Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/xWH61H-UcUY6ZJDt-T0XZrm3Kd0.roa
File: xWH61H-UcUY6ZJDt-T0XZrm3Kd0.roa (raw, json)
Hash identifier: I6W0yqhD6f0inkp6BbBz5CSZ4vRRv1c8dDwlJ+6LOEM=
Subject key identifier: C5:61:FA:D4:7F:94:71:46:3A:64:90:ED:F9:3D:17:66:B9:B7:29:DD
Certificate issuer: /CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Certificate serial: 019743E12473A74A96E7EA3AA580BF8F80D3
Authority key identifier: 24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/xWH61H-UcUY6ZJDt-T0XZrm3Kd0.roa
Signing time: Fri 06 Jun 2025 06:15:17 +0000
ROA not before: Fri 06 Jun 2025 06:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29386
IP address blocks: 46.213.0.0/21 maxlen: 21
46.213.128.0/21 maxlen: 21
94.252.183.0/24 maxlen: 24
185.136.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:e1:24:73:a7:4a:96:e7:ea:3a:a5:80:bf:8f:80:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Validity
Not Before: Jun 6 06:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c561fad47f9471463a6490edf93d1766b9b729dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5e:fb:b7:69:27:10:2d:65:42:50:3a:c6:ce:
29:36:e2:3d:ce:ab:4f:2d:d6:44:8b:d7:75:ad:62:
2e:b0:bf:4b:81:d6:1f:8f:c1:4c:c4:7a:56:88:e0:
01:03:56:65:6f:7f:ea:7c:c8:a1:0d:2d:e2:0a:2c:
c0:e4:b5:1f:32:29:c3:3d:e3:ea:92:af:4d:f7:89:
fd:a5:ce:0e:21:41:07:ff:46:b1:32:36:5a:90:c3:
4b:ea:5a:a5:8c:d9:ee:41:86:a6:3b:3a:d5:4b:13:
5e:87:1c:d8:3d:16:48:37:88:fb:8d:93:73:28:df:
63:dc:61:50:7d:a1:24:af:e5:45:8a:a7:c2:0b:2e:
29:f2:33:14:a1:e6:11:a2:2b:62:63:ec:b2:99:5d:
8b:97:25:48:08:87:13:40:71:d4:6c:6f:58:46:41:
5b:e9:16:fa:f3:1e:a3:de:ab:a4:20:08:4c:06:49:
a5:2f:89:39:2e:8a:82:0c:38:3e:d5:2f:0e:32:47:
17:9f:43:ea:9c:f4:34:09:32:b1:e3:29:c7:1d:bc:
5e:5a:3b:7e:55:67:d3:dc:30:fa:2c:2d:61:9d:3f:
48:c2:01:b2:80:b5:92:8f:4b:39:76:4d:1d:9c:fb:
32:3d:8e:08:84:75:18:47:95:e1:0e:c6:5c:6a:7a:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:61:FA:D4:7F:94:71:46:3A:64:90:ED:F9:3D:17:66:B9:B7:29:DD
X509v3 Authority Key Identifier:
keyid:24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/xWH61H-UcUY6ZJDt-T0XZrm3Kd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.213.0.0/21
46.213.128.0/21
94.252.183.0/24
185.136.144.0/22
Signature Algorithm: sha256WithRSAEncryption
27:af:8a:0d:25:16:69:2f:a3:b5:4a:64:ce:66:ff:d7:04:06:
3a:52:5a:e3:3e:8d:ea:ce:81:bb:a7:4d:39:40:2c:f3:c2:b7:
01:de:87:6d:9d:27:72:7a:dd:83:de:0d:66:dd:48:8a:6d:63:
d8:63:ff:e6:cf:27:e7:b1:9c:6d:b8:b7:7b:6c:c9:a3:f2:98:
42:d9:72:b4:8c:90:b3:a1:86:d5:15:85:85:25:25:15:6b:56:
d5:16:57:51:12:1d:5d:26:89:d5:7a:ca:7a:91:ff:25:89:79:
a3:ed:99:8f:5d:79:33:74:f7:9c:a6:da:c5:8f:e8:32:87:17:
43:0a:10:2a:48:cd:79:dc:0f:3e:d4:fe:be:02:be:8d:e9:7f:
ad:c1:e0:71:9f:6e:82:df:58:27:d4:cf:33:47:f5:02:57:6a:
04:85:9d:bf:13:7b:80:44:00:2b:37:dc:e8:49:e5:37:98:33:
9c:df:3c:e6:70:bb:00:92:d5:1c:cc:75:d5:bf:5f:96:ff:93:
49:4b:47:b2:ea:d7:89:fb:74:95:21:b7:f3:57:0b:b5:d7:72:
88:bf:c0:40:0c:0a:64:b3:f6:d7:1e:cb:58:8c:c9:c7:59:76:
2c:68:b1:ba:1e:42:6f:46:fa:49:2c:a3:5c:52:a2:ca:09:29:
cd:42:6e:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdD4SRzp0qW5+o6pYC/j4DTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDlkYTRmZmIxYmI2ZDI3M2RlMWJhZDVkYmJmMGQxZmY0
N2YwY2YwHhcNMjUwNjA2MDYxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYxZmFkNDdmOTQ3MTQ2M2E2NDkwZWRmOTNkMTc2NmI5YjcyOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl77t2knEC1lQlA6xs4pNuI9zqtP
LdZEi9d1rWIusL9LgdYfj8FMxHpWiOABA1Zlb3/qfMihDS3iCizA5LUfMinDPePq
kq9N94n9pc4OIUEH/0axMjZakMNL6lqljNnuQYamOzrVSxNehxzYPRZIN4j7jZNz
KN9j3GFQfaEkr+VFiqfCCy4p8jMUoeYRoitiY+yymV2LlyVICIcTQHHUbG9YRkFb
6Rb68x6j3qukIAhMBkmlL4k5LoqCDDg+1S8OMkcXn0PqnPQ0CTKx4ynHHbxeWjt+
VWfT3DD6LC1hnT9IwgGygLWSj0s5dk0dnPsyPY4IhHUYR5XhDsZcanoglQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVh+tR/lHFGOmSQ7fk9F2a5tyndMB8GA1UdIwQY
MBaAFCTZ2k/7G7bSc94brV278NH/R/DPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2Yt
OGEwM2E3YzFmZTliLzEveFdINjFILVVjVVk2WkpEdC1UMFhacm0zS2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2YtOGEwM2E3YzFmZTli
LzEvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLtUAAwQD
LtWAAwQAXvy3AwQCuYiQMA0GCSqGSIb3DQEBCwUAA4IBAQAnr4oNJRZpL6O1SmTO
Zv/XBAY6UlrjPo3qzoG7p005QCzzwrcB3odtnSdyet2D3g1m3UiKbWPYY//mzyfn
sZxtuLd7bMmj8phC2XK0jJCzoYbVFYWFJSUVa1bVFldREh1dJonVesp6kf8liXmj
7ZmPXXkzdPecptrFj+gyhxdDChAqSM153A8+1P6+Ar6N6X+tweBxn26C31gn1M8z
R/UCV2oEhZ2/E3uARAArN9zoSeU3mDOc3zzmcLsAktUczHXVv1+W/5NJS0ey6teJ
+3SVIbfzVwu113KIv8BADApks/bXHstYjMnHWXYsaLG6HkJvRvpJLKNcUqLKCSnN
Qm7H
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:43:09 2025 by rpki-client