Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/KH0zl9xVnMF_15rIoZ2wT-co_AI.roa
File: KH0zl9xVnMF_15rIoZ2wT-co_AI.roa (raw, json)
Hash identifier: DoRE8smcciehWgwMQwu6I7Myolux2OWQiEW7g5i3MyM=
Subject key identifier: 28:7D:33:97:DC:55:9C:C1:7F:D7:9A:C8:A1:9D:B0:4F:E7:28:FC:02
Certificate issuer: /CN=e822d845e153992a78e8f44523264d2614b17b9d
Certificate serial: 0195FF82624D8257AC02A5C18681AF15E589
Authority key identifier: E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/KH0zl9xVnMF_15rIoZ2wT-co_AI.roa
Signing time: Fri 04 Apr 2025 06:34:49 +0000
ROA not before: Fri 04 Apr 2025 06:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12693
IP address blocks: 46.167.32.0/21 maxlen: 21
46.167.32.0/24 maxlen: 24
185.101.52.0/22 maxlen: 22
185.101.52.0/23 maxlen: 23
185.101.54.0/24 maxlen: 24
185.101.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.mft
rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:82:62:4d:82:57:ac:02:a5:c1:86:81:af:15:e5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e822d845e153992a78e8f44523264d2614b17b9d
Validity
Not Before: Apr 4 06:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=287d3397dc559cc17fd79ac8a19db04fe728fc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:ef:62:44:88:91:76:86:99:d8:4d:3d:62:
7c:95:04:b9:21:d2:eb:d7:5c:9a:d0:ba:35:5e:7e:
d1:5d:71:eb:37:5b:09:da:a1:51:18:87:d7:d3:60:
53:0c:ab:fb:26:48:78:b0:c7:12:cd:33:e3:b6:e3:
8f:25:e3:44:80:2a:b9:e5:28:96:f6:ad:8b:0b:29:
fd:12:65:25:d1:e0:0f:e7:57:2e:85:e1:0d:3c:71:
b4:ba:92:c7:cc:ca:6b:e8:6e:3c:9b:92:7e:34:f2:
11:b5:37:53:08:96:f4:0f:0c:8a:06:27:75:b6:9d:
cf:98:6a:8a:e2:11:58:79:6d:bd:96:8d:e5:25:10:
7c:13:b5:d8:b6:43:59:c4:c3:1e:cb:2f:24:4d:d2:
b0:83:1f:73:de:ca:2e:fb:2a:10:b0:31:b7:c5:65:
1f:fb:59:e3:30:7c:69:86:2e:0b:8e:41:57:ed:44:
e0:4c:6c:06:f1:88:a3:c6:f4:7d:03:98:0e:57:fd:
a8:1c:0f:91:95:58:0f:46:81:6b:f5:3a:6a:cc:88:
f4:21:c7:6c:c6:d2:28:ee:cc:80:32:93:f1:23:af:
89:3a:0b:6e:43:39:2d:20:ef:85:80:41:8c:80:b8:
8b:d7:f9:d7:d3:00:60:b4:f5:4d:24:45:ef:a5:97:
54:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7D:33:97:DC:55:9C:C1:7F:D7:9A:C8:A1:9D:B0:4F:E7:28:FC:02
X509v3 Authority Key Identifier:
keyid:E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/KH0zl9xVnMF_15rIoZ2wT-co_AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.32.0/21
185.101.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:ce:6e:76:02:63:d0:00:37:8f:58:ea:e1:f9:d0:94:83:14:
f4:75:e0:ac:c7:a7:df:0b:ca:e5:93:96:00:c8:02:6b:10:00:
62:8d:12:5f:5b:6e:d5:a0:a1:79:16:ca:e0:20:0f:72:e1:0d:
8e:42:28:99:52:71:ad:52:4e:dd:04:3e:9e:95:1d:c7:fc:e0:
e1:cb:eb:4c:a6:ca:18:d7:d9:1b:b6:4d:d2:51:9e:1b:c0:ec:
25:aa:80:60:c2:ef:44:48:80:5d:4b:e7:92:06:97:c9:da:2b:
00:a7:e8:b8:4f:28:55:ff:80:6e:ac:da:dc:5b:ac:13:fe:7c:
6b:a3:50:a7:ed:7d:35:6f:8e:c0:6d:f4:d5:ee:8c:98:82:f4:
d8:42:71:29:68:6b:04:70:29:67:fd:de:28:bf:c9:17:c0:a0:
95:96:27:13:39:8b:23:1b:4e:94:57:33:b0:01:ef:b7:83:94:
29:1f:50:7e:75:7a:c7:45:5f:75:f7:ee:3f:57:1a:a6:9f:1d:
35:16:6e:af:7f:b9:e5:18:0d:63:ed:a0:26:37:99:d7:1c:1a:
87:e7:68:3d:97:ab:83:6b:28:cd:3b:39:b6:48:cc:d5:64:0a:
32:31:65:c8:9f:ef:c8:0b:fe:37:4b:2c:eb:29:21:dc:1d:02:
63:c6:f7:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX/gmJNglesAqXBhoGvFeWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjJkODQ1ZTE1Mzk5MmE3OGU4ZjQ0NTIzMjY0ZDI2MTRi
MTdiOWQwHhcNMjUwNDA0MDYzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODdkMzM5N2RjNTU5Y2MxN2ZkNzlhYzhhMTlkYjA0ZmU3MjhmYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU7vYkSIkXaGmdhNPWJ8lQS5IdLr
11ya0Lo1Xn7RXXHrN1sJ2qFRGIfX02BTDKv7Jkh4sMcSzTPjtuOPJeNEgCq55SiW
9q2LCyn9EmUl0eAP51cuheENPHG0upLHzMpr6G48m5J+NPIRtTdTCJb0DwyKBid1
tp3PmGqK4hFYeW29lo3lJRB8E7XYtkNZxMMeyy8kTdKwgx9z3sou+yoQsDG3xWUf
+1njMHxphi4LjkFX7UTgTGwG8YijxvR9A5gOV/2oHA+RlVgPRoFr9TpqzIj0Icds
xtIo7syAMpPxI6+JOgtuQzktIO+FgEGMgLiL1/nX0wBgtPVNJEXvpZdUEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCh9M5fcVZzBf9eayKGdsE/nKPwCMB8GA1UdIwQY
MBaAFOgi2EXhU5kqeOj0RSMmTSYUsXudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDIt
MWQ0MjQ2ZDdmMTU1LzEvS0gwemw5eFZuTUZfMTVySW9aMndULWNvX0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDItMWQ0MjQ2ZDdmMTU1
LzEvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLqcgAwQC
uWU0MA0GCSqGSIb3DQEBCwUAA4IBAQAszm52AmPQADePWOrh+dCUgxT0deCsx6ff
C8rlk5YAyAJrEABijRJfW27VoKF5FsrgIA9y4Q2OQiiZUnGtUk7dBD6elR3H/ODh
y+tMpsoY19kbtk3SUZ4bwOwlqoBgwu9ESIBdS+eSBpfJ2isAp+i4TyhV/4BurNrc
W6wT/nxro1Cn7X01b47AbfTV7oyYgvTYQnEpaGsEcCln/d4ov8kXwKCVlicTOYsj
G06UVzOwAe+3g5QpH1B+dXrHRV919+4/Vxqmnx01Fm6vf7nlGA1j7aAmN5nXHBqH
52g9l6uDayjNOzm2SMzVZAoyMWXIn+/IC/43SyzrKSHcHQJjxvej
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:56:32 2025 by rpki-client