Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/AGpWRsY_xlGvwtNQWAnABWymQ8A.roa
File: AGpWRsY_xlGvwtNQWAnABWymQ8A.roa (raw, json)
Hash identifier: pZbxN4jH7CXcAGUCPIracQWWJ5Fx7UpJPwtV6JB2GN4=
Subject key identifier: 00:6A:56:46:C6:3F:C6:51:AF:C2:D3:50:58:09:C0:05:6C:A6:43:C0
Certificate issuer: /CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Certificate serial: 01942748681D4D56EB3950EDD7016BC141B4
Authority key identifier: 0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/AGpWRsY_xlGvwtNQWAnABWymQ8A.roa
Signing time: Thu 02 Jan 2025 13:50:44 +0000
ROA not before: Thu 02 Jan 2025 13:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51582
IP address blocks: 46.55.128.0/18 maxlen: 24
46.55.192.0/20 maxlen: 24
46.55.216.0/21 maxlen: 24
46.55.224.0/20 maxlen: 24
46.55.241.0/24 maxlen: 24
46.55.242.0/23 maxlen: 24
46.55.244.0/22 maxlen: 24
46.55.248.0/22 maxlen: 24
185.89.124.0/22 maxlen: 24
185.240.144.0/22 maxlen: 24
2a03:8340::/32 maxlen: 48
2a03:8340:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:68:1d:4d:56:eb:39:50:ed:d7:01:6b:c1:41:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Validity
Not Before: Jan 2 13:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=006a5646c63fc651afc2d3505809c0056ca643c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:ed:ec:2e:dc:66:30:5e:98:2a:99:c7:1a:
7b:c5:22:af:f0:75:46:05:14:13:f0:91:15:32:ac:
f1:80:7f:f8:06:ac:e0:80:05:80:58:1b:e4:55:a7:
0b:43:00:7b:5f:b5:a4:f2:a6:54:bd:bb:9e:c2:e0:
c7:60:29:59:59:15:90:a3:3c:b0:b3:8f:4f:12:2f:
bd:b9:ad:54:dc:97:46:39:a9:ac:d6:f4:65:99:2a:
d1:da:89:b8:b1:c5:67:b2:4d:25:5f:0b:24:ad:3c:
12:52:f8:55:3c:22:b1:48:4e:65:e5:5f:cd:31:e4:
26:01:47:e7:26:26:1c:f8:83:bf:f9:be:7b:b8:93:
43:67:69:81:22:c8:e5:91:e8:38:c0:a7:42:2a:46:
c5:ba:8b:e1:a8:ff:ef:7b:a8:7d:e8:94:7d:04:80:
33:60:92:81:e2:1d:71:45:23:d0:07:8f:3f:85:14:
70:d5:06:3d:04:b0:d5:21:b3:a2:1a:00:62:08:ca:
d2:80:39:dc:e2:f4:de:57:1a:79:f5:27:d2:23:35:
44:03:92:1a:9f:b6:c2:9c:eb:57:3b:66:96:0d:59:
1f:6f:5f:25:f5:1f:b2:37:02:da:2a:99:18:0d:80:
13:88:8e:89:4a:63:dd:23:9e:83:aa:cc:1e:6f:cd:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6A:56:46:C6:3F:C6:51:AF:C2:D3:50:58:09:C0:05:6C:A6:43:C0
X509v3 Authority Key Identifier:
keyid:0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/AGpWRsY_xlGvwtNQWAnABWymQ8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.128.0-46.55.207.255
46.55.216.0-46.55.239.255
46.55.241.0-46.55.251.255
185.89.124.0/22
185.240.144.0/22
IPv6:
2a03:8340::/32
Signature Algorithm: sha256WithRSAEncryption
a4:e5:b6:3b:60:4a:06:bf:05:dd:ee:bf:24:22:8d:28:86:69:
4e:83:e2:cc:1a:d5:7c:2c:d0:f8:36:8d:45:6e:3e:b5:5b:1d:
9d:44:aa:7e:3d:0c:54:bd:08:7e:80:ed:7d:bc:f4:04:32:61:
51:f1:5b:72:1c:aa:55:88:42:31:d9:a3:31:1a:2c:df:86:84:
e1:1f:3c:9c:f1:12:60:50:0e:01:06:f3:74:9d:5a:65:f7:36:
b6:8f:9c:c1:9d:2c:2a:2a:24:bd:1b:1a:d1:6d:3a:18:b5:e5:
11:8f:f7:52:02:25:cc:80:23:01:7a:13:71:a4:5a:ba:ed:8f:
1c:a1:a2:de:18:f0:56:c7:16:1e:11:0f:42:8e:00:c3:7f:5f:
9a:0b:11:f5:f9:94:77:15:6d:76:cd:62:5e:7c:90:2a:a7:0f:
6d:da:ae:53:91:e4:b9:35:19:dd:42:a2:7d:9b:5a:e5:f9:da:
02:b6:dd:99:3b:a4:22:1c:d7:da:fb:a7:36:cd:8c:1a:da:ab:
25:8d:12:c9:a2:59:fd:71:72:23:06:67:e7:b2:3c:6e:51:5f:
da:ac:a1:79:7c:d4:4f:7f:62:22:ee:5f:12:c7:cd:d5:a0:d5:
cb:f5:3b:88:f7:59:1c:66:5e:26:46:33:0d:bc:52:1d:5a:4c:
ee:45:3d:1f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQnSGgdTVbrOVDt1wFrwUG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjA4N2IwZjY3MTZkMjNjOGQyM2ViM2QwMzkyYjZiZjY0
MmFkNGIwHhcNMjUwMTAyMTM1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDZhNTY0NmM2M2ZjNjUxYWZjMmQzNTA1ODA5YzAwNTZjYTY0M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7g3t7C7cZjBemCqZxxp7xSKv8HVG
BRQT8JEVMqzxgH/4BqzggAWAWBvkVacLQwB7X7Wk8qZUvbuewuDHYClZWRWQozyw
s49PEi+9ua1U3JdGOams1vRlmSrR2om4scVnsk0lXwskrTwSUvhVPCKxSE5l5V/N
MeQmAUfnJiYc+IO/+b57uJNDZ2mBIsjlkeg4wKdCKkbFuovhqP/ve6h96JR9BIAz
YJKB4h1xRSPQB48/hRRw1QY9BLDVIbOiGgBiCMrSgDnc4vTeVxp59SfSIzVEA5Ia
n7bCnOtXO2aWDVkfb18l9R+yNwLaKpkYDYATiI6JSmPdI56Dqsweb82BKwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFABqVkbGP8ZRr8LTUFgJwAVspkPAMB8GA1UdIwQY
MBaAFA0gh7D2cW0jyNI+s9A5K2v2Qq1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQt
YTIwZDJkNzUxZWI1LzEvQUdwV1JzWV94bEd2d3ROUVdBbkFCV3ltUThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQtYTIwZDJkNzUxZWI1
LzEvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAcuN4AD
BAQuN8AwDAMEAy432AMEBC434DAMAwQALjfxAwQCLjf4AwQCuVl8AwQCufCQMA0E
AgACMAcDBQAqA4NAMA0GCSqGSIb3DQEBCwUAA4IBAQCk5bY7YEoGvwXd7r8kIo0o
hmlOg+LMGtV8LND4No1Fbj61Wx2dRKp+PQxUvQh+gO19vPQEMmFR8VtyHKpViEIx
2aMxGizfhoThHzyc8RJgUA4BBvN0nVpl9za2j5zBnSwqKiS9GxrRbToYteURj/dS
AiXMgCMBehNxpFq67Y8coaLeGPBWxxYeEQ9CjgDDf1+aCxH1+ZR3FW12zWJefJAq
pw9t2q5TkeS5NRndQqJ9m1rl+doCtt2ZO6QiHNfa+6c2zYwa2qsljRLJoln9cXIj
BmfnsjxuUV/arKF5fNRPf2Ii7l8Sx83VoNXL9TuI91kcZl4mRjMNvFIdWkzuRT0f
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:04 2025 by rpki-client