Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/fXGb1AdmtKED61MI3C4rhXBHP4g.roa
File: fXGb1AdmtKED61MI3C4rhXBHP4g.roa (raw, json)
Hash identifier: eR+whMFm4iqXvD16fqLVfHjrwLVKXZG15LaXEU0R7b4=
Subject key identifier: 7D:71:9B:D4:07:66:B4:A1:03:EB:53:08:DC:2E:2B:85:70:47:3F:88
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 01942825EA7660063C4CC1C0F1E2088AAC8C
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/fXGb1AdmtKED61MI3C4rhXBHP4g.roa
Signing time: Thu 02 Jan 2025 17:52:40 +0000
ROA not before: Thu 02 Jan 2025 17:52:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25106
IP address blocks: 46.56.40.0/21 maxlen: 21
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.56.0/22 maxlen: 24
46.56.60.0/23 maxlen: 24
46.56.60.0/24 maxlen: 24
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
46.216.0.0/17 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
46.216.152.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.192.0/21 maxlen: 21
46.216.246.0/24 maxlen: 24
134.17.0.0/20 maxlen: 24
134.17.0.0/23 maxlen: 23
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
134.17.24.0/21 maxlen: 21
134.17.24.0/22 maxlen: 22
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
134.17.64.0/20 maxlen: 20
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
134.17.96.0/19 maxlen: 19
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
134.17.208.0/20 maxlen: 24
134.17.208.0/22 maxlen: 24
134.17.224.0/20 maxlen: 24
176.60.0.0/18 maxlen: 24
176.60.4.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
176.60.44.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.176.0/23 maxlen: 23
176.60.184.0/22 maxlen: 24
176.60.192.0/18 maxlen: 24
176.60.192.0/20 maxlen: 20
176.60.208.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
178.168.144.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
178.168.168.0/21 maxlen: 24
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
178.168.242.0/23 maxlen: 23
178.168.253.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
185.20.114.0/23 maxlen: 23
2a02:bf0::/32 maxlen: 32
2a02:bf0::/48 maxlen: 48
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:25::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:100::/44 maxlen: 44
2a02:bf0:110::/44 maxlen: 44
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:1003::/48 maxlen: 48
2a02:bf0:3000::/36 maxlen: 44
2a02:bf0:4000::/36 maxlen: 44
2a02:bf0:5000::/36 maxlen: 44
2a02:bf0:6000::/36 maxlen: 44
2a02:bf0:7000::/36 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:ea:76:60:06:3c:4c:c1:c0:f1:e2:08:8a:ac:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Jan 2 17:52:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d719bd40766b4a103eb5308dc2e2b8570473f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:ec:11:93:ba:2f:6b:18:f2:2b:ac:21:cf:
87:49:88:d3:34:63:2e:30:f6:5b:5b:08:49:46:e4:
b9:c9:22:3e:2c:c9:00:31:29:17:bf:9d:8c:7f:dd:
54:1d:0b:2d:55:ea:3b:dd:dc:07:74:4f:5f:f5:83:
6b:33:4d:8d:72:2f:4b:12:a2:88:14:8e:e2:0d:04:
84:6b:b4:16:fd:56:63:e8:f3:9f:00:bd:d3:d7:e8:
cf:0d:76:32:27:17:93:b5:86:89:9e:eb:77:c1:f3:
ec:cd:3c:7b:4c:69:1a:1f:78:b0:0b:e4:bb:c5:15:
d2:83:6f:2e:87:b4:8f:c6:c7:d6:9c:e1:51:bc:f7:
60:32:bd:29:64:1c:5a:28:f6:15:80:f8:26:07:c1:
57:dd:45:77:42:c2:3b:d7:93:de:ba:44:d7:a8:97:
ce:c8:fb:dd:29:da:c7:9b:24:28:8b:f5:6a:6f:66:
05:3f:80:cd:96:ab:c1:9a:39:5c:fd:72:eb:1f:61:
f6:6b:33:57:7a:63:d0:ae:79:80:31:18:6a:b1:eb:
fd:f3:23:54:a9:1c:3c:9d:4a:6b:35:79:25:3b:1d:
e5:9f:6a:cd:50:51:a7:1f:2e:a7:53:b8:34:81:86:
5e:97:60:cb:72:3e:80:49:ed:62:1c:49:34:6c:89:
2f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:71:9B:D4:07:66:B4:A1:03:EB:53:08:DC:2E:2B:85:70:47:3F:88
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/fXGb1AdmtKED61MI3C4rhXBHP4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
49:5b:2a:08:c3:71:bc:10:17:87:de:2e:ff:13:9c:c2:f3:15:
74:07:a2:62:c2:78:ac:25:f6:72:60:28:45:c9:e8:f7:98:d7:
01:b8:6a:16:62:79:d8:ee:01:a1:b5:40:21:9a:e9:61:08:0f:
7c:91:14:a9:5e:37:5e:44:74:09:ea:df:86:71:3b:e4:62:c2:
d5:19:1d:01:ed:e2:0a:4a:24:eb:3b:b7:b7:c9:48:fd:67:cd:
87:d3:76:16:b8:85:0e:65:62:4b:ff:e3:e9:6c:f8:4d:66:e8:
ff:3c:6b:9c:ca:60:99:72:0e:cc:55:a5:c5:55:ce:31:fb:da:
28:37:da:9a:9a:bb:b8:22:3e:4c:6c:9d:61:eb:fc:87:59:95:
b4:32:36:33:ec:bc:fa:15:44:4b:76:97:b7:17:33:6f:87:eb:
c9:d6:43:f1:db:f3:ef:2e:32:97:8b:8a:0a:c0:8a:88:0c:85:
21:d4:ec:bb:5c:81:87:97:81:32:46:25:1c:54:6c:b2:05:ac:
2e:cf:ad:22:e4:21:5d:6e:eb:b6:02:25:73:b7:31:8b:11:63:
76:e6:25:9e:49:23:21:e3:08:b6:ae:10:67:1b:33:80:bc:2e:
d3:0c:2c:04:7c:17:8e:52:8a:be:a7:96:b8:d0:49:67:09:89:
78:ec:67:53
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQoJep2YAY8TMHA8eIIiqyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjUwMTAyMTc1MjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDcxOWJkNDA3NjZiNGExMDNlYjUzMDhkYzJlMmI4NTcwNDczZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06zsEZO6L2sY8iusIc+HSYjTNGMu
MPZbWwhJRuS5ySI+LMkAMSkXv52Mf91UHQstVeo73dwHdE9f9YNrM02Nci9LEqKI
FI7iDQSEa7QW/VZj6POfAL3T1+jPDXYyJxeTtYaJnut3wfPszTx7TGkaH3iwC+S7
xRXSg28uh7SPxsfWnOFRvPdgMr0pZBxaKPYVgPgmB8FX3UV3QsI715PeukTXqJfO
yPvdKdrHmyQoi/Vqb2YFP4DNlqvBmjlc/XLrH2H2azNXemPQrnmAMRhqsev98yNU
qRw8nUprNXklOx3ln2rNUFGnHy6nU7g0gYZel2DLcj6ASe1iHEk0bIkvzwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFH1xm9QHZrShA+tTCNwuK4VwRz+IMB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvZlhHYjFBZG10S0VENjFNSTNDNHJoWEJIUDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
WyoIw3G8EBeH3i7/E5zC8xV0B6JiwnisJfZyYChFyej3mNcBuGoWYnnY7gGhtUAh
mulhCA98kRSpXjdeRHQJ6t+GcTvkYsLVGR0B7eIKSiTrO7e3yUj9Z82H03YWuIUO
ZWJL/+PpbPhNZuj/PGucymCZcg7MVaXFVc4x+9ooN9qamru4Ij5MbJ1h6/yHWZW0
MjYz7Lz6FURLdpe3FzNvh+vJ1kPx2/PvLjKXi4oKwIqIDIUh1Oy7XIGHl4EyRiUc
VGyyBawuz60i5CFdbuu2AiVztzGLEWN25iWeSSMh4wi2rhBnGzOAvC7TDCwEfBeO
Uoq+p5a40ElnCYl47GdT
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:18 2025 by rpki-client