Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/RNIC7mCPENX0iBKXNTIzci3mkX4.roa
File: RNIC7mCPENX0iBKXNTIzci3mkX4.roa (raw, json)
Hash identifier: A50pnUKiWPzKeEOP7HAPInfDXRQ8D20n1h9JK0jOgX4=
Subject key identifier: 44:D2:02:EE:60:8F:10:D5:F4:88:12:97:35:32:33:72:2D:E6:91:7E
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 0196DA1411A4332FAE8091FFC98BE55D21C9
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/RNIC7mCPENX0iBKXNTIzci3mkX4.roa
Signing time: Fri 16 May 2025 17:11:10 +0000
ROA not before: Fri 16 May 2025 17:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54801
IP address blocks: 46.8.120.0/21 maxlen: 24
46.8.124.0/24 maxlen: 24
46.8.126.0/24 maxlen: 24
109.248.16.0/21 maxlen: 24
109.248.24.0/22 maxlen: 24
109.248.28.0/22 maxlen: 24
188.130.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:da:14:11:a4:33:2f:ae:80:91:ff:c9:8b:e5:5d:21:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: May 16 17:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44d202ee608f10d5f4881297353233722de6917e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:ac:2e:6c:d5:52:70:8f:2a:9f:62:e6:9c:
4f:51:43:ef:20:55:54:1a:c8:d7:b4:ae:03:7c:b1:
1d:d9:fc:e6:97:31:c9:36:f5:5d:0e:c7:e1:c1:18:
1b:ec:c6:03:62:e5:71:8d:92:c0:1c:6c:4f:fc:9f:
71:93:a4:81:90:00:4f:2d:28:88:86:f4:6e:29:5d:
de:d8:97:28:5d:25:16:d1:68:29:01:6e:49:bf:1d:
2e:1d:1b:b1:b5:ba:cf:2d:13:6b:fe:24:9c:09:4d:
db:68:1f:14:e2:c1:39:7b:ba:f9:7d:db:ee:2a:14:
fd:d9:31:40:ef:b8:bd:44:e7:60:02:db:ba:a7:06:
cd:bf:02:71:84:e2:81:f9:02:bc:e4:d5:2d:d2:41:
04:ee:eb:66:1a:db:d5:88:a3:be:d7:1d:55:51:c7:
3a:17:34:02:67:78:ec:43:fa:90:df:7e:f2:61:ca:
9c:70:7a:95:e7:6e:6a:d8:12:d4:55:fb:fe:97:ad:
e9:49:ea:aa:29:a0:bf:dd:42:1f:2a:8f:0e:4d:af:
fb:c4:3e:fd:e4:b4:70:d3:65:ca:27:f8:31:86:bf:
7c:b4:7c:d6:39:7d:6d:b3:65:d4:67:55:80:ae:f8:
76:40:4c:fb:f2:94:6a:a6:68:e0:37:a4:1a:11:ad:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D2:02:EE:60:8F:10:D5:F4:88:12:97:35:32:33:72:2D:E6:91:7E
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/RNIC7mCPENX0iBKXNTIzci3mkX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.120.0/21
109.248.16.0/20
188.130.228.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:9b:bb:c1:b1:56:2d:6c:ce:68:fa:5e:24:97:2c:91:9a:3a:
a5:55:a0:78:d6:2e:56:9a:ff:dd:af:f6:cf:8d:8e:1a:65:8a:
8e:3d:ee:51:5b:2d:c6:63:72:c3:fa:95:6f:4a:02:79:3f:87:
dc:0c:0c:48:b4:45:fb:11:c0:ca:8d:58:4d:34:5a:3b:10:93:
a9:1c:98:7d:65:54:f5:d3:03:80:6b:ae:64:3c:41:c4:b1:7f:
6a:51:c4:2f:ac:20:7e:75:c3:63:41:e2:f5:67:9b:f3:7a:e0:
f5:c5:6c:2e:e1:88:9b:84:62:1f:a6:f1:0b:d8:32:b0:16:3c:
b1:26:90:da:31:00:76:c3:cb:fb:33:b4:b5:9a:ef:86:0e:9d:
86:31:ad:a6:50:f7:d9:0b:c2:da:f4:5c:60:94:57:25:96:4f:
44:5a:1b:34:e7:6c:60:91:c6:63:b2:09:2f:eb:2d:1d:3e:84:
38:39:f4:c2:4c:a2:9a:56:39:cc:5d:96:1c:60:0c:58:d8:6d:
23:46:2b:12:67:9f:64:61:1a:61:f6:f3:a2:84:04:5d:f5:1d:
7c:9d:6e:44:d9:c3:8f:03:82:fb:a3:65:3e:a8:6a:a0:58:c4:
0c:7e:2a:72:5b:db:1e:00:96:5c:0c:28:42:34:1c:b4:99:34:
2f:5f:15:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbaFBGkMy+ugJH/yYvlXSHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjUwNTE2MTcxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQyMDJlZTYwOGYxMGQ1ZjQ4ODEyOTczNTMyMzM3MjJkZTY5MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotasLmzVUnCPKp9i5pxPUUPvIFVU
GsjXtK4DfLEd2fzmlzHJNvVdDsfhwRgb7MYDYuVxjZLAHGxP/J9xk6SBkABPLSiI
hvRuKV3e2JcoXSUW0WgpAW5Jvx0uHRuxtbrPLRNr/iScCU3baB8U4sE5e7r5fdvu
KhT92TFA77i9ROdgAtu6pwbNvwJxhOKB+QK85NUt0kEE7utmGtvViKO+1x1VUcc6
FzQCZ3jsQ/qQ337yYcqccHqV525q2BLUVfv+l63pSeqqKaC/3UIfKo8OTa/7xD79
5LRw02XKJ/gxhr98tHzWOX1ts2XUZ1WArvh2QEz78pRqpmjgN6QaEa2h1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFETSAu5gjxDV9IgSlzUyM3It5pF+MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvUk5JQzdtQ1BFTlgwaUJLWE5USXpjaTNta1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLgh4AwQE
bfgQAwQCvILkMA0GCSqGSIb3DQEBCwUAA4IBAQB9m7vBsVYtbM5o+l4klyyRmjql
VaB41i5Wmv/dr/bPjY4aZYqOPe5RWy3GY3LD+pVvSgJ5P4fcDAxItEX7EcDKjVhN
NFo7EJOpHJh9ZVT10wOAa65kPEHEsX9qUcQvrCB+dcNjQeL1Z5vzeuD1xWwu4Yib
hGIfpvEL2DKwFjyxJpDaMQB2w8v7M7S1mu+GDp2GMa2mUPfZC8La9FxglFcllk9E
Whs052xgkcZjsgkv6y0dPoQ4OfTCTKKaVjnMXZYcYAxY2G0jRisSZ59kYRph9vOi
hARd9R18nW5E2cOPA4L7o2U+qGqgWMQMfipyW9seAJZcDChCNBy0mTQvXxWz
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:17:37 2025 by rpki-client