Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Ec-3R5lSbUg4nkiWhBSyhOomcnQ.roa
File: Ec-3R5lSbUg4nkiWhBSyhOomcnQ.roa (raw, json)
Hash identifier: 62Xy6RK/IfEoVB5QCyI3LUCOJ3jLbPB31KKuSd8Y3RM=
Subject key identifier: 11:CF:B7:47:99:52:6D:48:38:9E:48:96:84:14:B2:84:EA:26:72:74
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 019424454269D6C479E0FBB82AD3DB32EAE4
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Ec-3R5lSbUg4nkiWhBSyhOomcnQ.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.42.0/23 maxlen: 23
46.34.47.0/24 maxlen: 24
46.34.49.0/24 maxlen: 24
46.34.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:42:69:d6:c4:79:e0:fb:b8:2a:d3:db:32:ea:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11cfb74799526d48389e48968414b284ea267274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:84:b0:d1:00:40:dd:69:6f:8f:b5:26:91:
38:ee:da:70:30:32:10:41:e4:b1:92:8f:ec:d8:92:
81:8f:d9:b9:dc:a1:e1:2c:a0:a0:eb:20:a8:0c:28:
97:f1:42:1c:58:d0:16:ff:ab:d6:7a:47:4f:a1:11:
9d:11:8c:7b:60:4a:5c:8e:89:39:d6:b1:18:7e:a4:
c5:2d:bc:b6:9a:6e:a3:87:33:77:fe:5d:0f:e3:77:
81:84:ab:e5:a8:98:f9:15:76:f7:ef:74:5c:55:09:
67:8c:ca:32:5a:7b:ea:a8:09:73:97:51:d2:3c:eb:
da:88:22:60:6e:54:d5:bb:59:47:22:cb:33:8d:f0:
d9:92:a6:58:58:72:ac:ee:71:72:46:36:84:50:e8:
f0:76:02:4b:10:40:88:11:55:31:97:9d:a4:ce:04:
9e:7c:af:1e:55:95:cf:22:5f:59:cd:04:5e:d6:29:
74:1d:43:4e:e9:90:80:c0:39:48:f8:4f:36:3a:4b:
3a:35:9e:fc:13:c0:70:be:fd:08:4b:c0:de:79:ca:
90:d8:4a:71:a4:c5:e2:94:54:db:32:36:f3:e2:44:
95:84:f7:e6:89:34:84:9e:07:60:a4:15:d9:12:d1:
d6:6d:c8:7b:bf:64:dc:98:0f:dd:03:02:16:32:ec:
27:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CF:B7:47:99:52:6D:48:38:9E:48:96:84:14:B2:84:EA:26:72:74
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Ec-3R5lSbUg4nkiWhBSyhOomcnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.38.0/24
46.34.42.0/23
46.34.47.0/24
46.34.49.0/24
46.34.55.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e1:c7:e7:3c:e4:d5:71:ac:d6:1c:47:34:e7:2a:77:03:af:
59:38:8a:fc:fc:c4:bd:ad:3b:b0:4e:eb:2f:69:2a:1e:e3:66:
9b:aa:68:ae:dc:a5:e3:6c:64:ca:eb:0e:4d:e0:77:5c:fd:b1:
58:d4:99:a7:a8:62:52:64:50:aa:c4:3c:32:75:e6:8a:0c:91:
0f:67:0a:e0:65:c1:f5:66:2e:86:32:79:a7:45:4c:17:da:8b:
9e:5d:89:d5:69:07:6c:93:10:44:bd:f7:80:58:65:51:a1:eb:
3e:5c:33:87:bc:8a:47:ac:62:ca:17:8c:e3:31:80:93:8f:92:
5a:63:bd:b5:0f:8e:14:ab:f5:af:b1:88:5f:58:fa:fb:d8:02:
39:61:82:03:97:4e:e5:c3:dc:46:f9:56:cb:02:ae:78:86:2e:
6f:02:0f:8a:aa:b9:39:58:78:24:15:0f:57:8c:d6:ca:45:6b:
b0:83:87:24:8a:2b:0d:b3:f4:66:87:4c:0c:8a:71:7f:ae:b1:
b7:ac:6c:ff:44:69:36:93:33:c9:59:f9:fa:5d:15:b9:d3:05:
ba:dd:8c:5f:cc:8a:13:c6:69:3f:b1:af:a0:6d:a8:85:41:8e:
d7:59:92:42:65:eb:b4:c0:28:2f:82:c4:29:8b:1d:c8:10:22:
8c:35:24:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRUJp1sR54Pu4KtPbMurkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNmYjc0Nzk5NTI2ZDQ4Mzg5ZTQ4OTY4NDE0YjI4NGVhMjY3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwyEsNEAQN1pb4+1JpE47tpwMDIQ
QeSxko/s2JKBj9m53KHhLKCg6yCoDCiX8UIcWNAW/6vWekdPoRGdEYx7YEpcjok5
1rEYfqTFLby2mm6jhzN3/l0P43eBhKvlqJj5FXb373RcVQlnjMoyWnvqqAlzl1HS
POvaiCJgblTVu1lHIsszjfDZkqZYWHKs7nFyRjaEUOjwdgJLEECIEVUxl52kzgSe
fK8eVZXPIl9ZzQRe1il0HUNO6ZCAwDlI+E82Oks6NZ78E8Bwvv0IS8DeecqQ2Epx
pMXilFTbMjbz4kSVhPfmiTSEngdgpBXZEtHWbch7v2TcmA/dAwIWMuwngQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBHPt0eZUm1IOJ5IloQUsoTqJnJ0MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvRWMtM1I1bFNiVWc0bmtpV2hCU3loT29tY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiImAwQB
LiIqAwQALiIvAwQALiIxAwQALiI3MA0GCSqGSIb3DQEBCwUAA4IBAQAC4cfnPOTV
cazWHEc05yp3A69ZOIr8/MS9rTuwTusvaSoe42abqmiu3KXjbGTK6w5N4Hdc/bFY
1JmnqGJSZFCqxDwydeaKDJEPZwrgZcH1Zi6GMnmnRUwX2oueXYnVaQdskxBEvfeA
WGVRoes+XDOHvIpHrGLKF4zjMYCTj5JaY721D44Uq/WvsYhfWPr72AI5YYIDl07l
w9xG+VbLAq54hi5vAg+Kqrk5WHgkFQ9XjNbKRWuwg4ckiisNs/Rmh0wMinF/rrG3
rGz/RGk2kzPJWfn6XRW50wW63YxfzIoTxmk/sa+gbaiFQY7XWZJCZeu0wCgvgsQp
ix3IECKMNSRc
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:34:58 2025 by rpki-client