b6:4b:7f:9b:ff:0f:61:91:4c:d7:05:59:
be:56:29:de:aa:35:e3:ac:f8:92:81:2b:47:11:4a:
8e:47:28:06:8c:2a:ee:ea:6e:ef:f3:99:e1:e0:84:
8d:df:74:d2:b1:fd:1c:9a:67:15:60:c8:01:19:25:
db:d9:78:f1:f5:1b:46:6e:5a:81:ec:45:60:df:7f:
f7:22:ce:95:2a:9c:d2:11:15:9b:51:83:2e:f3:58:
54:d5:c7:83:3e:d1:3c:07:9a:e7:c0:7f:de:26:49:
b4:b6:4b:48:f7:57:0c:5b:88:f2:dc:ab:9b:bd:9a:
f0:e9:a2:11:bf:5b:3c:53:ec:f5:4e:11:30:ba:82:
ef:53:a1:92:ef:01:a8:98:65:5c:1e:b5:f6:dd:cc:
ec:fa:33:b1:4e:8e:1f:3f:0d:b1:83:2d:aa:7f:3f:
57:5d:4c:9d:01:ee:c7:2d:0e:da:3f:e2:e7:bb:24:
db:2e:c6:ed:7c:af:a8:52:da:d1:33:98:9e:7b:f9:
19:d0:55:bc:60:1b:ec:86:d4:6a:6f:55:4a:d8:00:
69:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D4:0B:FE:B3:5F:4F:89:AB:B8:97:AE:46:15:5D:D2:1A:4F:76:9B
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/CdQL_rNfT4mruJeuRhVd0hpPdps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
80.72.16.0-80.72.27.255
85.198.120.0/21
89.169.52.0/22
92.118.72.0/22
92.246.132.0-92.246.143.255
93.185.144.0/20
94.141.100.0/22
95.174.96.0/19
178.212.139.0/24
185.9.184.0/22
185.136.32.0/22
185.230.240.0/22
213.108.20.0/22
217.144.176.0/20
IPv6:
2a00:8740::/32
2a0b:1c40::/29
2a12:3280::/32
Signature Algorithm: sha256WithRSAEncryption
00:c0:18:89:3a:c6:9e:3f:9f:d6:f1:3b:e1:4e:07:7d:94:2b:
67:48:8c:f8:14:70:c5:28:39:bf:a3:5e:cd:35:e1:3a:d8:ec:
53:3c:86:db:be:59:0e:e7:28:67:b8:1a:b3:f8:c2:0d:31:9d:
47:44:0c:52:c0:5c:19:8c:6a:0d:7c:2a:ec:6e:d4:71:79:5c:
3e:4b:52:26:65:cd:53:f5:59:45:f1:44:df:c6:92:6f:c7:3a:
65:8f:45:56:ce:82:bf:38:a5:2f:8e:87:f8:1f:0a:86:e7:d2:
66:40:9b:57:86:e5:c1:db:51:2d:0a:17:fd:db:4c:d2:a4:28:
49:56:7f:fb:7d:a5:6d:67:99:8e:d3:33:d6:e7:50:ee:5c:58:
cd:a2:a2:b9:af:7b:f0:bf:15:66:37:12:2f:8c:41:23:68:e5:
a3:98:03:40:7e:f5:c3:e3:89:81:22:15:12:b5:dd:83:3b:58:
74:83:e0:87:1e:b3:10:cd:5d:bf:b7:a9:5e:1f:47:bf:ee:10:
2f:62:28:52:63:01:17:15:d0:51:ed:79:c6:be:87:e4:13:e6:
82:6b:f0:19:d2:32:7b:37:1a:5a:6a:8e:61:a7:d1:86:19:f6:
80:64:0a:e3:2d:96:3e:ec:b2:68:65:9a:cb:1d:7c:0a:c7:58:
6f:47:71:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZQlIXvMd6dTzm5GF8WGI4goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwMTAyMDM0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ0MGJmZWIzNWY0Zjg5YWJiODk3YWU0NjE1NWRkMjFhNGY3NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkanWUUjBtjJyqm7QWdItPXc0mZO2
nA/xv9gp82nj2YNbFBfvtq2clHiyn0xiDmi2S3+b/w9hkUzXBVm+VineqjXjrPiS
gStHEUqORygGjCru6m7v85nh4ISN33TSsf0cmmcVYMgBGSXb2Xjx9RtGblqB7EVg
33/3Is6VKpzSERWbUYMu81hU1ceDPtE8B5rnwH/eJkm0tktI91cMW4jy3KubvZrw
6aIRv1s8U+z1ThEwuoLvU6GS7wGomGVcHrX23czs+jOxTo4fPw2xgy2qfz9XXUyd
Ae7HLQ7aP+LnuyTbLsbtfK+oUtrRM5iee/kZ0FW8YBvshtRqb1VK2ABpSwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFAnUC/6zX0+Jq7iXrkYVXdIaT3abMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvQ2RRTF9yTmZUNG1ydUpldVJoVmQwaHBQZHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBwBAIAATBqAwQDLuKg
MAwDBARQSBADBAJQSBgDBANVxngDBAJZqTQDBAJcdkgwDAMEAlz2hAMEBFz2gAME
BF25kAMEAl6NZAMEBV+uYAMEALLUiwMEArkJuAMEArmIIAMEArnm8AMEAtVsFAME
BNmQsDAbBAIAAjAVAwUAKgCHQAMFAyoLHEADBQAqEjKAMA0GCSqGSIb3DQEBCwUA
A4IBAQAAwBiJOsaeP5/W8TvhTgd9lCtnSIz4FHDFKDm/o17NNeE62OxTPIbbvlkO
5yhnuBqz+MINMZ1HRAxSwFwZjGoNfCrsbtRxeVw+S1ImZc1T9VlF8UTfxpJvxzpl
j0VWzoK/OKUvjof4HwqG59JmQJtXhuXB21EtChf920zSpChJVn/7faVtZ5mO0zPW
51DuXFjNoqK5r3vwvxVmNxIvjEEjaOWjmANAfvXD44mBIhUStd2DO1h0g+CHHrMQ
zV2/t6leH0e/7hAvYihSYwEXFdBR7XnGvofkE+aCa/AZ0jJ7Nxpaao5hp9GGGfaA
ZArjLZY+7LJoZZrLHXwKx1hvR3Ea
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:59 2025 by rpki-client