Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/RlERu2riJWKRmPGYqUGwVhMTEfA.roa
File: RlERu2riJWKRmPGYqUGwVhMTEfA.roa (raw, json)
Hash identifier: w2p8YNRnxQaiCold+0o9++nb5GsSq8cnfNdvqMaxke0=
Subject key identifier: 46:51:11:BB:6A:E2:25:62:91:98:F1:98:A9:41:B0:56:13:13:11:F0
Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Certificate serial: 01942220012F51B2A5CA19BAEF488BB38129
Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/RlERu2riJWKRmPGYqUGwVhMTEfA.roa
Signing time: Wed 01 Jan 2025 13:48:30 +0000
ROA not before: Wed 01 Jan 2025 13:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29263
IP address blocks: 217.68.48.0/20 maxlen: 20
217.68.48.0/21 maxlen: 21
217.68.48.0/22 maxlen: 22
217.68.48.0/28 maxlen: 28
217.68.48.124/30 maxlen: 30
217.68.48.128/30 maxlen: 30
217.68.48.144/29 maxlen: 29
217.68.48.160/27 maxlen: 27
217.68.48.252/32 maxlen: 32
217.68.48.253/32 maxlen: 32
217.68.49.65/32 maxlen: 32
217.68.49.75/32 maxlen: 32
217.68.49.85/32 maxlen: 32
217.68.49.93/32 maxlen: 32
217.68.49.208/29 maxlen: 29
217.68.49.216/29 maxlen: 29
217.68.50.0/24 maxlen: 24
217.68.51.0/24 maxlen: 24
217.68.52.0/22 maxlen: 22
217.68.53.0/24 maxlen: 24
217.68.56.0/21 maxlen: 21
217.68.56.0/22 maxlen: 22
217.68.58.0/24 maxlen: 24
217.68.60.0/22 maxlen: 22
217.68.60.0/24 maxlen: 24
217.68.61.0/24 maxlen: 24
2a02:2400::/32 maxlen: 32
2a02:2400::/34 maxlen: 34
2a02:2400:4000::/34 maxlen: 34
2a02:2400:8000::/34 maxlen: 34
2a02:2400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.mft
rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:01:2f:51:b2:a5:ca:19:ba:ef:48:8b:b3:81:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Validity
Not Before: Jan 1 13:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=465111bb6ae225629198f198a941b056131311f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3a:6f:89:98:bf:7f:44:49:f5:79:1e:e1:76:
cf:9d:db:b4:73:21:ae:db:9c:6b:15:7c:62:61:ea:
e0:68:f5:6e:43:ad:aa:51:ff:cf:74:e5:bc:32:e7:
01:98:b1:2e:8a:16:f1:b4:ec:ea:d0:af:85:a7:fa:
83:c8:e3:fe:32:ba:31:63:d2:eb:37:8f:82:60:e2:
a5:78:5f:a4:48:97:9f:9f:98:cc:fd:86:2d:7a:bd:
d3:00:05:51:ea:6c:75:7a:fe:1d:22:98:0c:c5:47:
f1:76:87:40:d9:a1:cc:3c:8f:3a:0f:71:7b:54:e6:
06:12:9e:26:71:fd:17:83:81:c8:fb:c7:95:36:fb:
6e:35:15:ac:24:91:d5:cb:10:43:2f:d9:ee:da:97:
9c:c5:cb:20:01:75:67:6e:d8:34:e7:43:8f:41:a8:
73:b1:18:86:1c:7d:c5:3c:d8:02:8c:84:96:74:b2:
2f:21:f1:ac:a6:1c:1e:99:09:ae:9f:73:74:91:8d:
2c:07:69:99:1a:71:35:a2:f2:50:bd:a8:e6:c5:42:
6a:28:7b:db:70:f9:db:39:8d:8b:fd:42:93:ca:46:
88:3e:7a:68:4e:50:2b:ff:71:6d:fa:0a:f4:4f:c1:
02:43:b3:ee:f0:7e:dd:64:22:91:6d:a7:21:c6:13:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:51:11:BB:6A:E2:25:62:91:98:F1:98:A9:41:B0:56:13:13:11:F0
X509v3 Authority Key Identifier:
keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/RlERu2riJWKRmPGYqUGwVhMTEfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.48.0/20
IPv6:
2a02:2400::/32
Signature Algorithm: sha256WithRSAEncryption
39:29:4a:af:97:69:35:2e:0d:8f:31:4d:a1:b4:ff:68:c1:b7:
3e:4c:35:ed:e1:96:39:f1:87:e8:a4:84:0a:fb:0e:35:b9:b2:
f4:7b:c2:c8:cf:01:2f:83:3d:cc:73:f1:05:78:2a:a4:7b:a6:
25:53:3d:68:eb:c2:e3:47:56:25:f8:57:fe:67:5f:fc:4b:33:
20:96:ed:75:ad:af:90:3c:6b:c5:ef:e8:d1:44:21:b9:d8:93:
3a:2d:80:a3:57:b1:4c:61:6d:73:19:ae:7a:39:a7:40:dd:2e:
2b:f7:2d:8e:a5:4f:e0:89:7b:6c:10:e8:69:be:29:e3:75:7c:
fb:fd:a1:27:d7:ce:14:03:8e:81:aa:06:8d:b0:63:18:29:9d:
9a:67:87:b3:1c:f3:39:c3:2d:ed:0e:65:c9:35:31:4b:c9:41:
20:4a:50:c5:15:b5:4e:7a:58:de:dd:75:99:ef:c0:d7:9b:d6:
62:3a:1e:3e:55:7e:35:5c:c7:87:bf:db:19:70:83:7c:fc:6d:
3f:41:f4:e4:90:72:ca:79:5e:f1:8c:59:ec:8e:37:b5:db:1c:
a4:4f:90:77:98:d7:c8:05:29:24:eb:df:08:85:92:a3:40:40:
38:b4:48:9d:13:b8:85:ae:62:00:67:d3:aa:75:dd:d5:6c:32:
34:25:ac:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIAEvUbKlyhm670iLs4EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx
ZWVjYWQwHhcNMjUwMTAxMTM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjUxMTFiYjZhZTIyNTYyOTE5OGYxOThhOTQxYjA1NjEzMTMxMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjpviZi/f0RJ9Xke4XbPndu0cyGu
25xrFXxiYergaPVuQ62qUf/PdOW8MucBmLEuihbxtOzq0K+Fp/qDyOP+MroxY9Lr
N4+CYOKleF+kSJefn5jM/YYter3TAAVR6mx1ev4dIpgMxUfxdodA2aHMPI86D3F7
VOYGEp4mcf0Xg4HI+8eVNvtuNRWsJJHVyxBDL9nu2pecxcsgAXVnbtg050OPQahz
sRiGHH3FPNgCjISWdLIvIfGsphwemQmun3N0kY0sB2mZGnE1ovJQvajmxUJqKHvb
cPnbOY2L/UKTykaIPnpoTlAr/3Ft+gr0T8ECQ7Pu8H7dZCKRbachxhN9PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEZREbtq4iVikZjxmKlBsFYTExHwMB8GA1UdIwQY
MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt
YjEzMGJmNzZmZTEwLzEvUmxFUnUycmlKV0tSbVBHWXFVR3dWaE1URWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw
LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E
AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQA5KUqvl2k1Lg2PMU2htP9o
wbc+TDXt4ZY58YfopIQK+w41ubL0e8LIzwEvgz3Mc/EFeCqke6YlUz1o68LjR1Yl
+Ff+Z1/8SzMglu11ra+QPGvF7+jRRCG52JM6LYCjV7FMYW1zGa56OadA3S4r9y2O
pU/giXtsEOhpvinjdXz7/aEn184UA46BqgaNsGMYKZ2aZ4ezHPM5wy3tDmXJNTFL
yUEgSlDFFbVOelje3XWZ78DXm9ZiOh4+VX41XMeHv9sZcIN8/G0/QfTkkHLKeV7x
jFnsjje12xykT5B3mNfIBSkk698IhZKjQEA4tEidE7iFrmIAZ9Oqdd3VbDI0Jaxo
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:06 2025 by rpki-client