Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ScAM3JcMi24yFphzObZfI6mO-zo.roa
File: ScAM3JcMi24yFphzObZfI6mO-zo.roa (raw, json)
Hash identifier: K1bZqHjxbOhq3ZqpxilV1i0Y24aYT2EzLGDAFHx7rAQ=
Subject key identifier: 49:C0:0C:DC:97:0C:8B:6E:32:16:98:73:39:B6:5F:23:A9:8E:FB:3A
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA95904FCA7B0068A4E402FA489525
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ScAM3JcMi24yFphzObZfI6mO-zo.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50673
IP address blocks: 46.243.188.0/22 maxlen: 22
128.0.68.0/23 maxlen: 23
188.72.68.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:95:90:4f:ca:7b:00:68:a4:e4:02:fa:48:95:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49c00cdc970c8b6e3216987339b65f23a98efb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:91:15:3d:04:d2:e8:70:76:07:3e:22:25:
a5:4d:c1:96:89:bc:42:d1:b1:8f:7e:9c:6f:48:17:
24:e8:fa:e0:d4:f8:66:3c:39:c3:ab:b1:6d:81:72:
68:ab:36:60:e1:08:d2:bd:b6:8c:91:d5:99:be:e9:
df:d7:d6:62:5b:af:e4:50:25:5e:f7:38:3f:2d:01:
85:b3:f8:63:90:56:df:62:b5:db:10:4f:ec:81:ae:
bd:05:8f:8f:c2:0d:54:93:53:c9:04:19:cb:04:40:
f3:e6:dd:a5:18:7d:1b:a3:6f:23:a2:e8:bf:0b:94:
dd:00:c1:67:ec:0f:27:14:50:5e:0d:c7:cc:97:ef:
14:73:05:59:e7:c8:99:0b:0b:33:81:3d:86:4a:5a:
d0:34:99:91:87:c2:93:ee:bd:21:9e:64:f9:e9:35:
58:30:a6:f9:49:6f:c1:46:8e:a2:b9:d1:cd:99:ce:
15:c7:87:38:60:5a:26:7e:ca:10:c5:ea:40:e6:1b:
4d:d0:9d:bf:4b:46:cd:1f:b6:26:d5:36:75:b4:cb:
7a:c9:be:74:fe:93:e1:51:c1:5f:d3:98:39:d4:82:
55:12:1b:76:03:27:37:bb:4b:16:7e:77:32:eb:ca:
e8:ce:ce:c6:58:ef:8f:ee:35:40:0f:c6:11:14:01:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C0:0C:DC:97:0C:8B:6E:32:16:98:73:39:B6:5F:23:A9:8E:FB:3A
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ScAM3JcMi24yFphzObZfI6mO-zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.188.0/22
128.0.68.0/23
188.72.68.0/23
Signature Algorithm: sha256WithRSAEncryption
93:2c:23:ab:d0:80:93:91:9d:22:b1:44:79:20:bb:d2:e2:4a:
83:35:f6:22:57:58:c3:92:09:a0:bb:ac:ee:e4:7a:b3:23:7a:
ea:e6:c4:ac:f9:ad:d8:d0:78:4a:65:0d:9c:c0:4d:76:1e:32:
94:4b:2d:96:93:70:38:33:2b:a7:28:7b:f7:c2:1b:f2:96:2d:
13:fd:57:ff:4e:36:d3:37:86:03:ac:d1:90:21:7d:fd:92:e1:
60:84:d2:47:41:b1:49:9f:fb:10:e1:00:de:89:88:db:3e:f2:
9e:bf:6b:b1:93:55:a0:32:66:23:2c:b3:91:76:9a:df:0b:d9:
2c:3c:6a:fd:78:2c:37:c4:79:58:6b:b1:f5:7d:b6:a9:5d:96:
82:7f:d1:e2:b6:1a:bf:2f:f9:b2:88:02:ce:9d:7f:e9:1f:7b:
18:ac:9c:1e:4c:1e:ac:61:90:f6:73:9e:e5:5d:cb:7c:5a:63:
07:0f:ac:38:70:b7:ea:6e:5f:c9:89:8e:8e:59:82:5b:2e:57:
94:5c:4c:a2:10:be:22:47:88:08:de:dd:80:a4:af:81:4a:a8:
a2:ec:cd:c2:a6:ca:ce:97:b2:7d:6e:4a:2b:93:92:87:34:71:
90:db:c7:89:e4:8f:6e:93:5f:ab:e0:7d:14:93:59:fe:93:4d:
04:42:c0:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+pWQT8p7AGik5AL6SJUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWMwMGNkYzk3MGM4YjZlMzIxNjk4NzMzOWI2NWYyM2E5OGVmYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hqRFT0E0uhwdgc+IiWlTcGWibxC
0bGPfpxvSBck6Prg1PhmPDnDq7FtgXJoqzZg4QjSvbaMkdWZvunf19ZiW6/kUCVe
9zg/LQGFs/hjkFbfYrXbEE/sga69BY+Pwg1Uk1PJBBnLBEDz5t2lGH0bo28joui/
C5TdAMFn7A8nFFBeDcfMl+8UcwVZ58iZCwszgT2GSlrQNJmRh8KT7r0hnmT56TVY
MKb5SW/BRo6iudHNmc4Vx4c4YFomfsoQxepA5htN0J2/S0bNH7Ym1TZ1tMt6yb50
/pPhUcFf05g51IJVEht2Ayc3u0sWfncy68rozs7GWO+P7jVAD8YRFAGqiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEnADNyXDItuMhaYczm2XyOpjvs6MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvU2NBTTNKY01pMjR5RnBoek9iWmZJNm1PLXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLvO8AwQB
gABEAwQBvEhEMA0GCSqGSIb3DQEBCwUAA4IBAQCTLCOr0ICTkZ0isUR5ILvS4kqD
NfYiV1jDkgmgu6zu5HqzI3rq5sSs+a3Y0HhKZQ2cwE12HjKUSy2Wk3A4MyunKHv3
whvyli0T/Vf/TjbTN4YDrNGQIX39kuFghNJHQbFJn/sQ4QDeiYjbPvKev2uxk1Wg
MmYjLLORdprfC9ksPGr9eCw3xHlYa7H1fbapXZaCf9Hithq/L/myiALOnX/pH3sY
rJweTB6sYZD2c57lXct8WmMHD6w4cLfqbl/JiY6OWYJbLleUXEyiEL4iR4gI3t2A
pK+BSqii7M3CpsrOl7J9bkork5KHNHGQ28eJ5I9uk1+r4H0Uk1n+k00EQsCs
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:35:43 2025 by rpki-client