Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/893cl4OHtUWg2B1AVRaJYq99qT4.roa
File: 893cl4OHtUWg2B1AVRaJYq99qT4.roa (raw, json)
Hash identifier: NOwZXEh5K5QYgyN4EaYSUlqxcHexOFShGJXeG3oKJ2o=
Subject key identifier: F3:DD:DC:97:83:87:B5:45:A0:D8:1D:40:55:16:89:62:AF:7D:A9:3E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA6820CE85DD6B0BF1B437C06FA18
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/893cl4OHtUWg2B1AVRaJYq99qT4.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202795
IP address blocks: 46.243.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a6:82:0c:e8:5d:d6:b0:bf:1b:43:7c:06:fa:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3dddc978387b545a0d81d4055168962af7da93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:ed:11:4a:f9:41:dc:e2:7c:f9:d2:50:ae:
79:46:4c:04:b8:d3:ab:79:61:8d:61:7c:03:e9:fe:
7c:11:52:4a:d1:b7:aa:24:eb:d4:67:8f:22:46:d0:
54:b8:c2:8f:c2:6e:c5:1c:85:33:35:81:27:4f:c6:
8f:ea:8f:b2:b9:b6:3d:63:8f:04:98:d4:31:ed:fd:
de:3f:31:8f:ea:9c:eb:24:71:39:1d:e3:bf:f4:f0:
42:1e:7f:91:86:8e:e6:5d:69:40:ec:fe:7c:02:43:
79:40:27:1e:80:cc:a4:cb:71:2f:94:ac:ab:24:98:
53:65:c9:4f:f8:08:66:2f:a4:fa:ef:ba:cc:21:5a:
28:75:93:6f:1e:25:1f:3b:61:75:0e:49:8d:81:dd:
99:74:6d:df:f0:c7:eb:1c:a4:d3:99:2e:b7:55:2c:
10:fe:0c:de:89:43:9d:c5:ee:5e:c8:f7:c1:f6:94:
79:38:be:51:27:1e:c9:e3:0e:ce:77:08:65:84:48:
e3:8f:f2:31:b5:91:ff:9e:c5:76:a0:46:07:6f:f4:
b4:14:ca:83:68:b6:0e:ee:09:49:7a:cb:63:37:da:
1c:d6:75:5e:57:eb:96:ff:1e:40:6b:d8:4f:1e:42:
80:60:b3:b9:01:63:07:4b:c6:7a:4b:4a:6e:7c:6a:
c2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DD:DC:97:83:87:B5:45:A0:D8:1D:40:55:16:89:62:AF:7D:A9:3E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/893cl4OHtUWg2B1AVRaJYq99qT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.168.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:49:41:1d:4b:48:98:a3:ba:82:22:33:73:6c:1a:4a:0c:28:
15:7c:55:aa:ef:6a:af:02:ae:1a:c5:30:b4:24:9a:1b:a7:0b:
7f:1d:72:32:ef:92:64:9d:43:75:3f:fc:59:5d:6d:10:7d:f9:
64:eb:a8:f3:15:f3:de:ef:49:81:8b:18:13:b1:f7:e1:0d:27:
f6:86:8a:f9:7d:e6:f4:89:d7:a8:55:20:57:a3:de:ee:29:69:
25:f5:22:ab:e9:43:b2:8d:74:5f:3f:27:a4:48:5b:99:19:2d:
8f:2d:81:85:ff:6c:04:12:bd:2c:59:66:97:8e:85:3f:7a:28:
7d:3d:6a:1d:09:64:ea:29:42:e7:be:0a:14:c5:8f:61:b0:07:
f6:19:ff:4c:07:f9:6e:34:ae:ee:8b:9c:c2:aa:90:6f:a2:5a:
b1:e9:7e:70:3d:89:bd:d6:a8:bd:21:22:88:b0:85:13:05:5f:
b0:65:4d:4e:f4:0f:b7:aa:d9:49:f3:6a:35:c8:1b:d7:b1:6e:
17:c1:2a:a6:7d:2b:d4:0d:9c:ce:60:86:a6:c0:db:52:96:81:
85:a8:c1:64:f2:d4:c8:ec:b2:af:7f:0f:7e:ea:2f:f4:6d:39:
3b:42:66:e0:98:26:13:3a:60:b1:5a:01:2f:35:12:17:41:e1:
45:3a:a1:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qaCDOhd1rC/G0N8BvoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2RkZGM5NzgzODdiNTQ1YTBkODFkNDA1NTE2ODk2MmFmN2RhOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx/tEUr5QdzifPnSUK55RkwEuNOr
eWGNYXwD6f58EVJK0beqJOvUZ48iRtBUuMKPwm7FHIUzNYEnT8aP6o+yubY9Y48E
mNQx7f3ePzGP6pzrJHE5HeO/9PBCHn+Rho7mXWlA7P58AkN5QCcegMyky3EvlKyr
JJhTZclP+AhmL6T677rMIVoodZNvHiUfO2F1DkmNgd2ZdG3f8MfrHKTTmS63VSwQ
/gzeiUOdxe5eyPfB9pR5OL5RJx7J4w7OdwhlhEjjj/IxtZH/nsV2oEYHb/S0FMqD
aLYO7glJestjN9oc1nVeV+uW/x5Aa9hPHkKAYLO5AWMHS8Z6S0pufGrC1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPd3JeDh7VFoNgdQFUWiWKvfak+MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvODkzY2w0T0h0VVdnMkIxQVZSYUpZcTk5cVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvOoMA0G
CSqGSIb3DQEBCwUAA4IBAQDMSUEdS0iYo7qCIjNzbBpKDCgVfFWq72qvAq4axTC0
JJobpwt/HXIy75JknUN1P/xZXW0Qfflk66jzFfPe70mBixgTsffhDSf2hor5feb0
ideoVSBXo97uKWkl9SKr6UOyjXRfPyekSFuZGS2PLYGF/2wEEr0sWWaXjoU/eih9
PWodCWTqKULnvgoUxY9hsAf2Gf9MB/luNK7ui5zCqpBvolqx6X5wPYm91qi9ISKI
sIUTBV+wZU1O9A+3qtlJ82o1yBvXsW4XwSqmfSvUDZzOYIamwNtSloGFqMFk8tTI
7LKvfw9+6i/0bTk7QmbgmCYTOmCxWgEvNRIXQeFFOqHL
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:11:12 2025 by rpki-client