Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/L4cYTmcMFfvtup8EOVfWGJu2vX8.roa
File: L4cYTmcMFfvtup8EOVfWGJu2vX8.roa (raw, json)
Hash identifier: erMMZD+S+Fs2aYT1Dy3VVlR447qTafNqOv1NGE4DFgI=
Subject key identifier: 2F:87:18:4E:67:0C:15:FB:ED:BA:9F:04:39:57:D6:18:9B:B6:BD:7F
Certificate issuer: /CN=f219383a3e3f116a9bcc4769c8517cdce40765c7
Certificate serial: 0194A1A8427DD6049460044D2B3326492D31
Authority key identifier: F2:19:38:3A:3E:3F:11:6A:9B:CC:47:69:C8:51:7C:DC:E4:07:65:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/L4cYTmcMFfvtup8EOVfWGJu2vX8.roa
Signing time: Sun 26 Jan 2025 08:09:06 +0000
ROA not before: Sun 26 Jan 2025 08:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52048
IP address blocks: 46.183.216.0/21 maxlen: 21
46.183.216.0/24 maxlen: 24
46.183.217.0/24 maxlen: 24
46.183.218.0/24 maxlen: 24
46.183.222.0/24 maxlen: 24
46.183.223.0/24 maxlen: 24
84.38.130.0/24 maxlen: 24
84.38.132.0/24 maxlen: 24
84.38.134.0/24 maxlen: 24
84.38.135.0/24 maxlen: 24
2a02:4840::/48 maxlen: 48
2a02:4840:1::/48 maxlen: 48
2a02:4840:2::/48 maxlen: 48
2a02:4840:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a1:a8:42:7d:d6:04:94:60:04:4d:2b:33:26:49:2d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f219383a3e3f116a9bcc4769c8517cdce40765c7
Validity
Not Before: Jan 26 08:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f87184e670c15fbedba9f043957d6189bb6bd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:28:67:d8:e8:44:69:3b:1f:b2:b8:78:7c:98:
fa:f7:d9:0e:af:27:b3:df:ea:9c:3f:3d:34:cb:ef:
3d:a2:af:e1:bf:79:aa:94:19:73:b1:ae:ab:3c:ee:
34:c7:d6:69:74:2b:a1:6f:0a:77:4a:fc:f4:73:99:
5f:31:54:c8:f9:a1:bf:32:c6:43:07:49:71:d7:6f:
7e:30:3d:87:0e:1b:76:25:ff:0d:18:80:10:69:a1:
24:2e:4a:94:bf:d0:b2:ba:e1:67:3a:eb:9a:fd:bf:
88:e3:26:75:35:5c:7c:81:81:ec:7e:98:c2:a0:ef:
db:ab:3c:22:05:88:7b:0e:a5:dc:87:d3:c5:be:53:
94:d4:35:9d:72:aa:fd:b0:d0:57:b9:d9:a3:ef:74:
39:c0:9d:b4:3c:27:56:5a:4b:40:6d:31:b5:b1:fc:
6b:9e:79:ab:40:9b:4d:2a:7c:e2:a4:de:17:62:bf:
ce:69:74:e1:07:4c:da:4c:c6:15:f7:2d:10:bd:3d:
b5:7b:a6:19:73:99:6d:2c:cd:13:77:0d:e9:ae:31:
09:06:b3:27:80:0f:fd:3f:a6:ba:ef:7c:9c:7e:b7:
7c:b0:89:f4:e5:41:94:7d:0f:9b:4b:ad:5a:6f:39:
bd:47:d0:f7:e9:30:51:ce:04:f3:3b:af:96:65:b1:
60:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:87:18:4E:67:0C:15:FB:ED:BA:9F:04:39:57:D6:18:9B:B6:BD:7F
X509v3 Authority Key Identifier:
keyid:F2:19:38:3A:3E:3F:11:6A:9B:CC:47:69:C8:51:7C:DC:E4:07:65:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/L4cYTmcMFfvtup8EOVfWGJu2vX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.216.0/21
84.38.130.0/24
84.38.132.0/24
84.38.134.0/23
IPv6:
2a02:4840::-2a02:4840:2:ffff:ffff:ffff:ffff:ffff
2a02:4840:1000::/48
Signature Algorithm: sha256WithRSAEncryption
70:d2:28:1c:9d:b3:76:af:ff:c7:e3:fa:14:e7:0a:dc:80:24:
e7:08:62:a9:03:d4:13:71:8e:e7:e0:12:12:7c:aa:4b:9c:0c:
87:8e:d9:d0:cb:26:c2:8b:04:8f:e4:22:90:44:af:5f:59:be:
f7:ea:25:72:f3:43:df:63:07:23:fa:43:97:c4:1d:ac:48:ca:
5d:ef:8c:1a:25:0e:32:c3:9b:8c:29:0d:f9:41:cc:d6:a0:9d:
43:fb:d8:e6:5f:9e:d4:86:8e:8b:9c:24:49:4a:68:f3:27:1f:
c2:0a:63:8d:0c:20:f8:eb:3c:2c:ca:5c:63:d0:76:2d:d3:c0:
ec:0f:27:76:8b:a5:4d:81:2a:0f:9e:dc:46:50:12:fb:86:fa:
68:09:7a:55:fd:57:ad:56:cb:9c:d3:66:df:6b:23:df:2c:67:
23:b3:4e:a6:d8:47:3c:64:cf:f2:88:65:26:ee:02:15:1a:f2:
64:2f:55:70:82:3c:3d:3b:a4:dd:57:af:96:50:1e:6f:04:81:
f8:3e:b3:63:6e:3f:78:45:45:76:54:30:1c:37:f1:a3:98:0f:
89:07:23:c0:a4:24:34:69:ef:cf:d3:31:d9:98:44:e4:9a:08:
34:19:5d:f0:34:20:4b:1f:85:fb:b3:b4:d6:92:46:c4:d2:d6:
3f:58:fa:67
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZShqEJ91gSUYARNKzMmSS0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTkzODNhM2UzZjExNmE5YmNjNDc2OWM4NTE3Y2RjZTQw
NzY1YzcwHhcNMjUwMTI2MDgwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg3MTg0ZTY3MGMxNWZiZWRiYTlmMDQzOTU3ZDYxODliYjZiZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlChn2OhEaTsfsrh4fJj699kOryez
3+qcPz00y+89oq/hv3mqlBlzsa6rPO40x9ZpdCuhbwp3Svz0c5lfMVTI+aG/MsZD
B0lx129+MD2HDht2Jf8NGIAQaaEkLkqUv9CyuuFnOuua/b+I4yZ1NVx8gYHsfpjC
oO/bqzwiBYh7DqXch9PFvlOU1DWdcqr9sNBXudmj73Q5wJ20PCdWWktAbTG1sfxr
nnmrQJtNKnzipN4XYr/OaXThB0zaTMYV9y0QvT21e6YZc5ltLM0Tdw3prjEJBrMn
gA/9P6a673ycfrd8sIn05UGUfQ+bS61abzm9R9D36TBRzgTzO6+WZbFgMQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFC+HGE5nDBX77bqfBDlX1hibtr1/MB8GA1UdIwQY
MBaAFPIZODo+PxFqm8xHachRfNzkB2XHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhrNE9qNF9FV3FiekVkcHlGRjgzT1FIWmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83Y2YwYjEtMjI5OC00NDg0LWJkODAt
NmNjOWY2Y2JhYWM0LzEvTDRjWVRtY01GZnZ0dXA4RU9WZldHSnUydlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS83Y2YwYjEtMjI5OC00NDg0LWJkODAtNmNjOWY2Y2JhYWM0
LzEvOGhrNE9qNF9FV3FiekVkcHlGRjgzT1FIWmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAeBAIAATAYAwQDLrfYAwQA
VCaCAwQAVCaEAwQBVCaGMCEEAgACMBswEAMFBioCSEADBwAqAkhAAAIDBwAqAkhA
EAAwDQYJKoZIhvcNAQELBQADggEBAHDSKByds3av/8fj+hTnCtyAJOcIYqkD1BNx
jufgEhJ8qkucDIeO2dDLJsKLBI/kIpBEr19ZvvfqJXLzQ99jByP6Q5fEHaxIyl3v
jBolDjLDm4wpDflBzNagnUP72OZfntSGjoucJElKaPMnH8IKY40MIPjrPCzKXGPQ
di3TwOwPJ3aLpU2BKg+e3EZQEvuG+mgJelX9V61Wy5zTZt9rI98sZyOzTqbYRzxk
z/KIZSbuAhUa8mQvVXCCPD07pN1Xr5ZQHm8Egfg+s2NuP3hFRXZUMBw38aOYD4kH
I8CkJDRp78/TMdmYROSaCDQZXfA0IEsfhfuztNaSRsTS1j9Y+mc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:57:49 2025 by rpki-client