Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/4Yqz6mzAxsTp7LTA9pLRdzvqp7A.roa
File: 4Yqz6mzAxsTp7LTA9pLRdzvqp7A.roa (raw, json)
Hash identifier: Ow3YpmTpRMl6qMkXjave/Z2C+8qskJo+DojTdIc7TV4=
Subject key identifier: E1:8A:B3:EA:6C:C0:C6:C4:E9:EC:B4:C0:F6:92:D1:77:3B:EA:A7:B0
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 01942444A6C7F08C8BE860CDC11C8A51AB6E
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/4Yqz6mzAxsTp7LTA9pLRdzvqp7A.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29169
IP address blocks: 46.226.104.0/21 maxlen: 32
185.26.124.0/22 maxlen: 32
213.167.228.0/22 maxlen: 24
213.167.240.0/20 maxlen: 24
217.70.176.0/20 maxlen: 32
2001:4b98::/31 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 14:19:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a6:c7:f0:8c:8b:e8:60:cd:c1:1c:8a:51:ab:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18ab3ea6cc0c6c4e9ecb4c0f692d1773beaa7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0a:e8:72:5d:34:0b:9f:df:b1:91:e4:ed:c7:
9a:8b:f2:fc:ed:9b:79:04:cf:21:a5:38:65:05:aa:
7c:e9:b3:8e:43:92:7b:5b:cb:3a:c7:c7:8d:2d:2e:
1a:b9:ab:5b:09:2d:e7:22:c0:18:88:01:a6:df:69:
66:8a:7b:a1:78:d8:41:f1:2d:a0:c1:91:5f:20:bc:
9c:e1:b4:a9:2b:4c:f8:ac:96:f7:07:56:2a:18:88:
89:3d:4b:c1:92:c4:a5:e0:58:a8:f2:a8:52:d6:6a:
c3:a2:17:2c:58:63:8f:3a:e4:54:72:24:3c:24:28:
c2:ef:c0:d5:5f:54:27:48:08:02:80:ea:e1:f7:22:
f4:50:9f:c4:37:54:10:a1:aa:70:0c:c9:a4:b0:e6:
71:f0:0a:ed:72:75:bb:cb:7d:2f:96:34:f4:06:1a:
83:79:b9:fa:92:c5:1f:71:fd:a0:22:db:25:a2:eb:
b1:d0:94:83:b1:78:c9:ed:cb:fa:5b:fc:d7:68:85:
0c:6b:d0:65:4a:7e:af:fa:e9:ee:72:3b:c6:4d:ac:
c6:e5:d9:92:10:e3:08:51:e6:32:24:74:ec:30:ac:
b8:bc:16:50:8c:58:03:c7:b5:e5:40:d0:00:ba:00:
ad:56:09:c9:4c:76:df:d3:ea:22:37:76:32:ee:bf:
c7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8A:B3:EA:6C:C0:C6:C4:E9:EC:B4:C0:F6:92:D1:77:3B:EA:A7:B0
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/4Yqz6mzAxsTp7LTA9pLRdzvqp7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.104.0/21
185.26.124.0/22
213.167.228.0/22
213.167.240.0/20
217.70.176.0/20
IPv6:
2001:4b98::/31
Signature Algorithm: sha256WithRSAEncryption
17:bd:e0:fd:23:0a:4f:27:7b:c6:0a:cb:ce:30:fa:86:2f:20:
63:43:a6:c2:55:24:ee:f9:a5:97:d9:db:ea:34:7e:cf:f9:ec:
94:9f:0d:a0:1e:84:bd:18:a3:ed:72:7c:72:8e:cb:93:61:b6:
df:e5:51:1b:e9:69:80:e3:63:16:8f:ab:a8:4f:e2:77:32:4f:
c6:2e:09:f6:22:c4:24:81:36:d1:77:1d:7f:96:6d:18:e9:35:
70:a8:9c:78:fd:9a:b1:95:07:28:12:a6:f5:fd:4b:b9:69:96:
a1:29:71:c3:97:bd:49:83:e8:e9:c1:ec:e8:27:3c:f2:71:c0:
05:20:87:7b:00:5c:ba:9f:92:4b:01:9c:6b:33:8a:81:3c:3f:
c2:f0:da:45:4a:cd:6c:ee:6e:22:a4:ec:2f:ed:8e:37:54:14:
3e:3c:d1:e2:45:f6:e1:4f:ac:2f:88:ef:8b:8d:96:07:82:19:
d4:89:d8:5f:b6:ef:f0:0f:db:9c:6f:90:e0:ce:61:e9:dc:43:
9c:e3:1c:db:73:bd:21:d6:7e:e3:40:f7:04:0f:cd:4c:59:f9:
bc:7a:7f:c1:57:90:7c:f7:d3:66:77:28:1c:ab:09:81:8a:a6:
dc:30:53:94:b3:7b:35:65:ad:58:d4:64:33:5b:3b:8c:6c:fc:
6b:76:9c:d2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQkRKbH8IyL6GDNwRyKUatuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYTBlYzU5NTY0MzI0MjM3NDIwZDUwNmI5YjQ5OGQ3NTJl
ZTIxNjgwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThhYjNlYTZjYzBjNmM0ZTllY2I0YzBmNjkyZDE3NzNiZWFhN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQrocl00C5/fsZHk7ceai/L87Zt5
BM8hpThlBap86bOOQ5J7W8s6x8eNLS4auatbCS3nIsAYiAGm32lminuheNhB8S2g
wZFfILyc4bSpK0z4rJb3B1YqGIiJPUvBksSl4Fio8qhS1mrDohcsWGOPOuRUciQ8
JCjC78DVX1QnSAgCgOrh9yL0UJ/EN1QQoapwDMmksOZx8ArtcnW7y30vljT0BhqD
ebn6ksUfcf2gItslouux0JSDsXjJ7cv6W/zXaIUMa9BlSn6v+unucjvGTazG5dmS
EOMIUeYyJHTsMKy4vBZQjFgDx7XlQNAAugCtVgnJTHbf0+oiN3Yy7r/HcQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOGKs+pswMbE6ey0wPaS0Xc76qewMB8GA1UdIwQY
MBaAFLyg7FlWQyQjdCDVBrm0mNdS7iFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMt
N2M1NDlmMWVkMTZjLzEvNFlxejZtekF4c1RwN0xUQTlwTFJkenZxcDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMtN2M1NDlmMWVkMTZj
LzEvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLuJoAwQC
uRp8AwQC1afkAwQE1afwAwQE2UawMA0EAgACMAcDBQEgAUuYMA0GCSqGSIb3DQEB
CwUAA4IBAQAXveD9IwpPJ3vGCsvOMPqGLyBjQ6bCVSTu+aWX2dvqNH7P+eyUnw2g
HoS9GKPtcnxyjsuTYbbf5VEb6WmA42MWj6uoT+J3Mk/GLgn2IsQkgTbRdx1/lm0Y
6TVwqJx4/ZqxlQcoEqb1/Uu5aZahKXHDl71Jg+jpwezoJzzyccAFIId7AFy6n5JL
AZxrM4qBPD/C8NpFSs1s7m4ipOwv7Y43VBQ+PNHiRfbhT6wviO+LjZYHghnUidhf
tu/wD9ucb5DgzmHp3EOc4xzbc70h1n7jQPcED81MWfm8en/BV5B899NmdygcqwmB
iqbcMFOUs3s1Za1Y1GQzWzuMbPxrdpzS
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:17:48 2025 by rpki-client