Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/oe0ViHcJehxm3wVuZHtIwUX00hU.roa
File: oe0ViHcJehxm3wVuZHtIwUX00hU.roa (raw, json)
Hash identifier: RwLw3XJajb9LZZAlaGbGSJVNCQJewc1VgXJkyuKlD8Q=
Subject key identifier: A1:ED:15:88:77:09:7A:1C:66:DF:05:6E:64:7B:48:C1:45:F4:D2:15
Certificate issuer: /CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Certificate serial: 019422FBBEA9210706CE2E82D6B3AB06DF1C
Authority key identifier: A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/oe0ViHcJehxm3wVuZHtIwUX00hU.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49895
IP address blocks: 46.254.72.0/22 maxlen: 22
46.254.72.0/24 maxlen: 24
46.254.73.0/24 maxlen: 24
46.254.74.0/24 maxlen: 24
46.254.75.0/24 maxlen: 24
213.5.8.0/21 maxlen: 21
213.5.8.0/24 maxlen: 24
213.5.9.0/24 maxlen: 24
213.5.10.0/24 maxlen: 24
213.5.11.0/24 maxlen: 24
213.5.12.0/24 maxlen: 24
213.5.13.0/24 maxlen: 24
213.5.14.0/24 maxlen: 24
213.5.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/p3cgx9wdw-3R0NR_kjvNgz8GrzY.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/p3cgx9wdw-3R0NR_kjvNgz8GrzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Mar 2025 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:be:a9:21:07:06:ce:2e:82:d6:b3:ab:06:df:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1ed158877097a1c66df056e647b48c145f4d215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e8:4d:11:2a:93:60:3a:19:82:20:72:7b:20:
7a:0b:7c:fb:b8:be:46:9c:92:26:c1:ab:19:fc:34:
75:ea:30:c7:48:08:83:3e:63:49:98:6d:d4:3f:82:
6d:10:41:a3:d5:4b:72:da:29:4a:8c:db:57:89:83:
a1:03:ce:28:a4:94:0a:00:16:2e:f4:17:f3:92:9f:
8e:6d:7b:93:30:b6:b6:18:35:18:8e:19:9e:77:37:
45:44:67:f9:b5:a9:2a:a8:9b:4b:1a:f8:d7:9d:ad:
67:24:16:a1:19:2e:66:dc:ca:d3:79:b8:61:0c:33:
b4:ab:60:69:10:11:6b:60:32:41:dd:62:b4:7f:e7:
43:5a:93:a3:34:08:a1:60:e1:b5:1e:77:9a:a1:1a:
ad:aa:8d:14:62:27:85:62:01:4d:e0:bc:be:a4:1d:
0e:ea:9e:82:e5:4f:de:0e:8b:f9:23:a1:5c:b3:a8:
e6:14:83:23:07:c4:12:6b:bb:8d:d6:32:9a:38:e5:
99:85:67:4a:86:f2:b0:e7:42:96:d1:4b:82:e8:7d:
95:db:86:96:17:97:a9:f7:fd:08:2f:ef:b0:29:d3:
59:97:77:2b:7c:84:44:b5:ef:d4:2b:8e:e7:7e:ea:
83:68:55:46:cf:4a:c8:62:e5:51:25:13:ed:d9:d3:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:ED:15:88:77:09:7A:1C:66:DF:05:6E:64:7B:48:C1:45:F4:D2:15
X509v3 Authority Key Identifier:
keyid:A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/oe0ViHcJehxm3wVuZHtIwUX00hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/p3cgx9wdw-3R0NR_kjvNgz8GrzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.72.0/22
213.5.8.0/21
Signature Algorithm: sha256WithRSAEncryption
33:ed:aa:ea:23:68:08:f9:b9:b2:4c:7e:67:93:b2:d6:b7:91:
9d:0e:2a:f2:b3:45:8c:46:7f:67:65:12:3e:87:26:2e:ec:f8:
27:e7:79:39:b8:b8:22:6f:8b:d4:1b:74:bc:a7:e8:c7:1b:d5:
5a:9c:c1:03:76:ec:5f:9c:ca:86:45:bc:87:2a:81:a4:41:72:
38:ac:d6:ad:a9:d9:b0:34:7f:e4:e7:de:6c:ac:50:24:f0:04:
5e:87:67:62:fc:30:26:0e:5c:43:54:b5:bd:9c:23:4d:8f:1d:
66:2f:cd:83:83:2e:14:6d:c3:fb:ff:6a:17:fd:a8:3b:15:47:
cd:27:30:0b:32:be:85:a8:29:84:67:1a:56:1f:ba:62:15:b7:
44:53:77:49:11:6e:fb:9d:05:0d:58:65:f6:e5:25:5f:b1:84:
97:32:ca:5d:43:7a:ef:b3:00:c2:1b:34:34:ac:3c:f0:10:6c:
5f:d1:24:8c:c9:24:50:20:bd:b9:4d:8d:9e:aa:e4:26:c7:7a:
be:a6:69:8f:6f:65:e5:91:2f:31:bc:c4:c1:bf:d6:e0:31:5f:
7d:4d:3b:c8:bc:9c:2f:42:9a:85:11:5e:8a:1b:b9:47:82:47:
c6:73:57:d4:38:59:66:2a:97:aa:60:1a:9a:c1:99:ca:10:b5:
b4:1b:83:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+76pIQcGzi6C1rOrBt8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NzcyMGM3ZGMxZGMzZWRkMWQwZDQ3ZjkyM2JjZDgzM2Yw
NmFmMzYwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWVkMTU4ODc3MDk3YTFjNjZkZjA1NmU2NDdiNDhjMTQ1ZjRkMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOhNESqTYDoZgiByeyB6C3z7uL5G
nJImwasZ/DR16jDHSAiDPmNJmG3UP4JtEEGj1Uty2ilKjNtXiYOhA84opJQKABYu
9Bfzkp+ObXuTMLa2GDUYjhmedzdFRGf5takqqJtLGvjXna1nJBahGS5m3MrTebhh
DDO0q2BpEBFrYDJB3WK0f+dDWpOjNAihYOG1HneaoRqtqo0UYieFYgFN4Ly+pB0O
6p6C5U/eDov5I6Fcs6jmFIMjB8QSa7uN1jKaOOWZhWdKhvKw50KW0UuC6H2V24aW
F5ep9/0IL++wKdNZl3crfIREte/UK47nfuqDaFVGz0rIYuVRJRPt2dMRywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHtFYh3CXocZt8FbmR7SMFF9NIVMB8GA1UdIwQY
MBaAFKd3IMfcHcPt0dDUf5I7zYM/Bq82MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYt
MTcyMjhjZWYwMDQ5LzEvb2UwVmlIY0plaHhtM3dWdVpIdEl3VVgwMGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYtMTcyMjhjZWYwMDQ5
LzEvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLv5IAwQD
1QUIMA0GCSqGSIb3DQEBCwUAA4IBAQAz7arqI2gI+bmyTH5nk7LWt5GdDirys0WM
Rn9nZRI+hyYu7Pgn53k5uLgib4vUG3S8p+jHG9VanMEDduxfnMqGRbyHKoGkQXI4
rNatqdmwNH/k595srFAk8AReh2di/DAmDlxDVLW9nCNNjx1mL82Dgy4UbcP7/2oX
/ag7FUfNJzALMr6FqCmEZxpWH7piFbdEU3dJEW77nQUNWGX25SVfsYSXMspdQ3rv
swDCGzQ0rDzwEGxf0SSMySRQIL25TY2equQmx3q+pmmPb2XlkS8xvMTBv9bgMV99
TTvIvJwvQpqFEV6KG7lHgkfGc1fUOFlmKpeqYBqawZnKELW0G4OA
-----END CERTIFICATE-----
Generated at Mon Mar 10 22:14:10 2025 by rpki-client