Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/35EW9mUAS2KwaYDPUieiupydDBY.roa
File: 35EW9mUAS2KwaYDPUieiupydDBY.roa (raw, json)
Hash identifier: V/BNRylyiFUELWt9i2pyrF3sOU/lNLQC8epYI7MQKPY=
Subject key identifier: DF:91:16:F6:65:00:4B:62:B0:69:80:CF:52:27:A2:BA:9C:9D:0C:16
Certificate issuer: /CN=4c261919b55c2c08f72a5ab1d0eb185ee12bdff7
Certificate serial: 01942521D3262018AD4CF570FF123548F321
Authority key identifier: 4C:26:19:19:B5:5C:2C:08:F7:2A:5A:B1:D0:EB:18:5E:E1:2B:DF:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/35EW9mUAS2KwaYDPUieiupydDBY.roa
Signing time: Thu 02 Jan 2025 03:49:21 +0000
ROA not before: Thu 02 Jan 2025 03:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51515
IP address blocks: 46.45.0.0/22 maxlen: 22
46.45.4.0/22 maxlen: 22
46.45.8.0/22 maxlen: 22
46.45.12.0/23 maxlen: 23
46.45.14.0/24 maxlen: 24
46.45.15.0/24 maxlen: 24
46.45.16.0/24 maxlen: 24
46.45.17.0/24 maxlen: 24
46.45.18.0/24 maxlen: 24
46.45.19.0/24 maxlen: 24
46.45.20.0/24 maxlen: 24
46.45.21.0/24 maxlen: 24
46.45.22.0/24 maxlen: 24
46.45.23.0/24 maxlen: 24
46.45.24.0/24 maxlen: 24
46.45.25.0/24 maxlen: 24
46.45.26.0/24 maxlen: 24
46.45.27.0/24 maxlen: 24
46.45.28.0/24 maxlen: 24
46.45.29.0/24 maxlen: 24
46.45.30.0/24 maxlen: 24
46.45.31.0/24 maxlen: 24
46.45.32.0/24 maxlen: 24
46.45.33.0/24 maxlen: 24
46.45.34.0/23 maxlen: 23
46.45.36.0/23 maxlen: 23
46.45.38.0/23 maxlen: 23
46.45.40.0/22 maxlen: 22
46.45.44.0/22 maxlen: 22
46.45.48.0/24 maxlen: 24
46.45.51.0/24 maxlen: 24
46.45.52.0/24 maxlen: 24
46.45.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d3:26:20:18:ad:4c:f5:70:ff:12:35:48:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c261919b55c2c08f72a5ab1d0eb185ee12bdff7
Validity
Not Before: Jan 2 03:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df9116f665004b62b06980cf5227a2ba9c9d0c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:8f:56:09:a2:87:0d:01:1b:dd:7c:fc:1b:
b7:05:54:ca:94:37:b6:94:db:d8:77:cc:31:7d:83:
58:1d:59:6e:8c:d8:38:b7:ad:a4:0b:19:a0:3f:bb:
be:6b:f7:d9:b4:2a:b7:8f:d1:db:ff:93:9e:37:6d:
44:18:39:0e:0c:f8:23:60:e4:88:54:5f:bc:88:8b:
9d:ee:95:1a:da:63:66:ee:ed:c6:d5:2b:2c:4e:53:
c4:c3:5e:08:5a:01:1f:71:67:6a:22:75:6c:ff:71:
6d:2a:b6:99:d7:5e:43:ff:1c:10:fd:b9:2e:f6:71:
96:19:65:7b:26:3e:7e:f4:68:1b:ce:2b:66:d6:20:
aa:38:8d:1e:f6:36:54:cb:77:f8:46:e3:f7:60:49:
13:24:50:2d:7c:93:ee:53:6b:95:3d:01:e1:89:46:
5c:1c:d3:04:a5:20:3e:21:8f:ba:69:3e:e1:e5:3a:
91:a3:39:5f:6b:db:d3:3c:d1:ca:fe:b2:52:ee:f7:
9d:f5:aa:f9:21:5c:3e:9d:75:e0:58:7e:3c:05:d7:
f3:da:52:76:4d:87:53:2a:17:cc:81:0a:c0:17:16:
60:e6:6c:77:d7:16:f3:16:7c:62:be:55:3f:34:e6:
3b:b4:0a:6e:e5:4e:00:62:bd:46:85:6f:e3:36:2d:
bb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:91:16:F6:65:00:4B:62:B0:69:80:CF:52:27:A2:BA:9C:9D:0C:16
X509v3 Authority Key Identifier:
keyid:4C:26:19:19:B5:5C:2C:08:F7:2A:5A:B1:D0:EB:18:5E:E1:2B:DF:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/35EW9mUAS2KwaYDPUieiupydDBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.0.0-46.45.48.255
46.45.51.0-46.45.53.255
Signature Algorithm: sha256WithRSAEncryption
45:3e:f0:87:a1:4b:31:ef:91:db:2e:68:6f:37:cd:af:df:91:
ef:b1:d6:2e:dc:e1:b3:18:6e:d5:65:7a:3c:3f:ee:5f:11:33:
fb:8d:ef:0d:af:80:94:f7:75:a2:39:1b:6c:b2:01:f1:af:7e:
ce:f6:05:a2:d5:04:c4:a4:a0:c5:d1:84:e1:d2:3f:ff:b5:07:
d5:c3:f8:05:f2:98:b9:0d:76:af:5f:37:9f:19:65:1d:91:d4:
a0:04:a6:dd:38:e6:4d:f7:e5:73:5e:63:3a:fb:c0:ca:23:a6:
06:bd:e4:de:7b:1f:c3:ff:68:db:6e:de:71:15:13:01:f1:c9:
a0:43:ff:67:df:50:32:09:0b:b2:4b:a6:a9:9b:ce:71:84:83:
14:ee:28:40:62:42:38:a2:ec:5b:08:8d:70:25:5c:41:a2:19:
95:10:33:92:d3:81:78:9d:18:73:56:ba:78:65:47:cf:a5:95:
f2:ad:3b:ac:87:d4:e6:8e:69:08:43:5a:34:f3:91:b6:8c:36:
bc:a3:c6:8d:21:f8:c1:a7:57:a9:c4:a0:03:56:28:4f:12:2d:
80:b3:ff:16:c7:bb:1a:17:9c:4a:e9:9c:41:84:1a:eb:e6:e7:
19:30:f5:45:1d:20:37:e9:e1:7b:90:20:9c:2a:be:13:d8:36:
5d:7b:4b:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIdMmIBitTPVw/xI1SPMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMjYxOTE5YjU1YzJjMDhmNzJhNWFiMWQwZWIxODVlZTEy
YmRmZjcwHhcNMjUwMTAyMDM0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjkxMTZmNjY1MDA0YjYyYjA2OTgwY2Y1MjI3YTJiYTljOWQwYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgKPVgmihw0BG918/Bu3BVTKlDe2
lNvYd8wxfYNYHVlujNg4t62kCxmgP7u+a/fZtCq3j9Hb/5OeN21EGDkODPgjYOSI
VF+8iIud7pUa2mNm7u3G1SssTlPEw14IWgEfcWdqInVs/3FtKraZ115D/xwQ/bku
9nGWGWV7Jj5+9Ggbzitm1iCqOI0e9jZUy3f4RuP3YEkTJFAtfJPuU2uVPQHhiUZc
HNMEpSA+IY+6aT7h5TqRozlfa9vTPNHK/rJS7ved9ar5IVw+nXXgWH48Bdfz2lJ2
TYdTKhfMgQrAFxZg5mx31xbzFnxivlU/NOY7tApu5U4AYr1GhW/jNi27IwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN+RFvZlAEtisGmAz1InorqcnQwWMB8GA1UdIwQY
MBaAFEwmGRm1XCwI9ypasdDrGF7hK9/3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVENZWkdiVmNMQWozS2xxeDBPc1lYdUVyM19jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9jMWQ5NDAtMDQ0ZC00OWM0LWE3YTEt
YTAwNzY2NzliZTYwLzEvMzVFVzltVUFTMkt3YVlEUFVpZWl1cHlkREJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9jMWQ5NDAtMDQ0ZC00OWM0LWE3YTEtYTAwNzY2NzliZTYw
LzEvVENZWkdiVmNMQWozS2xxeDBPc1lYdUVyM19jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwAuLQME
AC4tMDAMAwQALi0zAwQBLi00MA0GCSqGSIb3DQEBCwUAA4IBAQBFPvCHoUsx75Hb
LmhvN82v35HvsdYu3OGzGG7VZXo8P+5fETP7je8Nr4CU93WiORtssgHxr37O9gWi
1QTEpKDF0YTh0j//tQfVw/gF8pi5DXavXzefGWUdkdSgBKbdOOZN9+VzXmM6+8DK
I6YGveTeex/D/2jbbt5xFRMB8cmgQ/9n31AyCQuyS6apm85xhIMU7ihAYkI4ouxb
CI1wJVxBohmVEDOS04F4nRhzVrp4ZUfPpZXyrTush9TmjmkIQ1o085G2jDa8o8aN
IfjBp1epxKADVihPEi2As/8Wx7saF5xK6ZxBhBrr5ucZMPVFHSA36eF7kCCcKr4T
2DZde0vg
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:46 2025 by rpki-client