Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/HSzy_sdTpMM9eJp_2_sbD1IEYy0.roa
File: HSzy_sdTpMM9eJp_2_sbD1IEYy0.roa (raw, json)
Hash identifier: ieQeEh5XwIx3cGbKm9ddEXjqNduJq3qUmYGe9bdZpCY=
Subject key identifier: 1D:2C:F2:FE:C7:53:A4:C3:3D:78:9A:7F:DB:FB:1B:0F:52:04:63:2D
Certificate issuer: /CN=4a2c863762ce9d996d2abab6ede1929ccedcb632
Certificate serial: 01942369D2951B9DD3E477966D8F4F97EBF1
Authority key identifier: 4A:2C:86:37:62:CE:9D:99:6D:2A:BA:B6:ED:E1:92:9C:CE:DC:B6:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiyGN2LOnZltKrq27eGSnM7ctjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/HSzy_sdTpMM9eJp_2_sbD1IEYy0.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62459
IP address blocks: 46.243.60.0/24 maxlen: 24
46.243.61.0/24 maxlen: 24
185.35.36.0/22 maxlen: 22
185.35.36.0/24 maxlen: 24
185.35.37.0/24 maxlen: 24
185.35.38.0/24 maxlen: 24
185.35.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/SiyGN2LOnZltKrq27eGSnM7ctjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/SiyGN2LOnZltKrq27eGSnM7ctjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SiyGN2LOnZltKrq27eGSnM7ctjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d2:95:1b:9d:d3:e4:77:96:6d:8f:4f:97:eb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a2c863762ce9d996d2abab6ede1929ccedcb632
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d2cf2fec753a4c33d789a7fdbfb1b0f5204632d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:3c:75:ac:ff:38:da:06:ce:f8:aa:cd:d3:
bb:72:90:8a:b1:43:c4:0a:a2:2d:cc:b7:b9:9a:2b:
3a:1a:62:d5:be:90:5a:83:29:bb:53:ce:92:79:5a:
bf:01:e1:30:21:00:66:b4:f2:88:ea:5f:8d:32:c8:
04:ad:83:e3:cd:4c:e9:c3:b6:57:a3:af:8b:76:6f:
c6:e6:42:d5:a2:2f:8f:4f:83:6c:3c:b6:57:de:53:
63:bb:b7:31:d4:79:39:dd:70:68:3d:44:fa:38:bb:
e5:15:68:1b:b7:2a:7d:a9:cf:4a:76:cf:66:ed:6b:
a7:19:dc:6d:dc:ce:be:bd:72:00:47:ad:5b:63:14:
1e:16:18:84:2c:94:50:cd:2a:3e:ba:63:9c:9a:1f:
0e:46:8d:05:04:45:18:97:41:73:f0:5f:77:c6:ed:
2f:72:b0:8a:21:d5:fe:b8:4e:48:fd:3f:c6:4e:12:
cf:f1:19:3d:8b:ff:69:8a:4c:f0:3f:e5:86:72:73:
e8:1e:23:7e:02:c9:7d:e6:53:56:d9:f9:a5:2b:9d:
1b:04:6a:5a:e3:27:7c:57:08:34:b7:a2:d8:cc:2a:
37:5e:f1:a1:45:5b:6e:8b:62:ea:a3:2e:90:c3:3a:
a1:d9:50:95:ef:36:cc:70:65:d1:a9:23:92:37:c0:
4e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:F2:FE:C7:53:A4:C3:3D:78:9A:7F:DB:FB:1B:0F:52:04:63:2D
X509v3 Authority Key Identifier:
keyid:4A:2C:86:37:62:CE:9D:99:6D:2A:BA:B6:ED:E1:92:9C:CE:DC:B6:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiyGN2LOnZltKrq27eGSnM7ctjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/HSzy_sdTpMM9eJp_2_sbD1IEYy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a8e3c-cc02-4255-9892-c47184fdac39/1/SiyGN2LOnZltKrq27eGSnM7ctjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.60.0/23
185.35.36.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f2:57:06:93:0c:13:e6:33:af:66:8d:5d:e2:be:d4:b6:ff:
20:68:ab:ff:f4:37:f6:3e:5c:c0:4c:03:41:e7:18:50:41:98:
f4:f7:fd:04:51:40:28:93:ae:bf:7a:65:2d:82:18:bc:49:6f:
56:1e:08:a5:1e:bb:1e:43:c0:74:6a:27:eb:6c:c6:29:7f:60:
86:06:6e:c7:57:ef:7c:9d:48:3f:75:9a:99:98:a6:93:a1:4e:
b7:64:ed:19:4b:6d:31:90:b1:a1:91:9f:c6:78:d6:56:e6:43:
6e:9b:c9:8a:f9:a9:3b:f7:72:1e:9f:e6:42:d1:19:ab:a6:22:
92:90:e4:fd:e7:61:a1:6e:a5:37:83:7a:91:49:68:e8:b8:91:
6d:38:14:08:e8:6b:4d:d8:b0:d7:34:57:04:ea:73:2c:3e:26:
cf:d8:f6:da:e9:76:d4:a1:d5:7c:17:b2:bb:8e:8f:c5:a8:47:
7b:32:5a:35:01:38:53:b2:31:5a:62:c6:39:da:ea:05:ec:4d:
90:18:41:b9:fb:c3:44:4f:06:3c:f8:5b:b1:7a:9d:18:92:2c:
89:b3:7e:b7:6b:d2:02:bd:f2:2d:13:67:df:85:08:67:5d:a0:
14:51:20:02:29:e3:f0:a7:7e:7b:62:17:40:4a:35:22:6c:c2:
7a:e7:87:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjadKVG53T5HeWbY9Pl+vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMmM4NjM3NjJjZTlkOTk2ZDJhYmFiNmVkZTE5MjljY2Vk
Y2I2MzIwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjZjJmZWM3NTNhNGMzM2Q3ODlhN2ZkYmZiMWIwZjUyMDQ2MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR48daz/ONoGzviqzdO7cpCKsUPE
CqItzLe5mis6GmLVvpBagym7U86SeVq/AeEwIQBmtPKI6l+NMsgErYPjzUzpw7ZX
o6+Ldm/G5kLVoi+PT4NsPLZX3lNju7cx1Hk53XBoPUT6OLvlFWgbtyp9qc9Kds9m
7WunGdxt3M6+vXIAR61bYxQeFhiELJRQzSo+umOcmh8ORo0FBEUYl0Fz8F93xu0v
crCKIdX+uE5I/T/GThLP8Rk9i/9pikzwP+WGcnPoHiN+Asl95lNW2fmlK50bBGpa
4yd8Vwg0t6LYzCo3XvGhRVtui2Lqoy6Qwzqh2VCV7zbMcGXRqSOSN8BOUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0s8v7HU6TDPXiaf9v7Gw9SBGMtMB8GA1UdIwQY
MBaAFEoshjdizp2ZbSq6tu3hkpzO3LYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2l5R04yTE9uWmx0S3JxMjdlR1NuTTdjdGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83YThlM2MtY2MwMi00MjU1LTk4OTIt
YzQ3MTg0ZmRhYzM5LzEvSFN6eV9zZFRwTU05ZUpwXzJfc2JEMUlFWXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83YThlM2MtY2MwMi00MjU1LTk4OTItYzQ3MTg0ZmRhYzM5
LzEvU2l5R04yTE9uWmx0S3JxMjdlR1NuTTdjdGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLvM8AwQC
uSMkMA0GCSqGSIb3DQEBCwUAA4IBAQCC8lcGkwwT5jOvZo1d4r7Utv8gaKv/9Df2
PlzATANB5xhQQZj09/0EUUAok66/emUtghi8SW9WHgilHrseQ8B0aifrbMYpf2CG
Bm7HV+98nUg/dZqZmKaToU63ZO0ZS20xkLGhkZ/GeNZW5kNum8mK+ak793Ien+ZC
0RmrpiKSkOT952GhbqU3g3qRSWjouJFtOBQI6GtN2LDXNFcE6nMsPibP2Pba6XbU
odV8F7K7jo/FqEd7Mlo1AThTsjFaYsY52uoF7E2QGEG5+8NETwY8+Fuxep0YkiyJ
s363a9ICvfItE2ffhQhnXaAUUSACKePwp357YhdASjUibMJ654cw
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:39:27 2025 by rpki-client