Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1--cUq91Mit5QH2cwWSOxBevK3nA.roa
File: 1--cUq91Mit5QH2cwWSOxBevK3nA.roa (raw, json)
Hash identifier: AeVg1wzE8EyDayqX6dUPTOAPPGnggkU3AZQPwR7KISU=
Subject key identifier: FB:E7:14:AB:DD:4C:8A:DE:50:1F:67:30:59:23:B1:05:EB:CA:DE:70
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1E085C3E862C08FDE62975F0CFE65
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1--cUq91Mit5QH2cwWSOxBevK3nA.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212807
IP address blocks: 46.107.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:85:c3:e8:62:c0:8f:de:62:97:5f:0c:fe:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbe714abdd4c8ade501f67305923b105ebcade70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bd:bd:16:fe:40:31:88:a6:c2:51:7c:82:d7:
8f:9f:f7:a2:ca:30:01:e5:97:ab:8e:40:0f:27:2f:
d9:74:1f:80:00:2b:80:89:2d:01:50:19:3f:e4:e1:
6a:72:48:77:09:75:ba:25:80:b2:21:b6:88:a7:e0:
97:0a:a8:16:27:2e:18:9d:64:a0:ba:e1:59:af:d7:
42:5c:2e:e4:7c:91:b4:52:29:46:c5:3c:f6:1f:dc:
d8:a8:da:38:29:4c:15:0f:96:0c:5a:0f:90:45:1c:
86:3a:4b:ef:ba:b5:8b:c5:55:d3:2a:f3:07:35:d8:
7a:2b:78:28:c7:3f:3a:dd:87:3c:46:99:1d:db:8e:
c6:0c:f3:36:00:4b:53:7e:a4:f2:0c:34:7a:96:1d:
95:3a:64:52:a8:a8:76:8b:8f:fa:a3:3d:fd:18:8c:
bd:b0:74:65:78:5b:5b:46:c4:53:54:ae:3b:28:05:
84:82:4f:1f:6d:0c:25:b9:aa:db:3b:9f:b2:fd:cd:
7f:8c:b4:c2:f5:60:a3:2e:64:15:5a:6c:06:8d:8b:
52:89:7e:50:20:16:6a:a2:82:c2:d2:78:2d:47:81:
f0:a2:19:8b:60:e2:21:c6:60:74:aa:0d:4e:68:cd:
23:8e:b5:bc:69:6b:79:cf:76:de:60:d6:93:42:e5:
37:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E7:14:AB:DD:4C:8A:DE:50:1F:67:30:59:23:B1:05:EB:CA:DE:70
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1--cUq91Mit5QH2cwWSOxBevK3nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.107.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:02:70:44:23:76:d7:ea:94:29:34:61:6c:b3:db:75:8d:89:
80:b5:20:c8:00:26:79:2e:b6:a9:e1:d3:bf:41:dd:d7:7c:8a:
21:e5:4c:49:f7:98:64:4a:de:25:1b:fa:63:07:c8:69:c1:87:
98:7d:db:31:d4:36:c4:94:ed:0e:3c:aa:d9:11:4c:40:18:f2:
47:b9:18:92:e0:e5:48:ba:7e:64:be:d8:d4:a8:21:3e:fc:d4:
8d:79:dc:e3:63:f5:37:71:13:03:95:a3:39:5a:9e:6b:3a:31:
27:79:a5:b7:67:4d:20:d9:94:d2:c0:c3:20:40:78:2a:fc:64:
62:15:d0:4e:3c:2c:c3:e1:c6:e0:6a:6a:3c:62:67:33:00:40:
b6:e6:8a:0e:7b:78:4d:56:55:9f:54:95:3d:21:84:a9:f6:7e:
31:b4:de:dc:8d:4d:d3:6d:9b:91:7e:3b:16:5b:13:2b:60:7b:
a4:4b:92:b7:10:77:72:3f:39:34:d9:2b:85:0f:2c:47:d8:48:
8d:50:48:81:88:59:e0:a8:4a:2e:08:56:02:2b:51:3b:88:fc:
39:91:e3:cf:73:ec:49:a2:00:ef:a9:13:a9:f6:e4:dc:53:5b:
1d:2d:7c:cd:ef:9a:94:15:c2:f7:d5:17:80:5c:07:08:ba:54:
05:86:63:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhseCFw+hiwI/eYpdfDP5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU3MTRhYmRkNGM4YWRlNTAxZjY3MzA1OTIzYjEwNWViY2FkZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b29Fv5AMYimwlF8gtePn/eiyjAB
5ZerjkAPJy/ZdB+AACuAiS0BUBk/5OFqckh3CXW6JYCyIbaIp+CXCqgWJy4YnWSg
uuFZr9dCXC7kfJG0UilGxTz2H9zYqNo4KUwVD5YMWg+QRRyGOkvvurWLxVXTKvMH
Ndh6K3goxz863Yc8Rpkd247GDPM2AEtTfqTyDDR6lh2VOmRSqKh2i4/6oz39GIy9
sHRleFtbRsRTVK47KAWEgk8fbQwluarbO5+y/c1/jLTC9WCjLmQVWmwGjYtSiX5Q
IBZqooLC0ngtR4HwohmLYOIhxmB0qg1OaM0jjrW8aWt5z3beYNaTQuU38QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvnFKvdTIreUB9nMFkjsQXryt5wMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvMS0tY1VxOTFNaXQ1UUgyY3dXU094QmV2SzNuQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMw
Mi8xLzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC5r3DAN
BgkqhkiG9w0BAQsFAAOCAQEAPAJwRCN21+qUKTRhbLPbdY2JgLUgyAAmeS62qeHT
v0Hd13yKIeVMSfeYZEreJRv6YwfIacGHmH3bMdQ2xJTtDjyq2RFMQBjyR7kYkuDl
SLp+ZL7Y1KghPvzUjXnc42P1N3ETA5WjOVqeazoxJ3mlt2dNINmU0sDDIEB4Kvxk
YhXQTjwsw+HG4GpqPGJnMwBAtuaKDnt4TVZVn1SVPSGEqfZ+MbTe3I1N022bkX47
FlsTK2B7pEuStxB3cj85NNkrhQ8sR9hIjVBIgYhZ4KhKLghWAitRO4j8OZHjz3Ps
SaIA76kTqfbk3FNbHS18ze+alBXC99UXgFwHCLpUBYZjIQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:39:30 2025 by rpki-client