Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/1RkFk6kOyZCZ0G93_QFK7wOQ0jE.roa
File: 1RkFk6kOyZCZ0G93_QFK7wOQ0jE.roa (raw, json)
Hash identifier: dMUuv6OdwNCSIK7eZl1fAYrgrlFJZc1L1gPUfpLpqmg=
Subject key identifier: D5:19:05:93:A9:0E:C9:90:99:D0:6F:77:FD:01:4A:EF:03:90:D2:31
Certificate issuer: /CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Certificate serial: 019422FC2BFBAB1A598FDE3410B9C41A7970
Authority key identifier: 8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/1RkFk6kOyZCZ0G93_QFK7wOQ0jE.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 46.29.240.0/24 maxlen: 24
46.29.241.0/24 maxlen: 24
46.29.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2b:fb:ab:1a:59:8f:de:34:10:b9:c4:1a:79:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5190593a90ec99099d06f77fd014aef0390d231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:48:5c:e7:77:fb:29:25:0d:02:9c:b4:30:5e:
41:d3:6c:60:31:48:38:03:a0:0b:55:3c:25:36:9f:
72:3a:d2:9f:20:05:c9:3b:86:6c:27:74:d9:61:ed:
55:12:4d:23:cc:97:06:ce:24:6b:43:ea:7c:cf:69:
2a:b7:56:da:e1:18:a1:48:b1:3b:3d:7e:d1:67:62:
3c:8d:69:e3:87:62:1a:a7:1e:7e:6a:87:48:2f:9c:
c7:60:e6:1c:44:38:57:ec:84:df:3a:03:0c:e9:ba:
19:c4:48:29:19:d9:51:60:67:33:c1:43:f0:95:bc:
a5:de:29:9a:34:1c:43:0d:d3:2e:96:fb:45:98:4c:
36:73:ad:8e:f9:03:89:e6:35:a2:a7:f4:82:40:d9:
8f:48:9c:f7:9a:31:0a:b6:1a:b7:00:fd:e1:78:b0:
a7:82:7a:32:bd:26:14:86:3e:42:ff:00:eb:78:ee:
bb:24:a4:4a:21:6f:bd:f1:3a:a4:11:39:52:b8:67:
ed:de:e3:89:48:02:d0:30:b1:3e:21:ba:e2:55:1e:
17:7a:20:42:b6:35:2c:7b:63:bd:b6:6e:e0:ab:57:
c9:7f:fd:61:60:da:9e:7a:6a:cd:a0:c0:e3:0c:38:
83:be:c8:08:40:36:52:8f:96:89:e5:7c:9a:9a:f8:
a0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:19:05:93:A9:0E:C9:90:99:D0:6F:77:FD:01:4A:EF:03:90:D2:31
X509v3 Authority Key Identifier:
keyid:8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/1RkFk6kOyZCZ0G93_QFK7wOQ0jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.240.0/23
46.29.247.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:02:89:b3:a0:e1:04:02:b7:da:17:e2:a2:cb:3c:a7:03:ef:
c0:44:14:08:f9:36:fc:a5:cb:6a:8f:d4:b9:a1:08:9b:76:0a:
73:fd:ec:f6:d5:96:29:52:d2:34:74:a6:90:76:5b:4b:c0:73:
4f:15:32:87:10:49:96:e3:f4:d6:4d:36:b8:d9:a7:0e:e7:3b:
93:96:21:9b:1e:5f:89:7a:27:ea:f0:fc:20:9f:e1:bb:ca:02:
87:a3:e4:3d:4c:a6:1e:4f:ca:8c:49:68:97:7f:53:5d:d2:72:
fa:6c:87:33:e9:44:16:8a:ba:a2:07:5a:8a:3b:86:36:1a:77:
34:04:d3:18:a9:13:04:86:de:bb:5a:b1:2d:94:d7:97:a5:7a:
5a:ba:e4:42:b4:ca:1c:b9:46:d1:12:40:9c:b4:e3:d3:9d:0a:
70:20:c7:d3:dd:16:7a:d8:f4:f7:47:5b:18:93:1f:eb:cd:47:
b1:eb:12:05:0d:05:af:c2:e7:89:26:fe:23:5b:64:17:e8:d9:
22:1d:51:f1:69:21:5f:68:61:80:bf:71:9f:c5:d3:75:cb:c2:
06:27:14:46:0f:fc:46:4d:33:b6:11:01:e8:a2:24:46:70:88:
23:3c:f6:64:29:5c:24:ca:a6:68:41:ae:3f:c0:bb:70:89:29:
b7:e3:75:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/Cv7qxpZj940ELnEGnlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYThhNGQ0MmEwMTk2ZGY3Y2MwZTE0ZjU5N2NmNTY2MGQ2
M2MwOWYwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTE5MDU5M2E5MGVjOTkwOTlkMDZmNzdmZDAxNGFlZjAzOTBkMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEhc53f7KSUNApy0MF5B02xgMUg4
A6ALVTwlNp9yOtKfIAXJO4ZsJ3TZYe1VEk0jzJcGziRrQ+p8z2kqt1ba4RihSLE7
PX7RZ2I8jWnjh2Iapx5+aodIL5zHYOYcRDhX7ITfOgMM6boZxEgpGdlRYGczwUPw
lbyl3imaNBxDDdMulvtFmEw2c62O+QOJ5jWip/SCQNmPSJz3mjEKthq3AP3heLCn
gnoyvSYUhj5C/wDreO67JKRKIW+98TqkETlSuGft3uOJSALQMLE+IbriVR4XeiBC
tjUse2O9tm7gq1fJf/1hYNqeemrNoMDjDDiDvsgIQDZSj5aJ5XyamvigoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNUZBZOpDsmQmdBvd/0BSu8DkNIxMB8GA1UdIwQY
MBaAFIyopNQqAZbffMDhT1l89WYNY8CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMt
MTAwNGMxZTUwZGZlLzEvMVJrRms2a095WkNaMEc5M19RRks3d09RMGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMtMTAwNGMxZTUwZGZl
LzEvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLh3wAwQA
Lh33MA0GCSqGSIb3DQEBCwUAA4IBAQDMAomzoOEEArfaF+KiyzynA+/ARBQI+Tb8
pctqj9S5oQibdgpz/ez21ZYpUtI0dKaQdltLwHNPFTKHEEmW4/TWTTa42acO5zuT
liGbHl+Jeifq8Pwgn+G7ygKHo+Q9TKYeT8qMSWiXf1Nd0nL6bIcz6UQWirqiB1qK
O4Y2Gnc0BNMYqRMEht67WrEtlNeXpXpauuRCtMocuUbREkCctOPTnQpwIMfT3RZ6
2PT3R1sYkx/rzUex6xIFDQWvwueJJv4jW2QX6NkiHVHxaSFfaGGAv3GfxdN1y8IG
JxRGD/xGTTO2EQHooiRGcIgjPPZkKVwkyqZoQa4/wLtwiSm343XO
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:28:54 2025 by rpki-client